www.haibunda.com Open in urlscan Pro
2606:4700::6812:154 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.haibunda.com/
Submission Tags: falconsandbox
Submission: On November 27 via api (November 27th 2021, 11:36:06 pm UTC) from US — Scanned from DE

Summary HTTP 296 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 54 IPs in 6 countries across 32 domains to perform 296 HTTP transactions. The main IP is 2606:4700::6812:154, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.haibunda.com.
TLS certificate: Issued by Thawte RSA CA 2018 on July 6th 2021. Valid for: a year.

This is the only time www.haibunda.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700::68... 2606:4700::6812:154	13335 (CLOUDFLAR...) (CLOUDFLARENET)
39	103.49.221.172 103.49.221.172	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
12	203.190.242.172 203.190.242.172	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
21	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
16	2606:4700:10:... 2606:4700:10::ac43:2516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	203.190.242.102 203.190.242.102	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
3 8	13.226.145.101 13.226.145.101	16509 (AMAZON-02) (AMAZON-02)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.226.145.115 13.226.145.115	16509 (AMAZON-02) (AMAZON-02)
1	13.226.145.99 13.226.145.99	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	13.226.145.26 13.226.145.26	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f16:bc:... 2600:1f16:bc:1201:6b79:521a:2fc2:9364	16509 (AMAZON-02) (AMAZON-02)
1	13.226.145.122 13.226.145.122	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
5 6	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
9	203.190.242.244 203.190.242.244	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
2	2607:f8b0:401... 2607:f8b0:4012:81b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.13.157 142.250.13.157	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:1d::6	15169 (GOOGLE) (GOOGLE)
1	203.190.245.173 203.190.245.173	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
1	13.226.145.106 13.226.145.106	16509 (AMAZON-02) (AMAZON-02)
1	13.226.145.7 13.226.145.7	16509 (AMAZON-02) (AMAZON-02)
10	103.49.221.102 103.49.221.102	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
1	52.49.172.98 52.49.172.98	16509 (AMAZON-02) (AMAZON-02)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
296	54

16 2606:4700::6812:154 (United States)

ASN13335 (CLOUDFLARENET, US)

www.haibunda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 103.49.221.172 (South Tangerang, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s221-cast-172-221-49-103.detik.com

cdn.haibunda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnstatic.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 203.190.242.172 (Jakarta, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s2-172-242.190.203.detik.com

cdn.detik.net.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:10::ac43:2516 (United States)

ASN13335 (CLOUDFLARENET, US)

static.vidy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.vidy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 203.190.242.102 (Jakarta, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s2-102-242.190.203.detik.com

akcdn.detik.net.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.226.145.101 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-101.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.145.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-115.dus51.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.145.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-99.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8119dd83f071041d61f685eb3b5eaea0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.145.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-26.dus51.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f16:bc:1201:6b79:521a:2fc2:9364 (Columbus, United States)

ASN16509 (AMAZON-02, US)

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.145.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-122.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.226 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.241 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 203.190.242.244 (Jakarta, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s2-244-242.190.203.detik.com

newrevive.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4012:81b::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.13.157 (United States)

ASN15169 (GOOGLE, US)
PTR: we-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:1d::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5lznle.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.190.245.173 (Jakarta, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s5-173-245.190.203.detik.com

connect.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.145.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-106.dus51.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.145.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-7.dus51.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 103.49.221.102 (South Tangerang, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s221-cast-102-221-49-103.detik.com

images.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.172.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-172-98.eu-west-1.compute.amazonaws.com

global.cloud.netacuity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.132 (Offenbach, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	haibunda.com www.haibunda.com cdn.haibunda.com	1 MB
45	googlesyndication.com 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com pagead2.googlesyndication.com 8119dd83f071041d61f685eb3b5eaea0.safeframe.googlesyndication.com tpc.googlesyndication.com	278 KB
39	detik.net.id cdn.detik.net.id akcdn.detik.net.id	2 MB
32	doubleclick.net 5 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net bid.g.doubleclick.net	418 KB
22	detik.com cdnstatic.detik.com kayumanis.detik.com Failed newrevive.detik.com connect.detik.com images.detik.com	425 KB
20	google.com fundingchoicesmessages.google.com adservice.google.com www.google.com	67 KB
16	vidy.com static.vidy.com api.vidy.com	337 KB
12	2mdn.net 1 redirects s0.2mdn.net gcdn.2mdn.net r1---sn-4g5lznle.c.2mdn.net	2 MB
8	scorecardresearch.com 3 redirects sb.scorecardresearch.com	5 KB
6	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	148 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	google.de adservice.google.de www.google.de	2 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	googleapis.com ajax.googleapis.com fonts.googleapis.com imasdk.googleapis.com	158 KB
4	googletagservices.com www.googletagservices.com	146 KB
3	facebook.com www.facebook.com	636 B
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	63 KB
3	taboola.com cdn.taboola.com	147 KB
2	teads.tv sync.teads.tv	344 B
2	openx.net us-u.openx.net	420 B
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
2	facebook.net connect.facebook.net	114 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	googletagmanager.com www.googletagmanager.com	80 KB
1	o2online.de portal.o2online.de	609 B
1	netacuity.com global.cloud.netacuity.com	446 B
1	hotjar.io vc.hotjar.io	257 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	eyeota.net ps.eyeota.net	344 B
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	jsdelivr.net cdn.jsdelivr.net	11 KB
296	32

	Domain	Requested by
37	cdn.haibunda.com	www.haibunda.com cdn.haibunda.com
27	akcdn.detik.net.id	www.haibunda.com
23	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.haibunda.com 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com googleads.g.doubleclick.net s0.2mdn.net
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.haibunda.com 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com tpc.googlesyndication.com imasdk.googleapis.com s0.2mdn.net
17	securepubads.g.doubleclick.net	www.haibunda.com securepubads.g.doubleclick.net www.googletagservices.com 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
16	www.haibunda.com	www.haibunda.com cdn.haibunda.com static.cloudflareinsights.com
12	fundingchoicesmessages.google.com	www.haibunda.com
12	cdn.detik.net.id	www.haibunda.com
10	images.detik.com	www.haibunda.com
9	newrevive.detik.com	www.haibunda.com newrevive.detik.com
9	s0.2mdn.net	87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com www.haibunda.com s0.2mdn.net
8	api.vidy.com	static.vidy.com
8	sb.scorecardresearch.com	3 redirects www.haibunda.com
8	static.vidy.com	www.haibunda.com static.vidy.com
6	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	www.haibunda.com
4	www.googletagservices.com	securepubads.g.doubleclick.net 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
4	www.google.com	www.haibunda.com 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com tpc.googlesyndication.com
4	87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.de	securepubads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com static.vidy.com
3	googleads.g.doubleclick.net	87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com www.haibunda.com
3	www.facebook.com	www.haibunda.com
3	cdn.taboola.com	www.haibunda.com cdn.taboola.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	r1---sn-4g5lznle.c.2mdn.net	www.haibunda.com
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
2	connect.facebook.net	www.haibunda.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	sync.search.spotxchange.com	1 redirects www.haibunda.com
2	www.googletagmanager.com	www.haibunda.com
2	cdnstatic.detik.com	www.haibunda.com
1	portal.o2online.de
1	global.cloud.netacuity.com	www.haibunda.com
1	vc.hotjar.io	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	connect.detik.com	cdn.detik.net.id
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	fonts.googleapis.com	87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
1	ajax.googleapis.com	securepubads.g.doubleclick.net
1	8119dd83f071041d61f685eb3b5eaea0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.de	www.haibunda.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.haibunda.com
1	certify.alexametrics.com	www.haibunda.com
1	static.hotjar.com	www.haibunda.com
1	certify-js.alexametrics.com	www.haibunda.com
1	ps.eyeota.net	cdnstatic.detik.com
1	static.cloudflareinsights.com	www.haibunda.com
1	cdn.jsdelivr.net	www.haibunda.com
1	www.gstatic.com	www.haibunda.com
0	kayumanis.detik.com Failed	cdn.detik.net.id
296	59

This site contains links to these domains. Also see Links.

Domain
connect.detik.com
www.facebook.com
twitter.com
www.instagram.com
newrevive.detik.com
www.detik.com
www.youtube.com
pasangmata.detik.com
adsmart.detik.com
forum.detik.com
event.detik.com
poin.detikshop.com
www.transsnowworld.com
www.transstudiobandung.com
www.cnnindonesia.com
www.cnbcindonesia.com
www.insertlive.com
www.beautynesia.id
www.femaledaily.com

Subject Issuer	Validity	Valid
*.haibunda.com Thawte RSA CA 2018	`2021-07-06` - `2022-07-29`	a year	crt.sh
*.detik.net.id Thawte RSA CA 2018	`2021-01-30` - `2022-02-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.detik.com Thawte RSA CA 2018	`2020-11-14` - `2021-12-14`	a year	crt.sh
vidy.com Cloudflare Inc ECC CA-3	`2021-06-20` - `2022-06-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.eyeota.net R3	`2021-10-26` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-06` - `2021-12-05`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-12` - `2022-11-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-11-09` - `2022-01-18`	2 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
*.cloud.netacuity.com Amazon	`2021-04-11` - `2022-05-10`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-02-19`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://www.haibunda.com/
Frame ID: D2BD808E9BC15D142F85261ADB796956
Requests: 192 HTTP requests in this frame

Frame: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A0A376062F90B1B2354691E4BFAAA3DE
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslK6n4E9XW8nPNfH6DGoz2Lr355Zgw25hHaYYfR--RZLEdzv6GRa5CyNpElYsLVmRGWWxmC50yPRKhPar6Neq-KzT0jxEy2d0pgR3z92XJlJpU5lqLsoan-ap2nwxnpe4SExTPzjqFHbyvULC9_dLDjtYUlF4KYTTgr5dpJRagn_m4pFJ4cCt80UvF6QC-oQqhD1kh4KyJJ6XKlzxVAbnCfFPqXRUtjAmz4KVopZnMmHI9CZ_rWeaQzYka0irPS0kpve6orliPI4u3BdRf6fugNsObVtQKyvgiq4QnD9aLJO58LRuM9WTH8SiLw7ObRu-ksDaFHxnBsoPwxjSU&sai=AMfl-YT_4Ba2ZnEqmS15d9wYS-QqvhfqL7rgH8-qIwraUha8NU5q1JveRnsYynhmKa3YfWw6baQ-44F2ivGRbXxGYob_KXLU7tZDPiRd3UtzYBu7TMaUSYAR7J9opM85Eu4&sig=Cg0ArKJSzMzUjKdUc7v9EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 01F674916BD14C4F5399CBF7ADC8FE6C
Requests: 12 HTTP requests in this frame

Frame: https://8119dd83f071041d61f685eb3b5eaea0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F669ECDF36ECB26E5AFFCCF8D9CA5A52
Requests: 1 HTTP requests in this frame

Frame: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 882F42F2C48429292663429A2D2B277A
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsus9tm1XvPveyPNJQsWQ0kotzqdxRrCo2PDSVPzfPu6f9-hBa4cGbz6MtchAnPD_USre7mgtzX2OH1gVgxUDAaMh2nUG_tuEAVb_mhf48ykS45IrotgK_2Y_mOmkseBDkWtssc9lPE8fMMReMocpRyshoy6d7MGGzT-lGtXfL9HF1GgCkwJffTw2pNLGDlGjYtFntnego-KmyknqHRvZmiU7dFBJIGD0UmPqdEr0LYnhav3iGjDcOIJOGXvUc57YTJLcThRUOXetbx4N07qUzJIc5-l551PT6DL-Pz7xavtBJ-MSG62Rypw1FBsqjZ9reL7Mwz0k1noOKY&sig=Cg0ArKJSzJsWxDbgnkQKEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3BA20478BCF17C2E6385AD35ABD91697
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ-72ZAhjnsJK7ATAB&v=APEucNXNie722v884JXfsDyWYNTIzsfngS4Fcx8_WrNx46gjghz9RD_dUr_mlhLR5kZ23AOs-ODyRHM_bvgWWlL8ex1iFt2OA8EVkjc8wCU3cMAgT-X-g6Gm7j6Fa9ULUq-zdiFQVdcyh2SoiXLCNSNUkWONHhu4PWQO1FqhmMX0f9P84D0MdGU
Frame ID: 06CE05E05FFB3D69CBFDC28E59FC01C8
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FB7AA1E3598FD67F737A2F9E2D503081
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 92AB7A7E69839F0F84FB494EA91441FE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 86AF00BCC1AA5A3C91957EC7B5C94147
Requests: 2 HTTP requests in this frame

Frame: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3BAECB7209FAE460F07F066D79F1B0FC
Requests: 17 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 34233A03E45DAAF2B1F1EE34A2353852
Requests: 1 HTTP requests in this frame

Frame: https://connect.detik.com/token/me.html?autoLogin=1&clientId=10166
Frame ID: 223DD0FCD61ABC16DECBF98047BAC712
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Frame ID: E030DA14285ED85D8C51F191BE3E3029
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 01D7C48F82C0A270A9B905961C48FBAC
Requests: 3 HTTP requests in this frame

Frame: https://static.vidy.com/0.38.5/iframe.html?origin=https%3A%2F%2Fwww.haibunda.com
Frame ID: 0D06D2E7140806AE2A48FC89B7A24949
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0ED33D797DCE88D98EB0F72E5A182CB5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1D05992E2C62607A2439BBBB47CB7173
Requests: 2 HTTP requests in this frame

Frame: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DCA08AC088599F23506EE4BB500F97F6
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARim5eioATAB&v=APEucNXGJPz2N6SlYP1Fv1jiLfX1CYqF5NDEcNP_mXxpqzchNjiS67vjs6PsRFFszlrziVVoWgArcHFe2hFi4eoC26RPDGLXDe0cYXUdVU6uzZoEAA31k-gBY71YVEpK0uKOStQvDnUT_RHHH_fzvV6SYg2Z6wTuz3yyLVcHkRWdKqwfTCQj6fs
Frame ID: 89E24F30E5CCD3B1D495C30DA21FB763
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12836924573366616064/728x090.html?e=69&leftOffset=0&topOffset=0&c=rV23zqYLOe&t=1&renderingType=2
Frame ID: 966050748AED2FB1784854811AEC4931
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5403125327CCF759801FB78B57F772AF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Frame ID: 27B0795EE7A006C9A7CE7EC24146495E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Informasi Terkini Kehamilan, Parenting, dan Mom Life - Haibunda.com

Page Statistics

296
Requests

94 %
HTTPS

52 %
IPv6

32
Domains

59
Subdomains

54
IPs

6
Countries

7656 kB
Transfer

13979 kB
Size

32
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://connect.detik.com/oauth/authorize?clientId=10166&redirectUrl=https%3A%2F%2Fwww.haibunda.com%2Fuser%2Fauthorize%3Fu%3Dhttps%253A%252F%252Fwww.haibunda.com%252F
Title: LOGIN

Search URL Search Domain Scan URL

URL: https://connect.detik.com/accounts/register/option/?clientId=10166&redirectUrl=https%3A%2F%2Fwww.haibunda.com%2Fuser%2Fauthorize%3Fu%3Dhttps%253A%252F%252Fwww.haibunda.com%252F
Title: SIGN UP

Search URL Search Domain Scan URL

URL: https://connect.detik.com/oauth/authorize?clientId=10166&adult=1&redirectUrl=https%3A%2F%2Fwww.haibunda.com%2Fuser%2Fauthorize%3Fu%3Dhttps%253A%252F%252Fwww.haibunda.com%252F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HaiBundacom/

Search URL Search Domain Scan URL

URL: https://twitter.com/haibundacom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/haibundacom/

Search URL Search Domain Scan URL

URL: https://newrevive.detik.com/delivery/ck.php?oaparams=2__bannerid=174523__zoneid=1513__cb=83fad6d0c3__oadest=https%3A%2F%2Fwww.haibunda.com%2Fhaibunda-squad%2F20211125134055-203-260165%2Fyuk-bun-seru-seruan-di-junio-bundafest-menangkan-hadiah-jutaan-rupiah%3Fbanner_campaign%3Djuniobundafest%26banner_platform%3Ddesktop%26banner_position%3Dbillboard%26banner_kanal%3Dhaibundacom%26banner_term%3Dmarcomm

Search URL Search Domain Scan URL

URL: https://www.detik.com/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/HaiBundacom

Search URL Search Domain Scan URL

URL: https://pasangmata.detik.com/
Title: Pasang Mata

Search URL Search Domain Scan URL

URL: https://adsmart.detik.com/
Title: Adsmart

Search URL Search Domain Scan URL

URL: https://forum.detik.com/
Title: Forum

Search URL Search Domain Scan URL

URL: https://event.detik.com/
Title: detikEvent

Search URL Search Domain Scan URL

URL: https://poin.detikshop.com/
Title: detikPoint

Search URL Search Domain Scan URL

URL: https://www.transsnowworld.com/
Title: Trans Snow World

Search URL Search Domain Scan URL

URL: https://www.transstudiobandung.com/
Title: Trans Studio

Search URL Search Domain Scan URL

URL: https://www.cnnindonesia.com/
Title: CNN Indonesia

Search URL Search Domain Scan URL

URL: https://www.cnbcindonesia.com/
Title: CNBC Indonesia

Search URL Search Domain Scan URL

URL: https://www.insertlive.com/
Title: InsertLive

Search URL Search Domain Scan URL

URL: https://www.beautynesia.id/
Title: Beautynesia

Search URL Search Domain Scan URL

URL: https://www.femaledaily.com/
Title: Female Daily

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://sb.scorecardresearch.com/cs/8443234/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 56

https://sync.search.spotxchange.com/partner?source=280136&sync_limit=7 HTTP 302
https://sync.search.spotxchange.com/partner?source=280136&sync_limit=7&__user_check__=1&sync_id=c54c5921-4fda-11ec-ad60-186cd56e0506

Request Chain 61

https://sb.scorecardresearch.com/b?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1638056157317&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1638056157317&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9=

Request Chain 62

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b2&cv=3.8.0.210223&ns__t=1638056157317&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b2&cv=3.8.0.210223&ns__t=1638056157317&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9=

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED8bJDODUXOvZmT-mdPf9rE&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED8bJDODUXOvZmT-mdPf9rE&google_cver=1&C=1

Request Chain 121

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaLA3TJwiqOuHttv2MEwLQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED8bJDODUXOvZmT-mdPf9rE&google_cver=1

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMabmKSuAFOMx_0kADnx5Rg&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMabmKSuAFOMx_0kADnx5Rg%26google_cver%3D1

Request Chain 123

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk5NzkwNDQ0NjI3MzYzOTIwMA%3D%3D

Request Chain 163

https://gcdn.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669592158/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/4A663C957A6599D92A80D42EE506C9A9CC9BFCAA.5912116F38C8853F37985734E5A3D0C4E0C3D037/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5lznle.c.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669592158/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4C9F7EDD49D77A66B375573C4B093D82B4FD218E.3CF5FC838557B0636ED165E794672CE00C12DF75/key/cms1/cms_redirect/yes/mh/y7/mip/2001:ac8:20:90:13c::1/mm/42/mn/sn-4g5lznle/ms/onc/mt/1638055957/mv/m/mvi/1/pl/54/file/file.mp4

Request Chain 271

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOitALdignaEEAJ2yKWrHcg&google_cver=1

Request Chain 273

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEEVBCq60veuvd_dAtImBRDg&google_cver=1

296 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.haibunda.com/ 59 KB
16 KB 272ms
222ms Document
text/html 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16ddb7004c8fd4363b7cd0c674bd75b946bca320b071c925b6dbd1f7021aca57

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 27 Nov 2021 23:35:55 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: '1;mode=block'
strict-transport-security: "max-age=31536000; includeSubDomains" always
s: fe-publish2
x-cached: HIT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b4f2cfc7d7bf933-MXP
content-encoding: gzip

GET
H2 200 haibunda.wp.style.css
cdn.haibunda.com/css/ 219 KB
28 KB 588ms
193ms Stylesheet
text/css 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

09bbbc72b0c1e4a77791b1bcdf372897b2b51c9ae4f1b692a20494bab7d1cac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Oct 2021 07:52:00 GMT
server: static8
cache-status: HIT
etag: W/"61766220-36d49"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 haibunda.cb.css
cdn.haibunda.com/css/ 21 KB
4 KB 588ms
193ms Stylesheet
text/css 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

06b276a97a4711565b340e4c6df18ae76b6f7e9167c9584e81d10de6370dbb27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Oct 2021 07:52:00 GMT
server: static8
cache-status: HIT
etag: W/"61766220-5390"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
cdn.detik.net.id/libs/detik-vertical/js/ 87 KB
31 KB 755ms
184ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/detik-vertical/js/jquery-3.6.0.min.js?v=haibunda.3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static3 /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 07:01:24 GMT
server: static3
cache-status: HIT
etag: W/"60bdc444-15d9d"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtmdl.js Show response
cdn.detik.net.id/libs/detik-vertical/js/ 4 KB
1 KB 755ms
185ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/detik-vertical/js/gtmdl.js?v=haibunda.3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static3 /

Resource Hash

05d20b8b8b5db9ad1794d810f11803a59fbda373d04d313deeb842d388aac6c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:26 GMT
server: static3
cache-status: HIT
etag: W/"5db2a88e-e65"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detik.ads.css
cdn.detik.net.id/commerce/desktop/css/ 9 KB
3 KB 754ms
184ms Stylesheet
text/css 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/commerce/desktop/css/detik.ads.css

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static3 /

Resource Hash

889ed0f48c04d82f2bd820be3891c084083bd88f253a8e4018227e8c7d81f21b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Nov 2019 03:46:21 GMT
server: static3
cache-status: HIT
etag: W/"5ddf430d-255c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dtk_commerce.js Show response
cdn.detik.net.id/commerce/commerce/ 2 KB
1 KB 755ms
184ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/commerce/commerce/dtk_commerce.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static3 /

Resource Hash

519f36dfb169cf61d16bab3b2e62107657910c4daa039cc3692d7b9e6a9c4a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Nov 2020 04:20:38 GMT
server: static3
cache-status: HIT
etag: W/"5fbf2d16-919"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 61ms
17ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1057 / 361 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Nov 2021 23:35:57 GMT

GET
H2 200 portal.dc.js Show response
cdn.detik.net.id/libs/js-itportal/ 1010 B
860 B 754ms
184ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/js-itportal/portal.dc.js?v=1.0

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static3 /

Resource Hash

5c8530b3a15538b349a408d3544b1f4720f06acf3e4cb34e196118a41e804e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 04 Mar 2020 10:11:15 GMT
server: static3
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block
cache-control: max-age=315360000
barrier_3: HIT
etag: W/"5e5f7ec3-3f2"
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 eyeotadtk.js Show response
cdnstatic.detik.com/live/js/ 312 B
533 B 1354ms
180ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstatic.detik.com/live/js/eyeotadtk.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-172-221-49-103.detik.com
Software: static8 /
Resource Hash: 7140a907c2d5e058b18f9c64b37cbca0c4915a3cc5919f5be199849db17099b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
last-modified: Thu, 17 May 2018 07:29:06 GMT
server: static8
barrier_2: MISS
cache-status: HIT
etag: W/"5afd2f42-138"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
middle-cache: MISS
barrier_1: Static
barrier_3: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed.min.js Show response
static.vidy.com/ 5 KB
3 KB 77ms
25ms Script
application/javascript 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/embed.min.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d871d2e77a06c3f0eba9a19c6c9637b3c1bce6b763613d687cadb1ae0c82749f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1632151585
age: 11991
x-guploader-uploadid: ADPycds89xd0K8ZO90rSeaiyokcYdlKt1XkJ8hZ6h3OyFt7F-Go5k2B6HKSnm_U2SWdbEGi0R5NQrMtkaSe9WkCxwyM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
last-modified: Mon, 20 Sep 2021 15:27:31 GMT
server: cloudflare
etag: W/"b145d7539e78b5b1784435a21008f41b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=6c3BQg==, md5=sUXXU554tbF4RDWiEAj0Gw==
x-goog-generation: 1632151650900589
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Content-Type, *
cache-control: public,s-maxage=14400,max-age=1800
x-goog-stored-content-length: 4803
cf-ray: 6b4f2cfe5ebd5a19-MXP
expires: Sat, 27 Nov 2021 23:54:58 GMT

GET
H2 200 972fa1b1-24cb-47a5-acbe-cbc6be2ae3e6.png
akcdn.detik.net.id/community/media/visual/2019/07/23/ 8 KB
9 KB 565ms
190ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/community/media/visual/2019/07/23/972fa1b1-24cb-47a5-acbe-cbc6be2ae3e6.png?d=1

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

95ea4f9b70f2ca3ad7bab58bc9dc7ef03450b206e493bd6da1a9878d7e0b9f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
last-modified: Tue, 23 Jul 2019 04:44:40 GMT
server: static14
cache-status: HIT
etag: W/"5d3690b8-211e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 login_loader.gif
cdn.haibunda.com/images/ 77 KB
74 KB 320ms
315ms Image
image/gif 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/login_loader.gif?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

4e0f57d62338e4fa1f8a4294d8ae6f14ca888d41dab5732f31550eb02efb3640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Apr 2020 09:23:47 GMT
server: static8
cache-status: HIT
etag: W/"5ea947a3-13516"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 search-icon.png
cdn.haibunda.com/images/ 525 B
854 B 320ms
315ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/search-icon.png?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

67aae3ab97e82df125f167d14d97cb60cd54c427476cf54f0cd545bfa21d3558

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: W/"5db2a88f-20d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fb-icon.png
cdn.haibunda.com/images/ 931 B
1 KB 320ms
315ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/fb-icon.png?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

eb40531a629538ad7ad83251dadf2113c4806ff0700f607717743889cdfcb472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: W/"5db2a88f-3a3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 twitter-icon.png
cdn.haibunda.com/images/ 1006 B
1 KB 320ms
315ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/twitter-icon.png?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

98ce2a3ea24bc6d29cf87c63e36d2ec703691056dfde86478c30034c622aa0e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: W/"5db2a88f-3ee"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 instagram-icon.png
cdn.haibunda.com/images/ 3 KB
3 KB 321ms
316ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/instagram-icon.png?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

a13c3185915409efcbec0f3be6c968916c770e284c74a1be4b41373677271432

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: W/"5db2a88f-a20"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 close.png
cdn.haibunda.com/images/ 225 B
518 B 321ms
316ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/close.png?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

e6ee817417e2116d8d2c64cfd7670fb698da06d58c32ec63538389a11cc740f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: "5db2a88f-e1"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
accept-ranges: bytes
content-length: 225
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.png
cdn.haibunda.com/images/ 12 KB
12 KB 320ms
316ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/logo.png?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

a88a351e0ad78ab48f5ce0b9d4bf7eea91fb365c844d5fdb45fee434fbcc5ab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: W/"5db2a88f-2f8e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pushnotif.css
cdn.haibunda.com/css/ 2 KB
1 KB 192ms
192ms Stylesheet
text/css 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/css/pushnotif.css?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

38d4825946c29a0abd077b9d190fa6e3f41100d7ee2f05994ee9ef8988231fff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: MISS
etag: W/"5db2a88f-858"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ico_haibunda.png
cdn.haibunda.com/images/ 2 KB
2 KB 570ms
566ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/ico_haibunda.png?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

eb22877643be19823f22f74c1a2e55e18c8e81f49624e2d1d0fcbf0badc73555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: W/"5db2a88f-8d2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pushnotif.js Show response
cdn.haibunda.com/js/ 2 KB
1007 B 191ms
191ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/pushnotif.js?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

2e34d1260f26dc4980a2bfeb849192ac8831693a2bf698ff258cb5fd6adb1efd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Jun 2021 07:05:50 GMT
server: static8
cache-status: MISS
etag: W/"60dac64e-717"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Promil_4.png
cdn.detik.net.id/haibundaasset/Faseprogramhamil/ 129 KB
124 KB 191ms
187ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.detik.net.id/haibundaasset/Faseprogramhamil/Promil_4.png

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static3 /

Resource Hash

2fe7f1e499e3f37c6b1f96eb7de1e63ea205104280a32a858ec0da0bc1f845c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 11:29:06 GMT
server: static3
cache-status: HIT
etag: W/"5f5a0e02-203e3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-arrow-right.png
cdn.haibunda.com/images/ 282 B
601 B 570ms
566ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/icon-arrow-right.png?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

eb5b1128d29d5efe4ac0809c4f92eaedea9153b9192cc6fd1bb0755d2726d7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Oct 2021 07:52:00 GMT
server: static8
cache-status: HIT
etag: W/"61766220-11a"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Minggu-19.png
cdn.detik.net.id/haibundaasset/Fasekehamilan/ 573 KB
546 KB 191ms
187ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.detik.net.id/haibundaasset/Fasekehamilan/Minggu-19.png

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static3 /

Resource Hash

8ab498df51bd76d040318633cbbeca6f7ace32cb232b303be057db6881bddb02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 11:22:39 GMT
server: static3
cache-status: HIT
etag: W/"5f5a0c7f-8f466"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Bulan_18.png
cdn.detik.net.id/haibundaasset/faseanak/ 197 KB
192 KB 195ms
191ms Image
image/png 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.detik.net.id/haibundaasset/faseanak/Bulan_18.png

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static3 /

Resource Hash

04d0ea694f279255eaf563d5ca1d83926cb3633b340c2a3616ce8f6d3196a4b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 11:09:28 GMT
server: static3
cache-status: HIT
etag: W/"5f5a0968-31266"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 footer_logo_haibunda.png
cdn.haibunda.com/images/ 13 KB
12 KB 570ms
566ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/footer_logo_haibunda.png?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

b2452668399814faf040e35fe9ef501fdc0d6f52bd5292cae648e14630b1d652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 07:02:40 GMT
server: static8
cache-status: HIT
etag: W/"5f55db10-3311"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 footer_logo2.png
cdn.haibunda.com/images/ 7 KB
7 KB 570ms
567ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/footer_logo2.png?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

9c2638f6f7254424a976b27decc5ce63acba828134e343f814add0a5218d4dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 07:02:40 GMT
server: static8
cache-status: HIT
etag: W/"5f55db10-1a35"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foot_fb.png
cdn.haibunda.com/images/ 2 KB
2 KB 570ms
567ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/foot_fb.png?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

ed92518c8e1991f83f39fe4a7b40b28723bd6c6d0f077ea99371f0381510d784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 07:02:40 GMT
server: static8
cache-status: HIT
etag: W/"5f55db10-89e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foot_tw.png
cdn.haibunda.com/images/ 3 KB
3 KB 570ms
567ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/foot_tw.png?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

591650f961335ac51209c9460bdf46400158b1cb4c03e0ea4d06fdd217d3ce02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 07:02:40 GMT
server: static8
cache-status: HIT
etag: W/"5f55db10-b87"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foot_ig.png
cdn.haibunda.com/images/ 6 KB
7 KB 570ms
567ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/foot_ig.png?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

d231b672aea39d98bee92025242644ddf141f09e9442708a0efeae7f40f49c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 07:02:40 GMT
server: static8
cache-status: HIT
etag: W/"5f55db10-1933"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 foot_yt.png
cdn.haibunda.com/images/ 3 KB
3 KB 570ms
567ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/foot_yt.png?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

85094b91c85e6dd45a8af3352356b1c0fa38d7d67a667701e0508c72b0827d22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 07:02:40 GMT
server: static8
cache-status: HIT
etag: W/"5f55db10-b21"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 haibunda-wp-js.min.js Show response
cdn.haibunda.com/js/ 118 KB
34 KB 204ms
203ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/haibunda-wp-js.min.js?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

2202fa796324f006c0b5b3ec0416e66573ef71ae3c2a4d0d18fa898e84f7231a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Oct 2021 07:52:00 GMT
server: static8
cache-status: HIT
etag: W/"61766220-1d7a8"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imgLiquid-min.js Show response
cdn.haibunda.com/js/ 5 KB
2 KB 304ms
298ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/imgLiquid-min.js?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

8ad3e1be1b9cb15ea3c9379f994f99e8c97af5a04f894299e1999ed2582ad62e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: W/"5db2a88f-13f7"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/3.6.6/ 294 KB
97 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/3.6.6/firebase.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ca252b1ec28d3fc04078a3a87894fea0cb9d5ee81f0bbc5a66ff8c5ecaab333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98890
x-xss-protection: 0
last-modified: Wed, 18 Jan 2017 00:39:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
expires: Tue, 22 Nov 2022 21:37:46 GMT

GET
H2 200 firebase.js Show response
cdn.haibunda.com/js/ 5 KB
2 KB 310ms
304ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/firebase.js?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

7787917a6143a217af620df3b2cd3fb1c84fa36ef088477a75d674aade5acc1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2019 05:11:48 GMT
server: static8
cache-status: HIT
etag: W/"5df1cc14-14d6"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detik-vertical.js Show response
cdn.haibunda.com/js/ 1 MB
269 KB 311ms
305ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

f7ba144d13acfaacc8297bd004d13247e9deabf403ab2e541e57286c22cbb4b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Nov 2021 09:00:49 GMT
server: static8
cache-status: HIT
etag: W/"619221c1-156cc5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 refresh.js Show response
cdn.detik.net.id/libs/detik-vertical/js/ 1 KB
715 B 189ms
182ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/detik-vertical/js/refresh.js?v=haibunda.3.4.7

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static3 /

Resource Hash

c6b125c8dc7b6c653f8b83247885e3ebb9f92ffe94a32efa224302737eb0174d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:26 GMT
server: static3
cache-status: HIT
etag: W/"5db2a88e-430"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detikLiveUserCounterResponse.js Show response
cdn.detik.net.id/libs/livecounter/ 37 KB
10 KB 191ms
185ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/livecounter/detikLiveUserCounterResponse.js?v=2021112806

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static3 /

Resource Hash

57532ca0f542594b21e66a42c0ecac74b2b89b9922839fc2508d2c375ce0f3c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Jul 2021 08:01:26 GMT
server: static3
cache-status: HIT
etag: W/"60f7d456-921a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
11 KB 41ms
18ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2861344
x-jsd-version: 1.8.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19140-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6b4f2d069c3e2c3a-FRA

GET
H2 200 callback-revive.js Show response
cdnstatic.detik.com/live/_rmbassets/ 168 B
457 B 187ms
181ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstatic.detik.com/live/_rmbassets/callback-revive.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-172-221-49-103.detik.com
Software: static8 /
Resource Hash: f25cf1a788fd845ec9fd9612d636207ad7db744aa99624c76fb6c8ecd379e92f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
last-modified: Wed, 28 Apr 2021 07:59:13 GMT
server: static8
barrier_2: MISS
cache-status: HIT
etag: "608915d1-a8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
middle-cache: MISS
accept-ranges: bytes
barrier_1: Static
barrier_3: HIT
content-length: 168
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 connectdetik Show response
www.haibunda.com/ 262 B
296 B 208ms
202ms Script
application/javascript 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/connectdetik?fn=onLoginClient

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24188bfb37dfe180f21d1de5e12d8901c3c92ed457b00bb4bd2f7896a454c315

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-cached: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/javascript
s: fe-publish2
cf-ray: 6b4f2d068dd5f933-MXP
x-xss-protection: '1;mode=block'

GET
H2 200 v64f9daad31f64f81be21cbef6184a5e31634941392597 Show response
static.cloudflareinsights.com/beacon.min.js/ 13 KB
5 KB 102ms
52ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6

Request headers

Referer: https://www.haibunda.com/
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.10.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6b4f2d06d9d93760-MXP

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ 0
344 B 53ms
7ms Script
text/plain 3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=mli4m40&t=ajs&sid=haibunda&gen=&ag=&cat=Haibunda&subcat=
Requested by: Host: cdnstatic.detik.com
URL: https://cdnstatic.detik.com/live/js/eyeotadtk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 23:35:57 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 76 KB
31 KB 46ms
18ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NH3RQL3&l=spotxDataLayer

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bff38b9aea6240de0008b12d8c00624a299945165c7c533a9e7d68188fa5318c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30879
x-xss-protection: 0
last-modified: Sat, 27 Nov 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Nov 2021 23:35:57 GMT

GET
H2 200 AGSKWxVac1DZFJMqfavfJJr_r7LsueqlMh6VgMPZYuW50o0QUw0GUnym5UybMbAFaLgBFinV36G_Kfl3BSlZssGUKy0= Show response
fundingchoicesmessages.google.com/f/ 76 KB
28 KB 59ms
31ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVac1DZFJMqfavfJJr_r7LsueqlMh6VgMPZYuW50o0QUw0GUnym5UybMbAFaLgBFinV36G_Kfl3BSlZssGUKy0=

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05d87c3a91185a96c227af54bdd8a004eefa792b247abcf4fbd4214b0c3b52c7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-E2x7bPukWX+EpTMQOiSeIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-E2x7bPukWX+EpTMQOiSeIA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-E2x7bPukWX+EpTMQOiSeIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-E2x7bPukWX+EpTMQOiSeIA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/detik-haibunda/ 147 KB
24 KB 30ms
8ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/detik-haibunda/loader.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: obaker.95.1.2-11.94.6 /
Resource Hash: 8ff983d58b09ee6da5270c96f77719da4db7b7fde747b2c29615691cf72b0b4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: pB_8Fexi89bapR_n_nPI2QKde6nFkmqp
content-encoding: gzip
etag: "a096880de6afa5b6d56383b46405deddffd92804"
age: 4585
via: 1.1 varnish
x-cache: HIT
x-from-cache: 1
content-length: 24226
x-amz-id-2: WyCaqT2nWvn3q7hbLQx7nTcgHmUTkV8aQJpEFgq3P2rVj/tnZIdv017V9P5IHNMK0PK5FvmvfSw=
x-served-by: cache-hhn4053-HHN
last-modified: Wed, 24 Nov 2021 13:10:01 UTC
server: obaker.95.1.2-11.94.6
x-timer: S1638056157.225140,VS0,VE1
date: Sat, 27 Nov 2021 23:35:57 GMT
vary: Accept-Encoding, Accept-Encoding
x-amz-request-id: CM5QAB6KAB2QCAJA
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 12
x-cache-hits: 1

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/8443234/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

15ms
14ms

Script
application/javascript

13.226.145.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Server: 13.226.145.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-101.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:08:55 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 1741
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: tisqaHVvuumK9NohZCSSlIarRO-9W6DAy_2O6gdlNsWrGAA1ruqqrg==

Redirect headers

date: Sat, 27 Nov 2021 23:35:57 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: K574NwPQ5jvC_VeFSSOgPWTJXbxAzLR-tDfzXKjobz2NYWjvB0TcZg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 153 KB
49 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

caf0c8bab7329b3c721eec9ba026b15667d3556c8ad8144ab623118d42fb26f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50234
x-xss-protection: 0
last-modified: Sat, 27 Nov 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Nov 2021 23:35:57 GMT

GET
H2 200 opensans-semibold.ttf
cdn.haibunda.com/fonts/ 33 KB
33 KB 788ms
260ms Font
application/octet-stream 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/opensans-semibold.ttf

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static11 /

Resource Hash

91e3e9479b81590d447db1480185e8068e0c768514dc64ae59d18b6c1de9db0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static11
cache-status: HIT
etag: "5db2a88f-822c"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
accept-ranges: bytes
content-length: 33324
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sort-down-outline.png
cdn.haibunda.com/images/ 290 B
612 B 547ms
547ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/sort-down-outline.png

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

200174cdfb9da0cc1397d8bfbc2673bb4e67f28fc4b6c6871d985adc70f1f7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Oct 2021 07:52:00 GMT
server: static8
cache-status: HIT
etag: W/"61766220-122"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-new.png
cdn.haibunda.com/images/ 846 B
1 KB 547ms
547ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/icon-new.png

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

29f40d8bd97eeab29d23fcd3ae3da55b70d8c53221f28ac2126da765c8d3979f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Feb 2020 07:18:08 GMT
server: static8
cache-status: HIT
etag: W/"5e576d30-34e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 montserrat-regular.ttf
cdn.haibunda.com/fonts/ 43 KB
44 KB 768ms
260ms Font
application/octet-stream 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/montserrat-regular.ttf

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static11 /

Resource Hash

f8e6d431d0a4a2087615e20b0c58c118f8133e74a505de8e6e8e303bef22ff0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static11
cache-status: HIT
etag: "5db2a88f-ade4"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
accept-ranges: bytes
content-length: 44516
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 search-btn.png
cdn.haibunda.com/images/ 764 B
1 KB 544ms
543ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/search-btn.png

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

4842be1644d3ff35ba6090a48a2ada270ec5af1963bd9e69f39cb385eab29632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: W/"5db2a88f-2fc"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 montserrat-light.ttf
cdn.haibunda.com/fonts/ 188 KB
188 KB 1274ms
771ms Font
application/octet-stream 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/montserrat-light.ttf

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static11 /

Resource Hash

f13abb259dcc4abd8726fb32e9fbb624a99fec6f0ebc2fdb52309692e06c8dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static11
cache-status: HIT
etag: "5db2a88f-2ee74"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
accept-ranges: bytes
content-length: 192116
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 impl.20211110-3-RELEASE.js Show response
cdn.taboola.com/libtrc/ 600 KB
123 KB 8ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20211110-3-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/detik-haibunda/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a321e62c3702ec8b6b191376a4482d5c9c5497e6fe4410458732ddac6d549a94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: y4jPcTWZVvCU4GQ2afXiUOgeDjV8zNMh
content-encoding: br
etag: "7848186c57896423b5acff2b59d1df6f"
age: 194
x-cache: HIT
content-length: 125377
x-amz-id-2: ZIERzgxRZunYpfPiBXwlYqOiXiJ/EGxTcIhR1QimW0mtOH61jPUqbZmac85ieGT+WujSq4W8NX4=
x-served-by: cache-hhn4053-HHN
last-modified: Wed, 10 Nov 2021 10:19:08 GMT
server: AmazonS3-br
x-timer: S1638056157.251756,VS0,VE0
date: Sat, 27 Nov 2021 23:35:57 GMT
vary: Accept-Encoding
x-amz-request-id: 8CZQ4B21M7GS9TPR
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 60
x-cache-hits: 4

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
78 B 22ms
20ms Image
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=connect-video-trc-4_ctrl
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1638056157.252579,VS0,VE0
x-served-by: cache-hhn4053-HHN
x-cache: HIT
content-type: text/html
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?source=280136&sync_limit=7
https://sync.search.spotxchange.com/partner?source=280136&sync_limit=7&__user_check__=1&sync_id=c54c5921-4fda-11ec-ad60-186cd56e0506

0
588 B

15ms
15ms

Image
text/plain

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=280136&sync_limit=7&__user_check__=1&sync_id=c54c5921-4fda-11ec-ad60-186cd56e0506
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Sat, 27 Nov 2021 23:35:57 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 23
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Sat, 27 Nov 2021 23:35:57 GMT
Server: nginx
Location: /partner?source=280136&sync_limit=7&__user_check__=1&sync_id=c54c5921-4fda-11ec-ad60-186cd56e0506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 54
Connection: keep-alive
Content-Length: 0

GET
H2 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 39ms
39ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Nov 2021 23:35:57 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 446 B
216 B 31ms
16ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.haibunda.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

5929c2771e4180059ae0df1b45fdd48211aae0b75c671a0258649533b0fe0511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0
server: cafe
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Sat, 27 Nov 2021 23:35:57 GMT

POST
H3 204 AGSKWxWMZNo2F64VQaUFkXiGJwuPQSC5AJ147MgyhSM-5uR2SayyoolD6biFmcXQKnwtRY4LxCc841r3NaV-jL9oJ04= Show response
fundingchoicesmessages.google.com/el/ 0
27 B 35ms
20ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWMZNo2F64VQaUFkXiGJwuPQSC5AJ147MgyhSM-5uR2SayyoolD6biFmcXQKnwtRY4LxCc841r3NaV-jL9oJ04=?pvid=A1062333-E84A-49CF-A25C-0C5CF311645F&anonid=93E59AB5-6076-4CAF-BAF1-106373B0FF0E

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Z_dGtx7tsDI.es5.O/d=1/rs=AJlcJMybvMbYEQl87syuWh_PtLEA0pgg6g/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jlb1W23zM3pGGTZTjVlbsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-jlb1W23zM3pGGTZTjVlbsg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jlb1W23zM3pGGTZTjVlbsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-jlb1W23zM3pGGTZTjVlbsg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWE8BNT0FP9S6I9rQSrLfsbVWJnI15YPhOky0enO-zWOrQ4davWqIofEvambawAgw98SCbot8BnjCfGWcR7kmo= Show response
fundingchoicesmessages.google.com/f/ 59 KB
22 KB 52ms
36ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWE8BNT0FP9S6I9rQSrLfsbVWJnI15YPhOky0enO-zWOrQ4davWqIofEvambawAgw98SCbot8BnjCfGWcR7kmo=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM4MDU2MTU3LDMwNDAwMDAwMF0sIkExMDYyMzMzLUU4NEEtNDlDRi1BMjVDLTBDNUNGMzExNjQ1RiIsIjkzRTU5QUI1LTYwNzYtNENBRi1CQUYxLTEwNjM3M0IwRkYwRSIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5oYWlidW5kYS5jb20vIixudWxsLFtdXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f79056eaef6d1b663b971acfd0064fc6d529a3d0c0c49abe6d98423cc722be9d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-aIGRnV3C4gPE9njseArR3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-aIGRnV3C4gPE9njseArR3g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-aIGRnV3C4gPE9njseArR3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-aIGRnV3C4gPE9njseArR3g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1638056157317&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%...
https://sb.scorecardresearch.com/b2?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1638056157317&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C...

0
226 B

23ms
22ms

Image
text/plain

13.226.145.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1638056157317&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9=
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Server: 13.226.145.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-101.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: MSRv6qXdQL6SFd5uYzyfSoXyNSw3Nf-KzoPLXGWqKJ9Sfv2gM6wXgA==
x-cache: Miss from cloudfront

Redirect headers

date: Sat, 27 Nov 2021 23:35:57 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=8443234&cs_it=b2&cv=3.8.0.210223&ns__t=1638056157317&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9=
content-length: 261
x-amz-cf-id: lZs0BC-qY6UqRJgtETV7uhGNAXEvB8nPlyEJn9D7LhSpFPYwg5UtFw==

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b2&cv=3.8.0.210223&ns__t=1638056157317&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenti...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b2&cv=3.8.0.210223&ns__t=1638056157317&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parent...

0
224 B

22ms
22ms

Image
text/plain

13.226.145.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b2&cv=3.8.0.210223&ns__t=1638056157317&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9=
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Server: 13.226.145.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-101.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: ukuNuvjY6cNpORF0e4_WicCn--euWEYvwcvSLN1P3wvZL-TEEE1e4A==
x-cache: Miss from cloudfront

Redirect headers

date: Sat, 27 Nov 2021 23:35:57 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b2&cv=3.8.0.210223&ns__t=1638056157317&ns_c=UTF-8&c7=https%3A%2F%2Fwww.haibunda.com%2F&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c9=
content-length: 267
x-amz-cf-id: J8hZSAV-uTcq1i6pg-8o-iOmffU2-VtWkyXJG0fst6HACyGsB4QGLw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2090
date: Sat, 27 Nov 2021 23:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 28 Nov 2021 01:01:07 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: 6n2kkaD6rydKGVPhYnZgBsidTsCAwA3y4B+nNABuKY+wcDZvV7ydqYCPGL1E1sxp0BUjbJDhQL3PTK/VyO3ICA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Sat, 27 Nov 2021 23:35:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 44ms
13ms Script
application/javascript 13.226.145.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-115.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 18509311
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: JqUdVNFCBzMNy8e6h5XnxFoZiiDJngU-i36gVgMCsNNn50jfd7py1w==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 20ms
20ms Script
application/javascript 13.226.145.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-101.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 03:37:13 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 153154
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: mkTbJ6QNIFFe-riNCl_hME8AiuvmjkpUilr_wy7abw9RFYWOeSC-KA==

GET
H2 200 hotjar-961139.js Show response
static.hotjar.com/c/ 4 KB
2 KB 51ms
20ms Script
application/javascript 13.226.145.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-961139.js?sv=6

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-99.dus51.r.cloudfront.net

Software

Resource Hash

3bbb862d7ec66e071907012834b3a6e26ee158e81f6d4ace864fac5187329a46

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1912
access-control-allow-origin: *
cache-control: max-age=60
etag: W/9dd86bd4a252a4db0607ae296863ad34
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
x-cache-hit: 1
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: AOvOTotLJG9hPD_52n1zozPvn3huKTTjjNHU-DRcsq59iz5LQA1UsQ==

GET
H2 200 montserrat-semibold.ttf
cdn.haibunda.com/fonts/ 44 KB
44 KB 1153ms
771ms Font
application/octet-stream 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/montserrat-semibold.ttf

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static11 /

Resource Hash

ce146d218b23af17e1eb05a4e8cf08beb466eca2e87ee4c6523694b4fcec176e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static11
cache-status: HIT
etag: "5db2a88f-af50"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
accept-ranges: bytes
content-length: 44880
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 204 AGSKWxWMZNo2F64VQaUFkXiGJwuPQSC5AJ147MgyhSM-5uR2SayyoolD6biFmcXQKnwtRY4LxCc841r3NaV-jL9oJ04= Show response
fundingchoicesmessages.google.com/el/ 0
27 B 22ms
22ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-j+puGJVXFVqDYSMcO0DcvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-j+puGJVXFVqDYSMcO0DcvQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-j+puGJVXFVqDYSMcO0DcvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-j+puGJVXFVqDYSMcO0DcvQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 40ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.haibunda.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 54ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.haibunda.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 457 B
272 B 43ms
43ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2124077385527916&correlator=96883528977417&output=ldjh&impl=fif&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211127&iu_parts=4905536%2CHaiBunda_desktop%2Cballon_ads&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie_enabled=1&bc=31&abxe=1&lmt=1638056157&dt=1638056157437&dlt=1638056155816&idt=1558&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=0&adks=3381077581&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x2203&msz=1600x0&ga_vid=405606440.1638056157&ga_sid=1638056157&ga_hid=1364800232&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

edc343f5c266818bc8d743c0ae52cbda6646d39db27652e43fca94e825b0c517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 185ms
184ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2124077385527916&correlator=96883528977417&output=ldjh&impl=fif&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211127&iu_parts=4905536%2CHaiBunda_desktop%2Cbottomframe&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C728x90&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie_enabled=1&bc=31&abxe=1&lmt=1638056157&dt=1638056157441&dlt=1638056155816&idt=1558&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1200&adks=528661791&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=405606440.1638056157&ga_sid=1638056157&ga_hid=1364800232&ga_fc=false&fws=512&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

de6e38bc135d157b92d0151f7a202c94294786074b49e5a3ac5fbb0c1d968b3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8573
x-xss-protection: 0
google-lineitem-id: 5823071444
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138369586174
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 59 KB
29 KB 335ms
334ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2124077385527916&correlator=96883528977417&output=ldjh&impl=fif&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211127&iu_parts=4905536%2CHaiBunda_desktop%2Cmedium_rectangle1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie_enabled=1&bc=31&abxe=1&lmt=1638056157&dt=1638056157442&dlt=1638056155816&idt=1558&frm=20&biw=1600&bih=1200&oid=2&adxs=1050&adys=765&adks=2630211830&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=405606440.1638056157&ga_sid=1638056157&ga_hid=1364800232&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

279bcb202040b2627e7767944484116a8327b43a32099c5dd39319ed5b833441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29957
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 66 KB
21 KB 525ms
525ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2124077385527916&correlator=96883528977417&output=ldjh&impl=fif&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211127&iu_parts=4905536%2CHaiBunda_desktop%2Cmedium_rectangle2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie_enabled=1&bc=31&abxe=1&lmt=1638056157&dt=1638056157443&dlt=1638056155816&idt=1558&frm=20&biw=1600&bih=1200&oid=2&adxs=1050&adys=1050&adks=2451876870&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=405606440.1638056157&ga_sid=1638056157&ga_hid=1364800232&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

838a508831ba3763f8fb1ad2f01d8dd0e51463b1f6c17f3580d97b545a0db5c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21823
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A0A3 6 KB
4 KB 103ms
41ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 27 Nov 2021 23:35:57 GMT
expires: Sun, 27 Nov 2022 23:35:57 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 b
sb.scorecardresearch.com/ 0
338 B 20ms
20ms Image
text/plain 13.226.145.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=8443234&ns__t=1638056157457&ns_c=UTF-8&cv=3.5&c8=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&c7=https%3A%2F%2Fwww.haibunda.com%2F&c9=
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-101.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: E7b7mlJZe_4NpkfDN4QJ_YarmocQaTTYjGgr5BalMTkuVHD2MNVaQA==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 45ms
13ms Image
image/gif 13.226.145.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&time=1638056157461&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.haibunda.com%2F&random_number=17593671215&sess_cookie=47499c9917d63c16115ec5e8644&sess_cookie_flag=1&user_cookie=47499c9917d63c16115ec5e8644&user_cookie_flag=1&dynamic=true&domain=haibunda.com&account=iSYNs1rcy520uW&jsv=20130128&user_lang=en-US
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-26.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 04:15:02 GMT
Via: 1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 69655
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: DUS51-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: 498WPQUKkRJGtnzTegORCnTuSevr9iHyorUEXRI073mUHmkBjwReSQ==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 349ms
107ms Image
text/plain 2600:1f16:bc:1201:6b79:521a:2fc2:9364
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f16:bc:1201:6b79:521a:2fc2:9364 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
server: Server

GET
H2 200 modules.376dac12c7cbd03331c3.js Show response
script.hotjar.com/ 226 KB
60 KB 46ms
15ms Script
application/javascript 13.226.145.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.376dac12c7cbd03331c3.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-961139.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-122.dus51.r.cloudfront.net

Software

Resource Hash

762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 385731
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60634
access-control-allow-origin: *
last-modified: Tue, 23 Nov 2021 12:26:27 GMT
etag: "a104d8caba37d824b6eacd90ef7757da"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: XFhicz-7CejBQbqd5YH1upzPkrII8qw-PeUFY2koOAYnyeZEf3TmSA==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 32ms
15ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1364800232&t=pageview&_s=1&dl=https%3A%2F%2Fwww.haibunda.com%2F&ul=en-us&de=UTF-8&dt=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=906981867&gjid=96401457&cid=405606440.1638056157&tid=UA-891770-244&_gid=556736028.1638056157&_r=1&gtm=2wgba1WGBMBG8&cd1=47&cd6=kehamilan%2C%20menyusui%2C%20parenting%2C%20nama%20bayi%2C%20mom%27s%20life%2C%20motherhood%2C%20cerita%20bunda%2C%20resep%2C%20tips%20%2C%20video%2C%20referensi%20produk%2C%20rekomendasi%20tempat&cd16=wp&cd17=desktop&cd19=1.797&cd48=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&z=1539850731

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:35:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 304159643041671 Show response
connect.facebook.net/signals/config/ 307 KB
88 KB 19ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/304159643041671?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

68dfc61bc10278397931914a1bf9f70dd2595a393f55c868206f2edefd8d7c76

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89945
x-xss-protection: 0
pragma: public
x-fb-debug: V+37uLLAiuxKeENLWeHiT/qm9ouA/am5OlsNweDybL9HvV6lagk0+VQnuii88/FuF249jjuYJlTTIq10VwJODw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 23:35:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST /
kayumanis.detik.com/api/validation/ 0
0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-891770-244&cid=405606440.1638056157&jid=906981867&gjid=96401457&_gid=556736028.1638056157&_u=YAhAAUAAAAAAAC~&z=795957049

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 27 Nov 2021 23:35:57 GMT
content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
406 B 23ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=304159643041671&ev=PageView&dl=https%3A%2F%2Fwww.haibunda.com%2F&rl=&if=false&ts=1638056157578&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638056157577.904842471&it=1638056157487&coo=false&rqm=GET

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sat, 27 Nov 2021 23:35:57 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 23ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=304159643041671&ev=ViewContent&dl=https%3A%2F%2Fwww.haibunda.com%2F&rl=&if=false&ts=1638056157580&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638056157577.904842471&it=1638056157487&coo=false&rqm=GET

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sat, 27 Nov 2021 23:35:57 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 44ms
19ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-891770-244&cid=405606440.1638056157&jid=906981867&_u=YAhAAUAAAAAAAC~&z=1118306768

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:35:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 42ms
18ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-891770-244&cid=405606440.1638056157&jid=906981867&_u=YAhAAUAAAAAAAC~&z=1118306768

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:35:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 01F6 0
0 43ms
43ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslK6n4E9XW8nPNfH6DGoz2Lr355Zgw25hHaYYfR--RZLEdzv6GRa5CyNpElYsLVmRGWWxmC50yPRKhPar6Neq-KzT0jxEy2d0pgR3z92XJlJpU5lqLsoan-ap2nwxnpe4SExTPzjqFHbyvULC9_dLDjtYUlF4KYTTgr5dpJRagn_m4pFJ4cCt80UvF6QC-oQqhD1kh4KyJJ6XKlzxVAbnCfFPqXRUtjAmz4KVopZnMmHI9CZ_rWeaQzYka0irPS0kpve6orliPI4u3BdRf6fugNsObVtQKyvgiq4QnD9aLJO58LRuM9WTH8SiLw7ObRu-ksDaFHxnBsoPwxjSU&sai=AMfl-YT_4Ba2ZnEqmS15d9wYS-QqvhfqL7rgH8-qIwraUha8NU5q1JveRnsYynhmKa3YfWw6baQ-44F2ivGRbXxGYob_KXLU7tZDPiRd3UtzYBu7TMaUSYAR7J9opM85Eu4&sig=Cg0ArKJSzMzUjKdUc7v9EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: image/gif
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
cache-control: private
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Sat, 27 Nov 2021 23:35:57 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 01F6 77 KB
26 KB 21ms
21ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1057 / 985 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Nov 2021 23:35:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 01F6 119 KB
37 KB 49ms
21ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Nov 2021 23:35:57 GMT

GET
H3 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 01F6 344 KB
116 KB 22ms
22ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Nov 2021 23:35:57 GMT

GET
DATA 200
OK truncated
/ Frame 01F6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76a326a4f7cc744e20ea5b679b7cca976552ed2bad3b0db69ceca5c2936e6a51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 01F6 0
0 43ms
43ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRTPyefMQLyWrq5BOo1qoqV213WeHBKy4I6umnoI8pOXZR7ASNKbDPb1jNquYXfHhtX4rGVarmVFxIwLARP7Ca88gAP7bGLHzu9hM6M0-48PWgwNf9n4EIrp1OUTtYz5Pg-l9PsGd-3UnQl1nkqjRc2qZsxb98jx-xJ3DlO3DqEID3PjDjrhMIA5GNsNpgxJ5R0WDA51gko7YLhYEWnm-XUENwRR6ok5MRRTpY22CESIHPfWK7aqCr-jHEhCOsgemwuidJc5ipWPNXkJPgv0wZ1eMS51svFJgVMS1MuecsFMAVnmZftnMB-skDytXG7U6BNWxQOKDlhWZWcpr0hyE&sai=AMfl-YTdM012pF_J_SF1tDgR1eJOYjL_uvIeV_ae-YkubmYH_K1kVWrrV_BSWGQouI_fKrYgN1MQWOd5LKKYi1eM2SQoppKRdshSTuPabC3rGr-E8FHF2z_LlQ_FmK2SZKw&sig=Cg0ArKJSzGljlGHINFwvEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: image/gif
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
cache-control: private
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Sat, 27 Nov 2021 23:35:57 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 01F6 107 B
122 B 32ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.haibunda.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 01F6 107 B
122 B 31ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.haibunda.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 01F6 165 KB
16 KB 52ms
52ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1695488072879950&correlator=460257429789509&output=ldjh&impl=fif&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211127&iu_parts=21863666334%2C921738_haibunda.com_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3D7d410def8da1a9d9-22c0e7510ccc0081%3AT%3D1638056157%3AS%3DALNI_MZc8MhMqB-kM8fkH_TRzKrUtIocyg&cdm=www.haibunda.com&bc=31&abxe=1&lmt=1638056157&dt=1638056157753&dlt=1638056157640&idt=103&ea=0&frm=23&biw=1600&bih=1200&isw=1&ish=1&oid=2&adxs=800&adys=1199&adks=3302686316&ucis=k0tu3j72bx9g&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.haibunda.com%2F&top=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=1x0&ga_vid=405606440.1638056157&ga_sid=1638056158&ga_hid=1931582725&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

17552f720d33b40e16004864aa41015571611e878977716716ba2a6583cc77db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16578
x-xss-protection: 0
google-lineitem-id: 5822381725
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138369145860
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 01F6 12 KB
9 KB 43ms
19ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d52fc99fa593282ebc410f9a27cff8452a2b2327b91b85d6e2338307ab18e40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9208
x-xss-protection: 0

GET
H2 200 container.html Show response
8119dd83f071041d61f685eb3b5eaea0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F669 6 KB
3 KB 67ms
39ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8119dd83f071041d61f685eb3b5eaea0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 27 Nov 2021 23:35:57 GMT
expires: Sun, 27 Nov 2022 23:35:57 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 882F 6 KB
3 KB 23ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 27 Nov 2021 23:35:57 GMT
expires: Sun, 27 Nov 2022 23:35:57 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 01F6 17 KB
6 KB 68ms
46ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 27 Nov 2021 23:35:57 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3BA2 0
0 44ms
43ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsus9tm1XvPveyPNJQsWQ0kotzqdxRrCo2PDSVPzfPu6f9-hBa4cGbz6MtchAnPD_USre7mgtzX2OH1gVgxUDAaMh2nUG_tuEAVb_mhf48ykS45IrotgK_2Y_mOmkseBDkWtssc9lPE8fMMReMocpRyshoy6d7MGGzT-lGtXfL9HF1GgCkwJffTw2pNLGDlGjYtFntnego-KmyknqHRvZmiU7dFBJIGD0UmPqdEr0LYnhav3iGjDcOIJOGXvUc57YTJLcThRUOXetbx4N07qUzJIc5-l551PT6DL-Pz7xavtBJ-MSG62Rypw1FBsqjZ9reL7Mwz0k1noOKY&sig=Cg0ArKJSzJsWxDbgnkQKEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 23:35:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
server: cafe
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 3BA2 85 KB
30 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 19:16:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Nov 2022 19:16:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3BA2 119 KB
36 KB 16ms
15ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Nov 2021 23:35:57 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 06CE 624 B
838 B 43ms
18ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ-72ZAhjnsJK7ATAB&v=APEucNXNie722v884JXfsDyWYNTIzsfngS4Fcx8_WrNx46gjghz9RD_dUr_mlhLR5kZ23AOs-ODyRHM_bvgWWlL8ex1iFt2OA8EVkjc8wCU3cMAgT-X-g6Gm7j6Fa9ULUq-zdiFQVdcyh2SoiXLCNSNUkWONHhu4PWQO1FqhmMX0f9P84D0MdGU

Requested by

Host: 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
URL: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 27 Nov 2021 23:35:57 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 27 Nov 2021 23:35:57 GMT

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 882F 19 KB
8 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 23:08:59 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 882F 6 KB
3 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:04:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 23:04:46 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 882F 0
760 B 89ms
51ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstT7YD1iZwjaqtKwyZDRhiwuF1cI5FK6eDo1Od2p8-H4qMpWwByVKWq407urXATWdl207FiRGQAd9ZO00d4gbyS8NtPa8DvcTZxJIU3w6eta6yp5VevkMj-RKPBib7CIJnHHpVPBjBFVf0TJi_Wj74MlcQBj1iCVtreAWqUmg8fsBmbu2OwdtXD4a_wQ2spAg8ep7OQztZh2T2GkEVdqhIv72iOiCyGck6C40B_y-rY7J90b6GRusVTO7s9b7x_Un4KUDX4V3-O8K8SEwsUOEqjvknPrxeKy-t6TlWU5KUsJF6ySzoXLin_DEd1_0cTauwR4wIATQAv_GNUto6h6J-DrdJkmdx0G1CeCDgqaEEYV0dUglXcLI3lrjC3An0YQirvC6ukdxps0WaQrw63gxZ5m_71kJ7G-zQsXOBxQzN2DpSoHR7MKh3h45xigBwT7dP6RsyiNY0BZSCQSLNV4-zh1_y68VD9mYT66v9E7d99FPKBft_UtNsXRSn2mfCr1yEm-SRfrwSW2JQZvEvANGhcdlN9myOPqMKk2_I8CCmu3vcQm2S-Hacx8Hu294Xs1mxhpuf9CaLiS7eHLGt3KibszsrwYsy_9TnLwCfVAXycdccdAzy2cWwkXRqKfbU6N8CcaObgacMgojdeALbLfnZSJAUr2QwjuqUJIx7dBZbhLrVVv60TsbIRT_Lp7PG9yUSijMEQRGblkfOkLUxJ8aLePCbLUuHq9GXhqlmLiHob599ocQg0ayNw5ugU-pPGGTDXqFfsiH41EUeGKCidbRaIY9faWGlazhNWhqlJ7vbpaMRHlemK4rpf2N-6CUmaD5_pay3ecUpcdpG9Bq_JzRmmLfNd_p2mLp65LsM7lNICKuQSnwhXN7pF5W6mVTO6n6NYksWK1uthtldni5sFJGyy5AmOf-bAzPYfhL3M1mklk0K9Gd6a-AIDrfnTTuG5mcMtn8rowxHBnxvG8Y7vy52aWDmSpx_nNXMP7ekDAAUARl7U7dQedGOSfv53O5OTZ_R2ke1jDwTEJOT-ZhDjMWcqShX-5jM9Sf00gZqXHUgI56a4-cE30h9IIfZRsXseBsbA6i5yiUbTugGE8N3vVYnoefuM_vw5bfi55k8PxmzCd8f6V5VSjx0uw3pniJNK_d1UI04&sai=AMfl-YQotCFSdffB31htu74m6n0C_5QG41b36k2t-YOCnRslxj34k8Mp8fUlMFK-96xOM2LEN4tvS8CXDozAMxssdFVKvBHkj4NiV2VBJNrfzZL-yc2Pt6TTJ-8Nkf5yxG9Y47Z7GNU-D4VaZbRHEfgxxmIXWdVbyJHTbX2hxxV4mJ3gZl6QbfHfl_FAz8zP72fDv0_gjizNzPMXxjvWMx1jxrSyq5rg5VdF1Tar-K2pW5qZXfCciUMIsnj2TtvD6aDhwCdj_lXUTMeiXFsEtk-x6dEb3ejMtI7cw4e-lzscnjN7uHfPVdg8u6TUBhlXZlpMpGshKg0KhH6YhgasSznNooiCBGJvRlpRLDwg9sGb72hSskb_vcaRcIuhrXvNiJFV7Qb28KaaFp5ovrnJkWWIag&sig=Cg0ArKJSzNNdvR5fcGvCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211111.39921&adurl=

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
date: Sat, 27 Nov 2021 23:35:57 GMT
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: image/gif
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
cache-control: private
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 882F 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125272
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 12:48:05 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 882F 42 B
63 B 52ms
40ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A_zWf1QTvhI-V8Ab8jydozDrjTPDBHyabIYcoS04aSyE6gg9E4JJzvb4PhJ1tW-c-v9Cyq5ZCCUqVyQlInuCz192LVmQptFrqMUSN2gLD4iP-qwY4

Requested by

Host: 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
URL: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:35:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 882F 2 KB
2 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
URL: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 23:33:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 882F 119 KB
36 KB 24ms
23ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
URL: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Nov 2021 23:35:57 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 882F 15 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
URL: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 23:16:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 882F 0
0 33ms
14ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFUxybMn8-f37FKGk8LCMGpe8RBhWmAV1DLcRknzS_mQ3CWWyxMqD0-IUaHvgLD4onmvoN0edfJXEJBkTnPu-_b16AnA
Requested by: Host: 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
URL: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 6101539294738748988
s0.2mdn.net/simgad/ Frame 882F 79 KB
80 KB 59ms
8ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6101539294738748988

Requested by

Host: 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
URL: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9ec068094ebd96c28f6d899c0195bfbaf9c853a309b1787c6f60c2a236a1773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 15:52:58 GMT
x-content-type-options: nosniff
age: 286979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80914
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 10:36:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Nov 2022 15:52:58 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3BA2 0
0 47ms
47ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvP4Svx2EpC21pOhrAtBX91CzRxBz6lWTVKqASy6FOAFjJNTfo34yDqXCA5iq_zLvaMikBU2_jC_QNNTtVpTO30ppHkfssCkG4PzcV9mBA1E3_S2yykAw5Y3wmUmoJgo54zDG_Sw6pq3TyeZXoCdzJ8s4kz-n-zler2VGiV8XIC6IRHW_gVAqK25pakCxjG6Eeel7QLPpC_0b0fjE2j96QMF0S4afzZpvJf0TP_Un77NUue3ZRWOu0V2nWFLNe3XXhIqBKeAhn7HiYNDqsmcCSgfNhB8qcGWzDvF6a8f14evk_bg-PRGsogJpLOlB57VrROsP0oUlEo-cP3lw&sig=Cg0ArKJSzNlc_WweVgyLEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:57 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: image/gif
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
cache-control: private
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Sat, 27 Nov 2021 23:35:57 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FB7A 22 KB
8 KB 38ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 125271
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 92AB 12 KB
5 KB 34ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 27 Nov 2021 20:25:53 GMT
expires: Sun, 27 Nov 2022 20:25:53 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 86AF 783 B
535 B 22ms
21ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ad1abd34545b5ababa9e47931ec57625b3622456db4ef964940fc9cfc066d6f9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OjfyYR8erMxbMPMqttHR6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 27 Nov 2021 23:35:57 GMT
date: Sat, 27 Nov 2021 23:35:57 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-OjfyYR8erMxbMPMqttHR6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 06CE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED8bJDODUXOvZmT-mdPf9rE&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED8bJDODUXOvZmT-mdPf9rE&google_cver=1&C=1

43 B
1014 B

57ms
56ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED8bJDODUXOvZmT-mdPf9rE&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ-72ZAhjnsJK7ATAB&v=APEucNXNie722v884JXfsDyWYNTIzsfngS4Fcx8_WrNx46gjghz9RD_dUr_mlhLR5kZ23AOs-ODyRHM_bvgWWlL8ex1iFt2OA8EVkjc8wCU3cMAgT-X-g6Gm7j6Fa9ULUq-zdiFQVdcyh2SoiXLCNSNUkWONHhu4PWQO1FqhmMX0f9P84D0MdGU
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 23:35:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 27 Nov 2021 23:35:58 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 23:35:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED8bJDODUXOvZmT-mdPf9rE&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sat, 27 Nov 2021 23:35:58 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 06CE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaLA3TJwiqOuHttv2MEwLQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED8bJDODUXOvZmT-mdPf9rE&google_cver=1

43 B
894 B

24ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED8bJDODUXOvZmT-mdPf9rE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ-72ZAhjnsJK7ATAB&v=APEucNXNie722v884JXfsDyWYNTIzsfngS4Fcx8_WrNx46gjghz9RD_dUr_mlhLR5kZ23AOs-ODyRHM_bvgWWlL8ex1iFt2OA8EVkjc8wCU3cMAgT-X-g6Gm7j6Fa9ULUq-zdiFQVdcyh2SoiXLCNSNUkWONHhu4PWQO1FqhmMX0f9P84D0MdGU
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 23:35:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 27 Nov 2021 23:35:58 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:35:58 GMT
server: HTTP server (unknown)
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED8bJDODUXOvZmT-mdPf9rE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 06CE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMabmKSuAFOMx_0kADnx5Rg&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMabmKSuAFOMx_0kADnx5Rg%26google_cver%3D1

43 B
1 KB

34ms
33ms

Image
image/gif

185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMabmKSuAFOMx_0kADnx5Rg%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMrGkwIQ-72ZAhjnsJK7ATAB&v=APEucNXNie722v884JXfsDyWYNTIzsfngS4Fcx8_WrNx46gjghz9RD_dUr_mlhLR5kZ23AOs-ODyRHM_bvgWWlL8ex1iFt2OA8EVkjc8wCU3cMAgT-X-g6Gm7j6Fa9ULUq-zdiFQVdcyh2SoiXLCNSNUkWONHhu4PWQO1FqhmMX0f9P84D0MdGU

Protocol

HTTP/1.1

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 23:35:58 GMT
X-Proxy-Origin: 185.232.23.185; 185.232.23.185; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 68ed06e7-f15b-47ec-bd87-d300f2905196
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 23:35:58 GMT
X-Proxy-Origin: 185.232.23.185; 185.232.23.185; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 79973b22-ec84-4283-af2f-169fb465c316
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMabmKSuAFOMx_0kADnx5Rg%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 06CE
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk5NzkwNDQ0NjI3MzYzOTIwMA%3D%3D

170 B
190 B

64ms
16ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk5NzkwNDQ0NjI3MzYzOTIwMA%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:35:58 GMT
server: HTTP server (unknown)
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 23:35:58 GMT
X-Proxy-Origin: 185.232.23.185; 185.232.23.185; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 002c6f82-5df5-4bd1-bc13-b1fc9d4295a8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTk5NzkwNDQ0NjI3MzYzOTIwMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 882F 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f211d5515e06968363611e44e707886e702b561ade1964a285437f9de9af8a19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 882F 0
62 B 45ms
44ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 23:35:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
server: cafe
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"

GET
H3 200 container.html Show response
87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3BAE 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 27 Nov 2021 23:35:57 GMT
expires: Sun, 27 Nov 2022 23:35:57 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 86AF 0
0 81ms
80ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=1695488072879950&rc=
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame FB7A 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 02:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 02:34:21 GMT

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 92AB 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:22:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 17:22:12 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 3BAE 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
URL: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 23:17:08 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3BAE 8 KB
1 KB 83ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
URL: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Nov 2021 21:48:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Nov 2021 23:35:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Nov 2021 23:35:58 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 3BAE 14 KB
3 KB 89ms
7ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css

Requested by

Host: 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
URL: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323059
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 05:51:39 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame 3BAE 355 KB
123 KB 89ms
7ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Requested by

Host: 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
URL: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125995
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 16:07:26 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 3BAE 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
URL: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 23:16:52 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 3423 0
18 B 17ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.haibunda.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Sat, 27 Nov 2021 23:35:58 GMT

POST
H2 200 api Show response
www.haibunda.com/ 36 KB
10 KB 243ms
243ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb7637fb42fc291914656f7112c0b288bdd2961ff42546730daa7b7da46db898

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept-Action: beritautama%2F47
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish4
cf-ray: 6b4f2d0c8df7f933-MXP
x-xss-protection: '1;mode=block'

POST
H2 200 api Show response
www.haibunda.com/ 61 KB
13 KB 418ms
417ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43c4a17436f23370f3d364bc1f64ee8b9a65aa3ad27310ae8bc5adbad3c292fb

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept-Action: search
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish1
cf-ray: 6b4f2d0c9e07f933-MXP
x-xss-protection: '1;mode=block'

POST
H2 200 api Show response
www.haibunda.com/ 6 KB
2 KB 226ms
226ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f476514fa2f753e600ebc50ba73905337b344d8bac152f7549ecab2cda6dc83

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept-Action: author%2Fkolom
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish3
cf-ray: 6b4f2d0c9e0bf933-MXP
x-xss-protection: '1;mode=block'

POST
H2 200 api Show response
www.haibunda.com/ 933 B
392 B 224ms
223ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9662f11021061dc643fe015acc4a28870cb8b3c9877e6ca4976c6f021786e68

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept-Action: tags%2F47
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish2
cf-ray: 6b4f2d0c9e0ef933-MXP
x-xss-protection: '1;mode=block'

POST
H2 200 api Show response
www.haibunda.com/ 69 KB
14 KB 218ms
217ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e2c025e605115feee451785985fc924023d9473e44787a8c25d8c72e221f01c

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept-Action: mostpop%2F47
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish4
cf-ray: 6b4f2d0c9e13f933-MXP
x-xss-protection: '1;mode=block'

POST
H2 200 api Show response
www.haibunda.com/ 270 KB
54 KB 1275ms
1275ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd9f492dfb66e4c79d17d3807524d04c8c73ef58840ef012c79555039c66c495

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept-Action: nonheadline%2F47
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish1
cf-ray: 6b4f2d0cae21f933-MXP
x-xss-protection: '1;mode=block'

GET
H2 200 right-arrow.png
cdn.haibunda.com/images/ 504 B
831 B 191ms
191ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/right-arrow.png

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

ba5a40a31c43363bd0ea2c1ee5bf53887702c099e598464860969fc0dc78852f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static8
cache-status: HIT
etag: W/"5db2a88f-1f8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 asyncjs.php Show response
newrevive.detik.com/delivery/ 29 KB
7 KB 976ms
214ms Script
text/javascript 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://newrevive.detik.com/delivery/asyncjs.php

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive5 /

Resource Hash

bda2b2b3fe408efaec1312cdc117f353a14e6d1717f1846d827c319c5836bbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: revive5
p3p: CP="CUR ADM OUR NOR STA NID"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1;mode=block
expire: Sun, 28 Nov 2021 00:35:58 GMT
x-cached: MISS

GET
H2 200 detikconnect_auto_login.js Show response
cdn.detik.net.id/libs/dc/v1/ 993 B
801 B 183ms
183ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/dc/v1/detikconnect_auto_login.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/connectdetik?fn=onLoginClient

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static3 /

Resource Hash

147abcd981f7939f14184e96ef62d2d08885057b34e1aaea210bebb2dcfc02ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Oct 2021 03:30:43 GMT
server: static3
cache-status: HIT
etag: W/"6167a463-3e1"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: MISS
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 contextads. Show response
fundingchoicesmessages.google.com/f/AGSKWxUoVaadcyOgSd1G72ujf4yY4hEiZZoVXY2GYL19W4GYituhC6BbF-qpI4ZH2VSeKdgLFBnpaXTFaWO0xYlB1jIe9BmgGTLYfIECsmKUStldv-Y3b--80L9A1f3GdnxdP_eqo3vogvU72ndA_B0sWX640WaFB... 54 B
106 B 23ms
23ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUoVaadcyOgSd1G72ujf4yY4hEiZZoVXY2GYL19W4GYituhC6BbF-qpI4ZH2VSeKdgLFBnpaXTFaWO0xYlB1jIe9BmgGTLYfIECsmKUStldv-Y3b--80L9A1f3GdnxdP_eqo3vogvU72ndA_B0sWX640WaFBseKxyyWu4YVGY-56Phkmq-D7d5gAQFsxWVCvEG8g9OVd-c18P9RNH_QCuKP-0Rn_RR9bpxOFlnLKrob5Ck=/_/rightads._580x100./adsAPI./bottom_ad./contextads.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.ALA4OqZZCE4.es5.O/d=1/rs=AJlcJMyrSuqEprDq2DwP8FA7mdb1CLxEkA/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e669e0d5c0ab70545fe0ddd2ec85f1a323adc26c7e1b22bd276160909c9094f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yJVZuvbyu3KfSXhzV1QLoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-yJVZuvbyu3KfSXhzV1QLoQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-yJVZuvbyu3KfSXhzV1QLoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-yJVZuvbyu3KfSXhzV1QLoQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.ALA4OqZZCE4.es5.O/d=1/rs=AJlcJMyrSuqEprDq2DwP8FA7mdb1CLxEkA/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85753003131a1b2621547b01785257fb2fbe12b77fef0fe6a01eb3d5a0ddfc6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8774
x-xss-protection: 0
server: cafe
etag: 6725025187659002337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 00:29:34 GMT

POST
H3 204 AGSKWxWUjBoipq_fj0Rk7BgD_yWd2qOULgpU6ARtwLrGpH5Og_qNDL9ZpFURc0zgXRDb09fs2-7yZgbaNgYAxZM16euAfEOLDTtXqwCTNwqz-Eopz2JIy6bFMn7HVXw7Di6pgcy1nBMttVZFtEak8t-CzCKDgLBPYJJdO8f3mpTMmFeXicFyfTSog2CzAczv Show response
fundingchoicesmessages.google.com/el/ 0
27 B 20ms
20ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWUjBoipq_fj0Rk7BgD_yWd2qOULgpU6ARtwLrGpH5Og_qNDL9ZpFURc0zgXRDb09fs2-7yZgbaNgYAxZM16euAfEOLDTtXqwCTNwqz-Eopz2JIy6bFMn7HVXw7Di6pgcy1nBMttVZFtEak8t-CzCKDgLBPYJJdO8f3mpTMmFeXicFyfTSog2CzAczv

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.ALA4OqZZCE4.es5.O/d=1/rs=AJlcJMyrSuqEprDq2DwP8FA7mdb1CLxEkA/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Hb2+2fqLlb0QGLMeql2YXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Hb2+2fqLlb0QGLMeql2YXA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-Hb2+2fqLlb0QGLMeql2YXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Hb2+2fqLlb0QGLMeql2YXA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 thetracker-haibunda-v3.min.js Show response
cdn.detik.net.id/loganalysistracker/ 6 KB
3 KB 184ms
184ms Script
application/javascript 203.190.242.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/loganalysistracker/thetracker-haibunda-v3.min.js?v=3.1

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.172 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-172-242.190.203.detik.com

Software

static3 /

Resource Hash

6d0a94daeed6fb13bff4a040ee8a19cf4e987f9425b42dc2c116f4c7b2717039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 02:34:34 GMT
server: static3
cache-status: HIT
etag: W/"6018ba3a-185f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3BAE 0
327 B 518ms
186ms Ping
image/gif 2607:f8b0:4012:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kwigccvt&c=2685224843141&slotId=1342612421570.5&qqid=CKeqn9vaufQCFRXFuwgdaqIJug&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:81b::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:35:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 3BAE 15 KB
16 KB 35ms
12ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 279579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 17:56:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 3BAE 15 KB
16 KB 23ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 122170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:39:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BAE 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CpnJB3cCiYefHLpWK7_UP6sSm0AuLy4bcZviMmczjDvAuEAEg4P_mHGCV4pCCoAegAcKehJcCyAEFqQI9UZ7Elf2yPqgDAcgDmwSqBOwBT9DB-c1PRUBcOLFEtpM229SWt4JedGqNWR3MFV3vG4Zr7Wx6xeBViS0XHUmtYuPlzPrvTAHMmFOen-CzYsaGvrRURwwzJvCGHX3iqkL7xfL8rkX0hPTh2D4a-UJDwc0AT90DWY9alPaina3d9_KQcynbYS5SwsX6U0jWyMZ_AiywqhBP2a5HXS-iMgNi2O1SZWfWXbiuy6nCnwSucEw01StZGnqGOD_nRAatrCsCTqcToo74me0MPpfaTb7IeU2iiB9aWxe0UtxwDpktoijd49fCjBgHXSQ1u-JCeReLmpJM410CrkiV4K_15ALABNfitbPlA-AEA5AGAaAGdoAHpuH76AGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgPICwHgCwGADAGwE4CPsA3IE5qq6N4D0BMA2BMKiBTWAtgUAdAVAYAXAQ&eventType=clickstring&clientTime=1638056158271&ai=CpnJB3cCiYefHLpWK7_UP6sSm0AuLy4bcZviMmczjDvAuEAEg4P_mHGCV4pCCoAegAcKehJcCyAEFqQI9UZ7Elf2yPqgDAcgDmwSqBOwBT9DB-c1PRUBcOLFEtpM229SWt4JedGqNWR3MFV3vG4Zr7Wx6xeBViS0XHUmtYuPlzPrvTAHMmFOen-CzYsaGvrRURwwzJvCGHX3iqkL7xfL8rkX0hPTh2D4a-UJDwc0AT90DWY9alPaina3d9_KQcynbYS5SwsX6U0jWyMZ_AiywqhBP2a5HXS-iMgNi2O1SZWfWXbiuy6nCnwSucEw01StZGnqGOD_nRAatrCsCTqcToo74me0MPpfaTb7IeU2iiB9aWxe0UtxwDpktoijd49fCjBgHXSQ1u-JCeReLmpJM410CrkiV4K_15ALABNfitbPlA-AEA5AGAaAGdoAHpuH76AGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgPICwHgCwGADAGwE4CPsA3IE5qq6N4D0BMA2BMKiBTWAtgUAdAVAYAXAQ

Requested by

Host: 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
URL: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:35:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 3BAE 30 KB
15 KB 108ms
51ms XHR
text/xml 142.250.13.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Avr6WG4CIm0AUaOPZqukPVaVRhM5sfqG4Xja51r2DmQnR1yUrDXdLEOoQ1GbpxUa6r9bQeVCyThnAbXjD5UXtKOpxndA&cry=1&dbm_d=AKAmf-AbImuQE1BIcdbk0hNS8wzka2XKEZO3DaVeS01eRaoPnaYWe5cad0c71sSsfR5fCsqtrbcJ-3nlm5oO9dbNhUF0zwfwpethX1wf0JyH_-aKHIH_XDfHLYq_F_jl1n1kcyzscvR3tGPVJwG0X4CAYZKRC7juPBh_YgQFSwu3sfpzRDMb0PaDgKC88tt5cNW5RdpjhhbO8vXLfMB_U-iJfIvSr5dDEXmIJHUvvRgCKYrkDrhELFuGwTM3xU0uSEbAsVKtQ1Gs6pXtLNTDpNEkMHLyuqMGeILywHxDRnM-YK2QPoGbYre2IroTpLa5zhXnb63-SpNexgWP2R9ymKO-SY3tE7FBbMcAJ1VADY8keV9Fl8uY2_9UCNHoO559X1WT1DeoKr_YPbRe2CcIyrtf7l4OSZ10JlKx7aP7LRM9Fz2iAWvA2kNK9waS73VsEuutbYNb0SFR7g5UOHGBSyYnkZsytsXS-JpTgI9T3cHaQUbR2isE_zDTnyRrMmnDaNLzO4xPNBoIf5wBrFcs9RUu4Drpj02dQE7v_MtxnTm3iq9HvYe2pWKMHtvlvGp65PgYDXNvJ2Xu_ISReBKFW0spaE2-qLEVpWkr9Vl8s5bw7b4_Y9yA2sHpf1YSFtQVKxeOv7t0RnOQCEVddTn323Ux5P0YOik7mUhf77t6VTBb6ih9RXHYbSTL-LnaaAXloFNeYpfdtviUPpdwP5_GqomyZKG1Lm8D25kaKqClu_nTamsu39llpkJJtCl0Ul4ndIVia41bOaavrvpCJ-fH72KdbQYKHy_taEw3Ff1c_ifJzmAZho0jtyYLBQVKa5Dh-rCMvsTE9U-U0gFYWileN6zpCQD4eo_48DHJFvE9VKJAlUrGQOkj9ysjnYyLgtqnAa_tet3WRtY-jP6cvpXn9Hacesu4HTbQk2fS81NPc2vQyzClE4E8j7jFuleFVWu5RVo37StrKuUzNFYOrnjQnoMPofyFexbIXsAEXWY6__jRembzIdPHL1xA5pq-l9FIRL27Io3LPliZQhEvX8zatMKYK2cL1hp3vZVsukFcd2jEQRGg8YjSy1p8S4wcf0sFltdoWk7E7C15cnxM2dMxyXV4igqcuFBVQo2KFHb9o1RW6vKPfGvFJlel7pI5KAKbzffDsgTUp2Z0nFAtfD_o1iN45Wd7m1oVdgrp5OQcGhb-DOicZ2E6UXp7ZRkIjxfF7kclrfiwR4VxBThnIm8xchnysGGLVKM3TU5p3jJ-on0Ia6kvyrSjy5VGMolyiCz0b5QazDfrrPckow4OOZycHwOgM3aZRA1sm7M6_dLKTL8QVM3Y3Yqwv9fnABMM1RuiTge8vQY1VaUR9HRjUV4EfskjBKmG2FnshdXYCgp7AIWMfqFbbTZUPH2EE496XIHUubop1zcO8jS_9Hc-4Ai1B28C1UPykH87RuOFNjREvgA1109_XjuaMt8P2xt0DjuLKE7g4Ob5Cr36ZCG6iyxQYYWpPFmRJgPQjRxIdYmBiOCmGeC17mVPQnc5psa3t7OOdDz9Q8fl7qJit_VIfjmjCBLTbrVSs8XyRCpIdpwkqEMawh0R8NlWs7TEsslP3GAQMgq9Fjb2DaDG43kxCkEHupsewJiaMFIDCnYWWi7qNmvefIgU5IVCuvdHpBLZlWEPSDRuRV5phH0dPmGLVHIg_Ee21M_FWO_GCT75nXN96uFHEockNi6VMZCpoAzLrvxs_TQt_VAyNlAb2FZcDidpn8rNTtf1rUnjwhOzkJz-MgLzQd6ADiIN5fqxXUBvWbAauaVkKzqc8332OHdVtJ5xxXU0AKFvzM9hT6G6B-6fOrLBegrSE9C3nEKadIHKFGmeKKa04b2h7mkr7ljAI5tsgjmZdpJNg32AvY2lW8zzP-6w036FtvRIJRXdzrKQiadXqXwBWOBc8piDf6aR96FUG6SyzGS7JKTTjJc6RFi_aplWwPyH_Ti9jQOQGUOkpbhwxTTM_9ZzI2aXO60RLPg4UQXb3N6ZXTHBKCVE9Ktr8teBlCfWl-FdUSUAm0gfFU1mwMa8P9GIlfTHNgbfWkk3vUyp-p1QHjSn4IrtaSRuEkIPyWnoGiNFmdL1bXVnvFb9sCEkUdueRol2NxYQecImqGPGnqC3y7J_LKN_0_aPTJjm8-l2NyFm6hY4jugFIKHSEHBRrTfq07jRHtYE1DF2iM7k6rrOW0rRB5XGkAhcP7p-MLwpEN7YT6wbRyLYDJZmeSATjGWG-cDjPZUIu6dg25sUF4_7EM2AKkyDcXxvsYWD7f0Ji6atk9dWmBEStTSXJDuuVr1QNB3tcmkCoyWX4mKVVl7GmnnQYwUy8tuewja53JiHeYsHA1XcybG9ZvWpszX_fBH3qmkY4yWIfviHqRVvNIZkhPKAF9sS8dbVbD6m0RHxlH34DZ8X93RvzqqtjomeJ6Z0BzGd-JmXbl92WXPpVDuFF8H8lZgwKhCjlW42EVIbRK1ngUJ-kDVKReH75JEPokSwm7Wz0lFAgy9Fz_-k1D5j7gon_CzwFhboICYsW1jes3Lra949grVX9RQJBPCZZ-TQoqn89AS4XsZvil9lEM-x38KuFzgCatJaqiKDXTVwzBdwQvk1Cu27_TvXjacnecAEXP05H_YVDPAehJPqpT-CGj7YrGtIq2lPoWRQuc-Mq4VOi6YDGmvpYVWM2yZGgLEdMFAZJ5lbziQBpBZp82TGzhcMPxJ9zk1FyKl285iwYqaU1UfPwV92QBXPtWuLgn2BAEvcXO5tlS5QZlfCX1QZTgPIQi_tkuTiW76Uv1SxwqSVpx8XVuDm1nOMsuckxTJRn0YEHvTJK5e_S_IiYLEqQUfH70zsUGsRZPjrHCulgeiZ6nh1o_WaGrSvSCYoYUZ56FNHivxMCoI1zbdsEAdpl47h9KLaJVEa_vQHMQSROSN627Ah2I1-CvtOacmfHT-o5czccyit7bF6eshOgucXpzHsB8EnOhGE22vvWuRmHM8boeJgA6RonCRVxILjwhU9bR5lDabulrpMOok4tk8R08nIeAstQCoK3tvv7yyCQvmUFlIYesF8DS5OHE9gjFwz4oouAvYiqrc-0M2bysbGbFbP55axuT9LmYK1Df869pSZ25G1EOyUBwf2ASPnDc8ZrQ5SLhJ5Nk0yNYeJjQuELeDHx9b4aepRfu_zt0HoLWBTc9bLNB179cRgBRoQ9XPB1oSSdhfTRhuhq1TDj7GWbqppovBjNESf6XlgidGks9uRdJ7Y8blBbpJeDenuD2sDOwtwscinnHnhoQgg1E5-qHhxeSBY__Vc4CyAzkOKfalrasw2SCW2cdwHKKbFsReeVxNYQ2jLB6QDBn4psFYyo2rTzTK8ct_1sgfD7OIqQLJY26sJZP0aBcEcNW3DZTnz_K1l62CXCDiQNUk03IQ85Sj2uZIk2gTgKgg8DoKebKwaD9YJhgInu_6UZiEbatxO1RWI&cid=CAASFeRo-spobHFHxpFRPNXHYsbMMCNx8Q&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.13.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

we-in-f157.1e100.net

Software

cafe /

Resource Hash

f0b8f2f1618721708ad8ba50af0aefd2097fe32505402a7dc0cba3b53193b854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14961
x-xss-protection: 0
pragma: no-cache
server: cafe
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3BAE 0
0 46ms
45ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CiYyu3cCiYefHLpWK7_UP6sSm0AuLy4bcZviMmczjDvAuEAEg4P_mHGCV4pCCoAegAcKehJcCyAEFqQI9UZ7Elf2yPqgDAaoE6QFP0MH5zU9FQFw4sUS2kzbb1Ja3gl50ao1ZHcwVXe8bhmvtbHrF4FWJLRcdSa1i4-XM-u9MAcyYU56f4LNixoa-tFRHDDMm8IYdfeKqQvvF8vyuRfSE9OHYPhr5QkPBzQBP3QNZj1qU9qKdrd338pBzKdthLlLCxfpTSNbIxn8CLLCqEE_ZrkddL6IyA2LY7VJlZ9ZduK7LqcKfBK5wTDTVK1kaeoY4P-dEBq2sKwIWprG-hsIP356hfFxXfk4j1kiKgLA3un8wcZN8hycBIvT7CkJ-GpiV-yGV-vHMxOk3e533cRozlgv6b8AE1-K1s-UD4AQDiAWUtcKAOZIFCwgiEAEYAUio_KUBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAem4fvoAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKEIrRJxiJx6m7AdIICQiI4YAQEAEYHYAKA8gLAbATgI-wDcgTmqro3gPQEwDYEwqIFNYC2BQB0BUBgBcBshceChwIABIUcHViLTA0Mjg1MTYxNjQyMjUxNzIY4M8R&sigh=tfHWySR48LI&uach_m=[UACH]&cid=CAQSPgCNIrLM_N4pKHAlQgIwCAes4HhkaJFcDpPdADe1OiZHZ_239IegMtEnoGhkwBBbXtJTFWOqL4GS5BXXUmG2&vt=10
Requested by: Host: 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
URL: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 3BAE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b154c3045e03f762b3f12acca6a29588a882ed5cd08d2a7381e68646ee2f88b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 AGSKWxWUjBoipq_fj0Rk7BgD_yWd2qOULgpU6ARtwLrGpH5Og_qNDL9ZpFURc0zgXRDb09fs2-7yZgbaNgYAxZM16euAfEOLDTtXqwCTNwqz-Eopz2JIy6bFMn7HVXw7Di6pgcy1nBMttVZFtEak8t-CzCKDgLBPYJJdO8f3mpTMmFeXicFyfTSog2CzAczv Show response
fundingchoicesmessages.google.com/el/ 0
26 B 20ms
20ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.ALA4OqZZCE4.es5.O/d=1/rs=AJlcJMyrSuqEprDq2DwP8FA7mdb1CLxEkA/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GuRaK6v3VwY/vqrLAVEycA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-GuRaK6v3VwY/vqrLAVEycA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GuRaK6v3VwY/vqrLAVEycA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-GuRaK6v3VwY/vqrLAVEycA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWUjBoipq_fj0Rk7BgD_yWd2qOULgpU6ARtwLrGpH5Og_qNDL9ZpFURc0zgXRDb09fs2-7yZgbaNgYAxZM16euAfEOLDTtXqwCTNwqz-Eopz2JIy6bFMn7HVXw7Di6pgcy1nBMttVZFtEak8t-CzCKDgLBPYJJdO8f3mpTMmFeXicFyfTSog2CzAczv Show response
fundingchoicesmessages.google.com/el/ 0
27 B 54ms
54ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.ALA4OqZZCE4.es5.O/d=1/rs=AJlcJMyrSuqEprDq2DwP8FA7mdb1CLxEkA/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ni3cPZ9q3MwwZzw4yX/rmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Ni3cPZ9q3MwwZzw4yX/rmQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ni3cPZ9q3MwwZzw4yX/rmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Ni3cPZ9q3MwwZzw4yX/rmQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXgj2VTsffnV9pSt6Jm9CK5559yPYLFT3LtaBBMwB4yrUQeDSkCAL-ZtAeYIEAQPqdTPljeKZojtaIGSA1FOGFMjEmUeTSKy9uUwf_1udkDHuty4zLP1QjuWmsZaZX3IUUCDmYj01K0amYSsFgP2Pf_vpXkk891d8ZK0tS0sv18SfsV_hSIPz0DwsRL Show response
fundingchoicesmessages.google.com/f/ 40 KB
15 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXgj2VTsffnV9pSt6Jm9CK5559yPYLFT3LtaBBMwB4yrUQeDSkCAL-ZtAeYIEAQPqdTPljeKZojtaIGSA1FOGFMjEmUeTSKy9uUwf_1udkDHuty4zLP1QjuWmsZaZX3IUUCDmYj01K0amYSsFgP2Pf_vpXkk891d8ZK0tS0sv18SfsV_hSIPz0DwsRL?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM4MDU2MTU4LDM2MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsNl1dLCJodHRwczovL3d3dy5oYWlidW5kYS5jb20vIixudWxsLFtdXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.ALA4OqZZCE4.es5.O/d=1/rs=AJlcJMyrSuqEprDq2DwP8FA7mdb1CLxEkA/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2c2966aae8201bc780e69791af145c18f8ef0167896f2fa01c6d1532baebd9a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oyYeXfRZBScznmhdzAUBkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-oyYeXfRZBScznmhdzAUBkQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-oyYeXfRZBScznmhdzAUBkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-oyYeXfRZBScznmhdzAUBkQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWUjBoipq_fj0Rk7BgD_yWd2qOULgpU6ARtwLrGpH5Og_qNDL9ZpFURc0zgXRDb09fs2-7yZgbaNgYAxZM16euAfEOLDTtXqwCTNwqz-Eopz2JIy6bFMn7HVXw7Di6pgcy1nBMttVZFtEak8t-CzCKDgLBPYJJdO8f3mpTMmFeXicFyfTSog2CzAczv Show response
fundingchoicesmessages.google.com/el/ 0
26 B 56ms
55ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.ALA4OqZZCE4.es5.O/d=1/rs=AJlcJMyrSuqEprDq2DwP8FA7mdb1CLxEkA/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-82fl7nmm4Mj/wZHZ1uTDuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-82fl7nmm4Mj/wZHZ1uTDuw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-82fl7nmm4Mj/wZHZ1uTDuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-82fl7nmm4Mj/wZHZ1uTDuw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 01F6 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 3BA2 0
0

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 3BAE 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 279929
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 24 Nov 2022 17:50:29 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-4g5lznle.c.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669592158/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 3BAE
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669592158/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r1---sn-4g5lznle.c.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669592158/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

54ms
8ms

Fetch
video/mp4

2a00:1450:4001:1d::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lznle.c.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669592158/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4C9F7EDD49D77A66B375573C4B093D82B4FD218E.3CF5FC838557B0636ED165E794672CE00C12DF75/key/cms1/cms_redirect/yes/mh/y7/mip/2001:ac8:20:90:13c::1/mm/42/mn/sn-4g5lznle/ms/onc/mt/1638055957/mv/m/mvi/1/pl/54/file/file.mp4

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:1d::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 23:35:58 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2185448
Last-Modified: Thu, 18 Nov 2021 13:11:20 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 27 Nov 2021 23:35:58 GMT

Redirect headers

date: Sat, 27 Nov 2021 23:35:58 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 650
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r1---sn-4g5lznle.c.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669592158/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4C9F7EDD49D77A66B375573C4B093D82B4FD218E.3CF5FC838557B0636ED165E794672CE00C12DF75/key/cms1/cms_redirect/yes/mh/y7/mip/2001:ac8:20:90:13c::1/mm/42/mn/sn-4g5lznle/ms/onc/mt/1638055957/mv/m/mvi/1/pl/54/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.js Show response
static.vidy.com/0.38.5/ 767 KB
246 KB 86ms
39ms Script
application/javascript 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/0.38.5/index.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4e4b573af97b478459b02295bbb9c85f1e4125fc4e44b23974fbea22a687b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haibunda.com/
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1632151626
age: 148372
x-guploader-uploadid: ADPycdt4AWW7sLNbbTRxyxXquCQ0q53SxQTgdoKnbDsJFRcd9KHyDFX7FabC6pdeICrh49K3D0pfc1L9b6hQdMcxKhg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
last-modified: Mon, 20 Sep 2021 15:27:25 GMT
server: cloudflare
etag: W/"adb6bb0bddb9236e076354be09c1d8df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=vk2y4g==, md5=rba7C925I24HY1S+CcHY3w==
x-goog-generation: 1632151645319398
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 785503
cf-ray: 6b4f2d0e9919374a-MXP
expires: Sat, 26 Nov 2022 06:23:06 GMT

POST
H2 200 banner Show response
www.haibunda.com/api/ 12 B
89 B 212ms
212ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/banner

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eca0fe7087d47bf8bba5ab355c02dc00bd403498edcdf259cb8eced59e8db45

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept-Action: newsfeed1
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish3
cf-ray: 6b4f2d0e688ff933-MXP
x-xss-protection: '1;mode=block'

GET
H2 404 ajax-loader.gif
cdn.haibunda.com/css/ 0
0 192ms
192ms Image
text/html 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.haibunda.com/css/ajax-loader.gif
Requested by: Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-172-221-49-103.detik.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 left-arrow-pink.png
cdn.haibunda.com/images/ 1 KB
1 KB 194ms
194ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/left-arrow-pink.png

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

73ddd587b27ed08c0768aae3a8394ab600e2bcb585bec9003dcf0a8bf2955cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Sep 2020 07:32:33 GMT
server: static8
cache-status: MISS
etag: W/"5f72e311-451"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 right-arrow-pink.png
cdn.haibunda.com/images/ 1 KB
1 KB 194ms
194ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/right-arrow-pink.png

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static8 /

Resource Hash

ddcba9cb7bf4ad80842a32d4302ce18d28b318818c9107f175224b9b486154b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.haibunda.com/css/haibunda.cb.css?v=3.4.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Sep 2020 07:32:33 GMT
server: static8
cache-status: MISS
etag: W/"5f72e311-449"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET slick.woff
cdn.haibunda.com/css/fonts/ 0
0

GET
H2 200 me.html Show response
connect.detik.com/token/ Frame 223D 288 B
544 B 1273ms
310ms Document
text/html 203.190.245.173
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.detik.com/token/me.html?autoLogin=1&clientId=10166

Requested by

Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/dc/v1/detikconnect_auto_login.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

203.190.245.173 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s5-173-245.190.203.detik.com

Software

Tengine /

Resource Hash

4ead2bd6c769b87d010407b5bea2b3b642b1d5bcfea1d9103e5044f9c02195fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

server: Tengine
date: Sat, 27 Nov 2021 23:35:59 GMT
content-type: text/html; charset=utf-8
x-content-type-options: nosniff nosniff
x-xss-protection: 1; mode=block 1; mode=block
vary: Cookie
access-control-allow-methods: GET,POST
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip

POST
H3 204 AGSKWxWeI8Po0eyhC60M6ArTokYdJpAPBdm6-Kb-2Qp6osYnEPHaHtwZkEt0_shBkS3gv5xAgT-znNVAeyRqeuEJ27cCOKQeJWvFSZ3n-5hPNisUXz8LjynQXfUVIzCV5stKpHadey6c5vXqgi5qUPO9Qky5h-6XLpkhVb4tZ1werc16Te4_u9RR_CM_6gad Show response
fundingchoicesmessages.google.com/el/ 0
26 B 19ms
19ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWeI8Po0eyhC60M6ArTokYdJpAPBdm6-Kb-2Qp6osYnEPHaHtwZkEt0_shBkS3gv5xAgT-znNVAeyRqeuEJ27cCOKQeJWvFSZ3n-5hPNisUXz8LjynQXfUVIzCV5stKpHadey6c5vXqgi5qUPO9Qky5h-6XLpkhVb4tZ1werc16Te4_u9RR_CM_6gad

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.kelJNyiwGDM.es5.O/d=1/rs=AJlcJMzMkibWUc1KzRTXaSDcYRMAbh1cRg/m=cookie_refresh

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FmZcMGqdz2QT3jU8wBHPMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-FmZcMGqdz2QT3jU8wBHPMA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-FmZcMGqdz2QT3jU8wBHPMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-FmZcMGqdz2QT3jU8wBHPMA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWeI8Po0eyhC60M6ArTokYdJpAPBdm6-Kb-2Qp6osYnEPHaHtwZkEt0_shBkS3gv5xAgT-znNVAeyRqeuEJ27cCOKQeJWvFSZ3n-5hPNisUXz8LjynQXfUVIzCV5stKpHadey6c5vXqgi5qUPO9Qky5h-6XLpkhVb4tZ1werc16Te4_u9RR_CM_6gad Show response
fundingchoicesmessages.google.com/el/ 0
26 B 58ms
58ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-um4yxRgn4KTjdQc0pIEKqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-um4yxRgn4KTjdQc0pIEKqg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-um4yxRgn4KTjdQc0pIEKqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-um4yxRgn4KTjdQc0pIEKqg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 montserrat-bold.ttf
cdn.haibunda.com/fonts/ 43 KB
44 KB 517ms
516ms Font
application/octet-stream 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/montserrat-bold.ttf

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static11 /

Resource Hash

d2cafb73ea65d999b1c2e7cb5db2d634033f618c727d1df26442d77122dbd6c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static11
cache-status: HIT
etag: "5db2a88f-acac"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
accept-ranges: bytes
content-length: 44204
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 opensans-light.ttf
cdn.haibunda.com/fonts/ 36 KB
37 KB 517ms
516ms Font
application/octet-stream 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/opensans-light.ttf

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static11 /

Resource Hash

3fc333eb3107febd406586ee8206bc0ee2aeb7f6c7a77f3923a353b72b0ca080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static11
cache-status: HIT
etag: "5db2a88f-91d8"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
accept-ranges: bytes
content-length: 37336
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 box-ad575b5823df97fc9725e14a57070642.html Show response
vars.hotjar.com/ Frame E030 2 KB
1 KB 48ms
13ms Document
text/html 13.226.145.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-961139.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-106.dus51.r.cloudfront.net
Software: /
Resource Hash: f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

content-type: text/html
content-length: 1050
date: Tue, 16 Nov 2021 11:16:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "a123045c9cc95cfe44d6b5d126b9f1a7"
last-modified: Tue, 16 Nov 2021 11:15:47 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: ytZHEbl4QEteIk3-ZsTW87CXormx4ekpviPO6A4cnfIaxDawec4Xfg==
age: 994792

GET
H2 404 undefined
www.haibunda.com/ 26 KB
26 KB 220ms
219ms Image
text/html 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haibunda.com/undefined

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95e07552647dba0920cbdbad1e6ad21bc1f27048a691e9f576a78334e71f1576

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: text/html; charset=UTF-8
s: fe-publish2
cf-ray: 6b4f2d0ed912f933-MXP
x-xss-protection: '1;mode=block'

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 01D7 23 KB
9 KB 8ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Wed, 24 Nov 2021 17:50:29 GMT
expires: Thu, 24 Nov 2022 17:50:29 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 279929
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FB7A 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BphC-3cCiYezuJcaN7_UP-uOfkA4AAAAAOAHgBAI&bg=!s7ClsPTNAAZQLpa_UC47ACkAdvg8WjXc38SDCM6Dd1_KVL2TF3M3HNtCINIviIbYZN-3YFXNVChH-AIAAAGbUgAAAC9oAQeZAsnzPnSJOrPuqWRYIJ4BuOic4sc5VTQABCcndKw3tSbEjcO6h0_fJ7bGuIoWtPj3D_54-YDuXhAmkYxBvYUdh2vSEm5bY4DE8cjh-RJrHKe4Rd56Y0ZbsyksN4l46mVYCks4Tgr8TfmQilk0WEFttcK6nKEUETU3XMWDRa-8viMJ_T4Se35ET7ddrsjqk_-ai_Ykf5qu32v4kTUzFXj1NO8MEBe9H6GDCjoK5BQLB2c21J98g0c0L94dHkrbJWfUku3-mW01pgH7r7KStqmdzoqfFCd2neEQvk41618oNmrYJBclRETGuz4htnI1uoqxpHiWarKXkRSS9ApV387Rb4KMNWsdTGIZVaXoAYRmRohdcY6eeDEg_LfSB0pj2AmhpozV9C-kzfQCD7NQQLxeNXMN8llHCep1DIwJgKsz5udBYrcrAe0vvI2GNMrEn51r1ZW5_MbGm6LHUsaWG5chx4ptVQRLJ0tt3twa74ACQiYrMT_tIJ4PUxmqLTJTKxbnqOJmapqo9gFWpAUxWdWJFaJdBDqeQE0zTTH3nZoOv1NQiaqlmju3jEBS6PzLzi3v65jz9OOEL50U3w_DAJu54ENts6ZRen8ggnrz4DpwF1qC8Tak_uFmr08wsdQ5GXVuFKh-L-xAtJEx7Yia81Yi5DIAph8OWYSpZYiloZ0lXpuIbXkQOTtH2-QFNOFRfnayq3-qvA3fTkmkEewm5OBGNB6B2gqbu9KsT6TGR6SOmYSPHWmllUZEQNmJaVFAjvobE5zMM9IhVN2iUisMpd9KUtUrjJ3Isths2iTOEUqFv3YbXQ1vY4mb98MYg0ilzcvQbHeXGt2mg4dCgN57BOYY4sPBHugNDXlRzoP86oCSRMqy_g7MzeRh0kJqCiEg6SVQMLdu0fo5waibNphkyqi6DnOiRDOSNkyGUuOZbrpZVmkVD2ofa5ijwrRR2Q

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:35:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/ 393 B
405 B 287ms
278ms XHR
application/json 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/settings

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

466073efb656bb212924c55dc35015a96a726ca786ac872fb4e332908a127781

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cf-ray: 6b4f2d0f6a4e374a-MXP
date: Sat, 27 Nov 2021 23:35:58 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 27 Nov 2021 22:06:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=5, s-maxage=300
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 01D7 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 02:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 02:34:21 GMT

GET
H3 206 file.mp4
r1---sn-4g5lznle.c.2mdn.net/videoplayback/id/69e75252ff07ccb1/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1669592158/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 3BAE 2 MB
2 MB 18ms
8ms Media
video/mp4 2a00:1450:4001:1d::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1d::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

64f92ac5b3e5e53a9fbe7815fc07b9c10de1e6489f1c020041f543fb1c84ba3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2185447/2185448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2185448
expires: Sat, 27 Nov 2021 23:35:58 GMT
last-modified: Thu, 18 Nov 2021 13:11:20 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
client-protocol: quic

GET
H2 204 961139 Show response
vc.hotjar.io/sessions/ 0
257 B 71ms
37ms XHR
text/plain 13.226.145.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/961139?s=0.25&r=0.23561764951591702
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.376dac12c7cbd03331c3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-7.dus51.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: -DmI3A-A_H-60THrPpGIGPrmpKPNCo2zEg8RcU7QiO40DaMlR2k-vg==

GET
H2 200 6bcadd65ddca5022b2642cee6f7144aa.jpg
images.detik.com/community/media/detikconnect/2021/5/10/ 7 KB
7 KB 614ms
184ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2021/5/10/6bcadd65ddca5022b2642cee6f7144aa.jpg
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static12 /
Resource Hash: 00d5516e5518784ccb4859d49e80a30b0a027b5b644d0b1102ad6494de6d6089

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
content-encoding: gzip
iresizer: ir-static8
cache-status: HIT
etag: W/"52e5ac4aac19a050a0f46335ed4c216fc4416462"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static12
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6b9fd8d81a98f06906b9d2816204f542.jpeg
images.detik.com/community/media/detikconnect/2021/9/27/ 8 KB
9 KB 791ms
361ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2021/9/27/6b9fd8d81a98f06906b9d2816204f542.jpeg
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static12 /
Resource Hash: f2e426a23e461bb20960dbb9e3aef39a5827af0b0af572a7e48cf1b19f938baf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
content-encoding: gzip
iresizer: ir-static1
cache-status: HIT
etag: W/"e37ec18e2fd7a184acbfaf2b30891b7f28038966"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static12
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a770264d95ec2894a075fe8d6ef92d13.jpeg
images.detik.com/community/media/detikconnect/2021/9/1/ 12 KB
12 KB 790ms
361ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2021/9/1/a770264d95ec2894a075fe8d6ef92d13.jpeg
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static12 /
Resource Hash: 2b3991dce1045bf0ca402d1d8a49bfbedbe421c87d6791b883e92e82c5ac7495

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
content-encoding: gzip
iresizer: ir-static2
cache-status: HIT
etag: W/"15915358813f060d7da914c8be5e093e829dd148"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static12
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 466dbe57f8e363aabd1a9b50a7c91dba.png
images.detik.com/community/media/detikconnect/2021/8/27/ 106 KB
106 KB 791ms
361ms Image
image/png 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2021/8/27/466dbe57f8e363aabd1a9b50a7c91dba.png
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static12 /
Resource Hash: 9905f2438aa32d809922c8eabf800fc907c75801e15e0b29481a7dcf99007deb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
content-encoding: gzip
iresizer: ir-static14
cache-status: HIT
etag: W/"854d875fc634f18d21b52184cb9a221e5f744288"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static12
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ac90113709232ec1073f4279fa0eaa8e.png
images.detik.com/community/media/detikconnect/2021/10/13/ 10 KB
10 KB 790ms
360ms Image
image/png 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2021/10/13/ac90113709232ec1073f4279fa0eaa8e.png
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static12 /
Resource Hash: 776cb49daa7fbef8a13ab76abaed0c92a4f7b09ed9d832cc4665a1e3e6a568e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
content-encoding: gzip
iresizer: ir-static12
cache-status: HIT
etag: W/"0623a395fcf3cff6291ae4f0e01f91d98870af4e"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static12
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ed9c1e05b1011a2d613daffe3881570a.jpg
images.detik.com/community/media/detikconnect/2020/9/3/ 8 KB
8 KB 791ms
361ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2020/9/3/ed9c1e05b1011a2d613daffe3881570a.jpg
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static12 /
Resource Hash: b94579183745a1f26edaa013f39ae71fa693c6e166a7eb7a74dce8e97dd304fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
content-encoding: gzip
iresizer: ir-static11
cache-status: HIT
etag: W/"3d95b4a2e815081ac921a748f884904ef83e6c5d"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static12
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5ad4b128bee190d5b762e7601bd40399.jpeg
images.detik.com/community/media/detikconnect/2019/6/10/ 7 KB
7 KB 673ms
672ms Image
image/jpeg 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2019/6/10/5ad4b128bee190d5b762e7601bd40399.jpeg
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static12 /
Resource Hash: f4cd7f7ed98b0310777a38c4ff88ac0aac7ff110821415e925121b1e8893e350

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
content-encoding: gzip
iresizer: ir-static9
cache-status: HIT
etag: W/"070214d212805fb8cc87ade1b019c490e1fb8cff"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static12
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 86b1e3261456913bd43af15c131becee.png
images.detik.com/community/media/detikconnect/2021/7/28/ 9 KB
9 KB 673ms
673ms Image
image/png 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2021/7/28/86b1e3261456913bd43af15c131becee.png
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static12 /
Resource Hash: e101b567c517c069e8223a925225c87222096a799224ce015ada58452a19c585

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
content-encoding: gzip
iresizer: ir-static12
cache-status: HIT
etag: W/"55b98ae6b531b04d3d48a89af72b82ee7bdfb38e"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static12
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 38a36b0c70b63b95a3647df21c9f1d7f.png
images.detik.com/community/media/detikconnect/2020/10/1/ 10 KB
11 KB 673ms
673ms Image
image/png 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2020/10/1/38a36b0c70b63b95a3647df21c9f1d7f.png
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static12 /
Resource Hash: 9410178c2684d3fcc1067cc765804b8ba6d856d42164db49a95897ccb7db9818

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
content-encoding: gzip
iresizer: ir-static13
cache-status: HIT
etag: W/"3fca812151aa290461d41b4eb4f8765c63874370"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static12
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fd5efce91f7d3c1fe592aba0b20c99ca.png
images.detik.com/community/media/detikconnect/2021/8/13/ 60 KB
61 KB 673ms
673ms Image
image/png 103.49.221.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.detik.com/community/media/detikconnect/2021/8/13/fd5efce91f7d3c1fe592aba0b20c99ca.png
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.102 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),
Reverse DNS: s221-cast-102-221-49-103.detik.com
Software: static12 /
Resource Hash: 936f4961bcf810b503b5e00d6c4347848a3136e1d1c59d7318dd6687332cae1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
content-encoding: gzip
iresizer: ir-static3
cache-status: HIT
etag: W/"6299761b0009c823278e48f8ada4295a03f5db91"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *, *
cache-control: max-age=315360000
middle-cache: HIT
server: static12
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cara-membasmi-ulat-pada-tanamanistock_11.png
akcdn.detik.net.id/visual/2021/11/24/ 57 KB
57 KB 182ms
182ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/11/24/cara-membasmi-ulat-pada-tanamanistock_11.png?w=410&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

2c31f728d5ab455e700b6072ca4bc53b94b9c0937813ce82c736a967548edd70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
iresizer: ir-static1
cache-status: HIT
etag: W/"9bd23cfd6c4b55087b86544977cd5829f1042b97"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ruang-tamu_11.jpeg
akcdn.detik.net.id/visual/2021/11/23/ 20 KB
21 KB 531ms
530ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/11/23/ruang-tamu_11.jpeg?w=410&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

a8524fd8a8584fd91f8c113e7d38fe6d02031986593db92cae33a1d62805b6f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
iresizer: ir-static13
cache-status: HIT
etag: W/"5cf58cbfb7da726f6d826ebc301796ab76b0fd42"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nicky-tirta-bersama-anaknya-2_11.jpeg
akcdn.detik.net.id/visual/2021/11/22/ 52 KB
53 KB 531ms
531ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/11/22/nicky-tirta-bersama-anaknya-2_11.jpeg?w=410&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

233b686449a2feceb0d93620660d90de4a9cc88cdfa974faf4f7d36b14cc7349

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
iresizer: ir-static4
cache-status: HIT
etag: W/"f26fa710ccb3b8228cc1a162cb4fd2ca910a6d55"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lisa-blackpink-4_11.jpeg
akcdn.detik.net.id/visual/2021/09/24/ 55 KB
55 KB 531ms
531ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/09/24/lisa-blackpink-4_11.jpeg?w=410&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

b9a01ce89abb5bf760c23fff8fab0d62221ed2abdb5383606de90d93a361c091

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
iresizer: ir-static9
cache-status: HIT
etag: W/"58c6890285f5329840bc65e852d94bd54fc9b5fe"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ilustrasi-posisi-seks-1_11.jpeg
akcdn.detik.net.id/visual/2021/02/11/ 33 KB
33 KB 531ms
531ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/02/11/ilustrasi-posisi-seks-1_11.jpeg?w=410&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

f9e636f727224622670d7d0f07cd54746b2bb7f2366c3f23c93dfa6a175ca164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
iresizer: ir-static9
cache-status: HIT
etag: W/"3b1c35d9c1ba77d0ed9b344339fb33ac05e1663f"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9f87d396-fbd2-46f7-833f-5b09d931ff1e_43.jpeg
akcdn.detik.net.id/visual/2020/05/18/ 21 KB
21 KB 693ms
693ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2020/05/18/9f87d396-fbd2-46f7-833f-5b09d931ff1e_43.jpeg?w=360&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

d2be6c1b8f8d56695ff6f85c5fb500922b1b0c76a9820e88a78b0fca01b51c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
iresizer: ir-static7
cache-status: MISS
etag: W/"d6cd2b47e5f4c63c457a7601f5f78a5febcb27f0"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ilustrasi-anak-sakit-atau-muntah-di-malam-hari_43.jpeg
akcdn.detik.net.id/visual/2021/10/11/ 19 KB
19 KB 693ms
692ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/11/ilustrasi-anak-sakit-atau-muntah-di-malam-hari_43.jpeg?w=360&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

7737de8ea7813aa2e98822fd89c2d449c0624d17d56a3f00802bdd9e5dca4c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
iresizer: ir-static13
cache-status: MISS
etag: W/"3d8c8deb473973f0712138c6b960fa8463817e5f"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bumbu-dapur_43.jpeg
akcdn.detik.net.id/visual/2021/11/26/ 35 KB
36 KB 693ms
693ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/11/26/bumbu-dapur_43.jpeg?w=360&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

73969a0f836e1d03b3e951961141b6bd630a1d80d0389ba96a5d1b2efe2cb744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
iresizer: ir-static13
cache-status: MISS
etag: W/"b7b94953f99f3b8ca9cb45fefa6b2ff56ab5e623"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 01D7 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BgPjd3sCiYcrMFsHYbai9gbgKAAAAADgB4AQC&bg=!mpmlmd3NAAZQLpa_UC47ACkAdvg8Wplp6EvB9-VVk6vh2V2TKFyON9XiTJNzt_9q56FdrXq4h_jt3gIAAACQUgAAACFoAQeZAswajioA49Aaqh1WDWjvSF_9VwccKH-Ok2PkPwXBHQPy2nYw-lCdfzhREhGjK9078n6s5NzP5Pqny1efsNov-2VMf2A6gFQzG_w6ZmX_E3DLz2Wm2Mz5vGo8NG-d1ka_ME_cHHjk75AYFeTE2RkiihmqW1iXN7UzddcA8iWQaD7EDuKDy7OOQNnTx93Kc4HBu37n6F4peyNrwhNx9JzPeP2rWpawHdXrSc_Sn-NcHX3WtKgG-OXQXb1rKq3ba3abMFO6rPOMnQM5S9NLzAfQdMHFCWcmNYqXM3VZIWxqv-DDXEU6ffuboei0lXrmMfqmeVxEVM_zJW1CVDo7z3vA52jB1ZBr93WyHrPei-mGq8CFAEtCsZo0IJORGuGL_SFD9eEvEOC1aHAzMTha2efpOj3F3QRawc6h9Kl9Rylly-SbFh6nPIiP7g4rDoLuuIIlYLB0P_qBSUTRuWw2v8S4j5F46o8Bpvh6m5aVQ0JQwzcDEqHLBGNKwfikrxgfvDKIcvP6Qbl0_FGzUhtgToUW0f70vPLpXPIeBRpb1qwSU_E3kB1wnwcFau-QFniUzDQNehDm6WqkcoRZlP7fHlKlmsZaqK-jrFDVkKmwuMswAq_kVmShfKbVB5NLNDWnMSnoF6FSr_auGZ3n1w7II80LuIwjaXaX9qHW171WH6VUWeWnNdpSG5DWQt6qsU9oQXTzdysIst0VnZJRStaFPLBgSRH5MAw4dCNUJN_Uvuvx2gQqVrZSZ33o2RkLu-0BVp4yrihTXI1dPOekjABKiuJl4nF0ZyiBqZ922bP2zJga3ZHDOYtSKMMxpyG7He2zFGVff2VjkZHU2Q4gaKRm_FdF47B4H7RfPVXXgUL_FGAXYknchRxrjK8Q5cs5SpemttUCapMZzgR6EHCw4oC88hr3I4981H2V_K2ftNJuUt2R4dypXrT0_TFjU3SY9mHiYg

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:35:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 homepage Show response
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/ 11 B
128 B 264ms
263ms XHR
application/json 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 27 Nov 2021 23:35:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=5, s-maxage=1800
strict-transport-security: max-age=0; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 6b4f2d114d21374a-MXP
content-length: 11

GET
H2 200 iframe.html Show response
static.vidy.com/0.38.5/ Frame 0D06 170 B
450 B 30ms
29ms Document
text/html 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/0.38.5/iframe.html?origin=https%3A%2F%2Fwww.haibunda.com

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5229307b633bbb93bb45ad376fef87db824fa4200eaa1e65fd2f180f1dafcd93

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-type: text/html
x-guploader-uploadid: ADPycdvYOjjzfrl4GSi6PgAcDufsPlUt2OCWjwimVE_T0IBpxvotoo0irGUAZJrlmInKD8terdRXf8YMGVc0QGVVOq0
cache-control: public,max-age=31536000,immutable
expires: Sat, 26 Nov 2022 06:23:08 GMT
last-modified: Mon, 20 Sep 2021 15:27:28 GMT
x-goog-generation: 1632151648524711
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 170
x-goog-hash: crc32c=L2PN0Q== md5=30+26Rimyfs6gQOLghFtrQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type *
cf-cache-status: HIT
age: 148370
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6b4f2d114d1a5a19-MXP
content-encoding: gzip

GET
H2 200 embed.min.css
static.vidy.com/0.38.5/ 159 KB
36 KB 31ms
31ms Stylesheet
text/css 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/0.38.5/embed.min.css

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a56fec1266b8719298779577773d69b2f59d229d490a1ec240ff380761ccef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5904244
x-guploader-uploadid: ADPycdsOGRQuoj80fx_vqVnusXWxpieIm7E5tHrzKzM3TelBxj9kLFBv7cnz1gRSHzIcv-wZ2VdghDr-0NBTjPa_tI4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
last-modified: Mon, 20 Sep 2021 15:27:27 GMT
server: cloudflare
etag: W/"d625cd0dcb9328385d986851871fcde3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=LJbN1g==, md5=1iXNDcuTKDhdmGhRhx/N4w==
x-goog-generation: 1632151646968836
access-control-allow-origin: *
content-type: text/css
access-control-expose-headers: Content-Type, *
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 163315
cf-ray: 6b4f2d115d1e5a19-MXP
expires: Tue, 20 Sep 2022 15:31:54 GMT

GET
H2 200 alive Show response
api.vidy.com/ 2 B
95 B 28ms
27ms XHR
text/plain 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/alive

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:58 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 27 Nov 2021 22:06:41 GMT
server: cloudflare
age: 5357
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=0; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 6b4f2d115d3a374a-MXP
content-length: 2

GET
H2 200 query Show response
global.cloud.netacuity.com/webservice/ 578 B
446 B 139ms
29ms XHR
application/json 52.49.172.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.cloud.netacuity.com/webservice/query?u=04842bc1-ecc8-4db1-aeec-6a7708559ff2&json=true
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.172.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-172-98.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: 6879a987172c12f5cd0a92ea77a79ed0b2e9864ffb1f2d1d66c71ede1f5449a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 27 Nov 2021 23:35:59 GMT
content-encoding: gzip
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-length: 266
vary: Accept-Encoding
content-type: application/json;charset=UTF-8

GET slick.ttf
cdn.haibunda.com/css/fonts/ 0
0

GET
H3 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 19 KB
19 KB 23ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/embed.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://static.vidy.com/
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:14:29 GMT
x-content-type-options: nosniff
age: 440490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18956
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:27:08 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 22 Nov 2022 21:14:29 GMT

GET
H2 200 montserrat-400.woff2
static.vidy.com/fonts/ 13 KB
13 KB 26ms
26ms Font
font/woff2 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/fonts/montserrat-400.woff2

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/embed.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50e7e16fa947036ed479023375a7a44597c72dcc780c110ddb87a28cfa7fd16c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.vidy.com/0.38.5/embed.min.css
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14653
x-guploader-uploadid: ADPycdvTR5BZAFNKvdEIqbalRl7upJu5-_i5fNMI2jOPche4zE8cV-cYNMK6DRo5XKv8HXfqtsZMhXoCNsWVvkUWWhCwoiTT-g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 13248
last-modified: Fri, 16 Aug 2019 21:18:32 GMT
server: cloudflare
etag: "cdd5aad3fd6aaa1b80d5119924cd0d52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=QsfZfg==, md5=zdWq0/1qqhuA1RGZJM0NUg==
x-goog-generation: 1565990312626694
access-control-allow-origin: *
content-type: font/woff2
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age= 31536000
x-goog-stored-content-length: 13248
accept-ranges: bytes
cf-ray: 6b4f2d122eb0374a-MXP
expires: Sun, 27 Nov 2022 19:31:45 GMT

GET
H2 200 montserrat-300.woff2
static.vidy.com/fonts/ 13 KB
13 KB 185ms
185ms Font
font/woff2 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/fonts/montserrat-300.woff2

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/embed.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efd03b0d726d18465de44b4bcbe6ada589e6d4cd28c022efda2b23ff2db80060

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.vidy.com/0.38.5/embed.min.css
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ADPycdvGjBtVvBTF1Q-f12Y4S4zVyXP7pmcp2SKUBon-HUWqalugtJXbJ0G3dPK3CMWkYwhXPUFKBV4Iq2rtsLDhASvNkW8-aA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 13080
last-modified: Fri, 16 Aug 2019 21:18:32 GMT
server: cloudflare
etag: "de24050b75ebfbbd133cdc9b72c42f27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=Lybbjw==, md5=3iQFC3Xr+70TPNybcsQvJw==
x-goog-generation: 1565990312627687
access-control-allow-origin: *
content-type: font/woff2
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=31536000
x-goog-stored-content-length: 13080
accept-ranges: bytes
cf-ray: 6b4f2d122eb2374a-MXP
expires: Sun, 27 Nov 2022 23:35:59 GMT

GET
H2 200 montserrat-500.woff2
static.vidy.com/fonts/ 13 KB
13 KB 185ms
184ms Font
font/woff2 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/fonts/montserrat-500.woff2

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/embed.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4885c1c647b93d166713ffd9989b63239f2b9a37dd5495a5f3cc0b0832a6fd40

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.vidy.com/0.38.5/embed.min.css
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-guploader-uploadid: ADPycdvEZr89xEqV-vtyiS9rZhbg4qQkQf77XOjrnoo3jXB1VkW_mwdaMzGbyQFTktHhac6H5Nq2bdDAT-45byg4e24
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
content-length: 13248
last-modified: Fri, 16 Aug 2019 21:18:31 GMT
server: cloudflare
etag: "99b4803ab7e53e3d5c2db534a3828caa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=VvdztQ==, md5=mbSAOrflPj1cLbU0o4KMqg==
x-goog-generation: 1565990311428633
access-control-allow-origin: *
content-type: font/woff2
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=31536000
x-goog-stored-content-length: 13248
accept-ranges: bytes
cf-ray: 6b4f2d122eb6374a-MXP
expires: Sun, 27 Nov 2022 23:35:59 GMT

GET
H2 200 embed.iframe.js Show response
static.vidy.com/0.38.5/ Frame 0D06 23 KB
11 KB 27ms
26ms Script
application/javascript 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vidy.com/0.38.5/embed.iframe.js

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/iframe.html?origin=https%3A%2F%2Fwww.haibunda.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

847b5713e2aa6f31fc31108d68cb8269efea37a56253e7d72050e356b645e993

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.vidy.com/0.38.5/iframe.html?origin=https%3A%2F%2Fwww.haibunda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1632151636
age: 5904245
x-guploader-uploadid: ADPycdsvoYDO3C6FXz8WmkQmQ30WoNwV5XGgNK4opZ7Fk0QY9vdwMWibRGeZ4mhfhr3EL0ulnUtlDhGRAZksuJ5OgaI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
vary: Accept-Encoding
last-modified: Mon, 20 Sep 2021 15:27:25 GMT
server: cloudflare
etag: W/"45a6ee3245fe51114660172b9c7f7876"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-goog-hash: crc32c=yhA8bg==, md5=RabuMkX+URFGYBcrnH94dg==
x-goog-generation: 1632151645266389
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Content-Type, *
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 23957
cf-ray: 6b4f2d123ee25a19-MXP
expires: Tue, 20 Sep 2022 15:28:32 GMT

POST
H2 201 events
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage/ 0
0 1514ms
1513ms Ping
application/json 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage/events?uid=aumuj711.bseknhuxp
Requested by: Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 texthash Show response
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage/ 39 B
252 B 73ms
73ms XHR
application/json 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage/texthash

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

713a485cfb9df67760a976d525787728ecfc1e2b23ab06a372beb7e625eb8bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 27 Nov 2021 23:35:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=0; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 6b4f2d1338bc374a-MXP
content-length: 39

PUT
H2 200 homepage Show response
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/ 2 B
70 B 273ms
272ms XHR
text/plain 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage?uid=aumuj711.bseknhuxp

Requested by

Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 6b4f2d140a0f374a-MXP
content-length: 2

OPTIONS
H2 204 homepage
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/ Frame 0
0 65ms
65ms Preflight 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage?uid=aumuj711.bseknhuxp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: content-type
Origin: https://www.haibunda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 27 Nov 2021 23:35:59 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type
access-control-max-age: 600
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6b4f2d13a981374a-MXP

POST
H3 204 csi
csi.gstatic.com/ Frame 3BAE 0
17 B 361ms
190ms Ping
image/gif 2607:f8b0:4012:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kwigccw0&c=2685224843141&slotId=1342612421570.5&qqid=CKeqn9vaufQCFRXFuwgdaqIJug&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=677&mt=video%2Fmp4&vs=854x480&ulv=1&cll=0&vmfc=16&vhc=0&ccc=1&ccrh=0&ccri=0&ccrs=1&ccru=0&ccrhc=false&msm=1&aits=0%2C17%2C36%2C18%2C22%2C43%2C44%2C45%2C46%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=59&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4012:81b::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:35:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 opensans-italic.ttf
cdn.haibunda.com/fonts/ 38 KB
38 KB 262ms
260ms Font
application/octet-stream 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/opensans-italic.ttf

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 South Tangerang, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

static11 /

Resource Hash

bdf983a7d3f8b72e7819dd5a8297a8db62d82b84af2434950a2ed2ca10678c19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/haibunda.wp.style.css?v=3.4.7
Origin: https://www.haibunda.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: static11
cache-status: HIT
etag: "5db2a88f-960c"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
accept-ranges: bytes
content-length: 38412
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 banner Show response
www.haibunda.com/api/ 222 B
236 B 226ms
225ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/banner

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

465e430edcef6aca232c84f9b7c1dfb97cbd83dd464a561ae403793a23d8c13e

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept-Action: newsfeed2
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish1
cf-ray: 6b4f2d182e89f933-MXP
x-xss-protection: '1;mode=block'

POST
H2 200 banner Show response
www.haibunda.com/api/ 30 B
129 B 198ms
197ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/banner

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d83e9935695c996946bfad955752b483ff58fc2ce589b50990ac44ecbceeeae6

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept-Action: parallax1
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish4
cf-ray: 6b4f2d182e8bf933-MXP
x-xss-protection: '1;mode=block'

POST
H2 200 banner Show response
www.haibunda.com/api/ 12 B
88 B 237ms
236ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/banner

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eca0fe7087d47bf8bba5ab355c02dc00bd403498edcdf259cb8eced59e8db45

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept-Action: promobox
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish3
cf-ray: 6b4f2d182e8cf933-MXP
x-xss-protection: '1;mode=block'

POST
H2 200 banner Show response
www.haibunda.com/api/ 132 B
182 B 214ms
214ms Fetch
application/json 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/banner

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=3.4.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db4d3506734cf097349374f1ddd1b3c87dc6d96effa47d974af5c2b77342e427

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept-Action: newsfeed3
Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: "max-age=31536000; includeSubDomains" always
content-type: application/json; charset=UTF-8
s: fe-publish4
cf-ray: 6b4f2d182e8ef933-MXP
x-xss-protection: '1;mode=block'

GET
H2 200 image-icon.png
www.haibunda.com/images/ 716 B
919 B 663ms
662ms Image
image/png 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haibunda.com/images/image-icon.png

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a033d8f85ef60fc0f1b2b6dbd87fbdd2ffedbd29749937de47ee533071f63c6

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: "max-age=31536000; includeSubDomains" always, max-age=31536000; includeSubDomains
content-length: 716
x-xss-protection: '1;mode=block'
last-modified: Tue, 07 May 2019 04:15:02 GMT
server: cloudflare
etag: "5cd10646-2cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
s: fe-publish2
accept-ranges: bytes
cf-ray: 6b4f2d183e99f933-MXP
expires: Sun, 27 Nov 2022 23:36:00 GMT

GET
H2 200 ilustrasi-diet_169.jpeg
akcdn.detik.net.id/visual/2021/06/15/ 13 KB
13 KB 201ms
201ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/06/15/ilustrasi-diet_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

2039d1462586dbf6a88f8d33cf2fc6b1043ba76019929ea83cc5e386cbf0e3e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
iresizer: ir-static12
cache-status: MISS
etag: W/"ea2bfcc34215ddb80bb266fb2fd995f20e670d73"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 park-hyung-sik_169.jpeg
akcdn.detik.net.id/visual/2021/11/26/ 14 KB
15 KB 202ms
201ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/11/26/park-hyung-sik_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

649dcf55ac367e0902021fcb2e99b803e2d9cb3d06e5c3443d3c4ec92089b82e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
iresizer: ir-static1
cache-status: MISS
etag: W/"fcb79e06f8bade5268d65a03637b2ec9dde1d355"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cara-membasmi-ulat-pada-tanamanistock_169.png
akcdn.detik.net.id/visual/2021/11/24/ 24 KB
24 KB 200ms
200ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/11/24/cara-membasmi-ulat-pada-tanamanistock_169.png?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

3ecc75dfc0b89f78ae5adb56087bd9c5e82bc9fcbdb2351da4c63f800e9ee04e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
iresizer: ir-static14
cache-status: MISS
etag: W/"4d6698ee40b67d8b9f19cb1e6a83b4afce5fffd9"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nagita-slavina-usai-melahirkan-anak-kedua-4_169.jpeg
akcdn.detik.net.id/visual/2021/11/27/ 134 KB
135 KB 187ms
186ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/11/27/nagita-slavina-usai-melahirkan-anak-kedua-4_169.jpeg?w=750&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

55a20280c6e8178b51998f0ed310a6bc4838f4d3cc88154547f159f893dd7920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
iresizer: ir-static12
cache-status: HIT
etag: W/"d5b44287ab476eb795c870c0db780fc8c6bbc8c1"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ruang-tamu_169.jpeg
akcdn.detik.net.id/visual/2021/11/23/ 12 KB
12 KB 198ms
198ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/11/23/ruang-tamu_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

9004823d780fcf88599883c12d7f3f43cf15a3dd3b7ccef0cc3a57520b2311cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
iresizer: ir-static11
cache-status: MISS
etag: W/"cd7fe4ee2e4aef087aefba1fe3b4183b65086418"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nicky-tirta-bersama-anaknya-2_169.jpeg
akcdn.detik.net.id/visual/2021/11/22/ 110 KB
111 KB 197ms
197ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/11/22/nicky-tirta-bersama-anaknya-2_169.jpeg?w=750&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

0066ca9ea6c261ca49ef079e4933b3c6fe1b4812e33bfdf004bda8da9e4da939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
iresizer: ir-static13
cache-status: MISS
etag: W/"73ba056df231682a00d90351622db25d396fe505"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ilustrasi-posisi-seks-1_169.jpeg
akcdn.detik.net.id/visual/2021/02/11/ 12 KB
13 KB 197ms
197ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/02/11/ilustrasi-posisi-seks-1_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

1ee245f002113d24eeca1097c7345d61da21e98dcd0da6911454a6160a229cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
iresizer: ir-static13
cache-status: MISS
etag: W/"b6b4646bd36d86f14ed202546af57b7afd6b394c"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wedang_169.jpeg
akcdn.detik.net.id/visual/2021/11/03/ 21 KB
21 KB 197ms
197ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/11/03/wedang_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

1e2d6fe9b61d4613aa3c10f7b75988ff963d0af0d4b9ec88b44a231f60a7ba4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
iresizer: ir-static6
cache-status: MISS
etag: W/"5941fc099acc3298bacd4f70b6bce96ee8fb075e"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tanaman-hias-gantung_169.jpeg
akcdn.detik.net.id/visual/2021/02/27/ 15 KB
16 KB 548ms
548ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/02/27/tanaman-hias-gantung_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

7217ac0d012247ae7b691bee9b36c2c3dfd6f5c81f7ab5302ec21cad24bee3c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
iresizer: ir-static13
cache-status: MISS
etag: W/"5202961a24b1cac960db243726b73ba2f3f72c05"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rumah-mewah-di-kampung-1_169.png
akcdn.detik.net.id/visual/2021/11/26/ 18 KB
18 KB 377ms
377ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/11/26/rumah-mewah-di-kampung-1_169.png?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

ac9f7cfe5e67a750a6d0fc3918470b4ac66d9b1fde07e6b4f82c541cdca9c200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
iresizer: ir-static1
cache-status: MISS
etag: W/"a3166e56e7de290254460c52201a7926f37e3491"
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 varian-baru-virus-corona-b11529-ini-5-hal-yang-diketahui-sejauh-ini_169.jpeg
akcdn.detik.net.id/visual/2021/11/26/ 18 KB
18 KB 377ms
377ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/11/26/varian-baru-virus-corona-b11529-ini-5-hal-yang-diketahui-sejauh-ini_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

4311bdd1f46cfc09916e1cd450c449488cbc83f28f65f09f6250705206b0b1ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
iresizer: ir-static3
cache-status: MISS
etag: W/"e62d3291805ff2fb212730e778e37da82a0e3ca7"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ilustrasi-pasangan_169.jpeg
akcdn.detik.net.id/visual/2021/10/28/ 16 KB
16 KB 377ms
376ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/28/ilustrasi-pasangan_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

a937f533ce907af98d82e08ab0f98469c9631884b1202f85e8c45e3500f19d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
iresizer: ir-static3
cache-status: MISS
etag: W/"f430e1691fb076539a4a667e91a119a3a1c241b7"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 624e83cc-a17b-40ae-92e0-d6ae8757c6cb_169.jpeg
akcdn.detik.net.id/visual/2020/04/10/ 17 KB
17 KB 546ms
546ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2020/04/10/624e83cc-a17b-40ae-92e0-d6ae8757c6cb_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

dbe2fa84e0258944f8419d6d9284989145c5d4ab18d7e61246f66a973d5656b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
iresizer: ir-static7
cache-status: MISS
etag: W/"200b7ad39943fa951d32c0d163d86fbfdeeb18ca"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 han-hyo-joo-2_169.jpeg
akcdn.detik.net.id/visual/2021/11/26/ 17 KB
18 KB 547ms
546ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/11/26/han-hyo-joo-2_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

ae0fa70fac30cf88c7d2aad7b983661756e539df66baa05ba0bbf0f07ee0ee58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
iresizer: ir-static13
cache-status: MISS
etag: W/"cbe81f1b6f542f0e0efcfc9a07c2293f3b558cff"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ilustrasi-anak-belajar_169.jpeg
akcdn.detik.net.id/visual/2021/10/26/ 16 KB
16 KB 547ms
547ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/26/ilustrasi-anak-belajar_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

077fa94b0c20fca54ef881b3a7bbfb754032b10587d320fdbf0a38d158f80c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
iresizer: ir-static4
cache-status: MISS
etag: W/"5d62fee88ed85f51dcc9a3b79226bd30e5ad935a"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 asyncspc.php Show response
newrevive.detik.com/delivery/ 2 KB
1 KB 218ms
218ms XHR
application/json 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://newrevive.detik.com/delivery/asyncspc.php?zones=3717%7C3718%7C1513%7C1514&prefix=revive-0-&loc=https%3A%2F%2Fwww.haibunda.com%2F

Requested by

Host: newrevive.detik.com
URL: https://newrevive.detik.com/delivery/asyncjs.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive5 /

Resource Hash

f767ff57e754a486c69aa7015e51ae752683921919a05a2e1af14142a085109e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: revive5
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json
x-xss-protection: 1;mode=block
expires: 0

GET
H2 200 ilustrasi-anak-sakit-atau-muntah-di-malam-hari_169.jpeg
akcdn.detik.net.id/visual/2021/10/11/ 13 KB
13 KB 546ms
545ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/10/11/ilustrasi-anak-sakit-atau-muntah-di-malam-hari_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

1153fd4d2a7b218439b3cac7f14ac3647b03b911855f4e76731723f36042cb65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
iresizer: ir-static2
cache-status: MISS
etag: W/"fa36c9897ae660a3e96522533e45043a0f4a47fd"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9f87d396-fbd2-46f7-833f-5b09d931ff1e_169.jpeg
akcdn.detik.net.id/visual/2020/05/18/ 13 KB
13 KB 369ms
369ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2020/05/18/9f87d396-fbd2-46f7-833f-5b09d931ff1e_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

d3e1a155b737f5ddf4de621ae74badaefdaa448529f077240374405e60838c07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
iresizer: ir-static2
cache-status: HIT
etag: W/"0e6dc993d6563fef9e99f39e1dcd92eb8bbab993"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zaskia-adya-mecca-dan-anak-kelima-bhaj-kama_169.jpeg
akcdn.detik.net.id/visual/2021/11/27/ 14 KB
15 KB 545ms
545ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2021/11/27/zaskia-adya-mecca-dan-anak-kelima-bhaj-kama_169.jpeg?w=310&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

static14 /

Resource Hash

e57167617bfd89f44b6b45ebbbf8c77ef427bab544a440d9c53bff9b50bf6c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
iresizer: ir-static10
cache-status: MISS
etag: W/"0c5ce0d1f44d25833fc9140f070460412210c7e3"
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
middle-cache: HIT
strict-transport-security: max-age=31536000; includeSubDomains
server: static14
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 asyncspc.php Show response
newrevive.detik.com/delivery/ 401 B
702 B 213ms
212ms XHR
application/json 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://newrevive.detik.com/delivery/asyncspc.php?zones=%7C%7C%7C%7C2679&prefix=revive-0-&loc=https%3A%2F%2Fwww.haibunda.com%2F

Requested by

Host: newrevive.detik.com
URL: https://newrevive.detik.com/delivery/asyncjs.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive5 /

Resource Hash

5a954f8a8aba790ea7488a605640190ef1ad1659bab25e7df5b96345b72ee818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: revive5
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json
x-xss-protection: 1;mode=block
expires: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.haibunda.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.haibunda.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 442 B
259 B 43ms
43ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2124077385527916&correlator=3384614509940547&output=ldjh&impl=fif&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211127&iu_parts=4905536%2CHaiBunda_desktop%2Cnewsfeed2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&prev_scp=pos%3Dnewsfeed2&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie=ID%3D1aea7b41d1c74b43-22de2b9209cc007b%3AT%3D1638056157%3AS%3DALNI_MZqaTFWdI2f0MEYundJqSKO-QjyNw&bc=31&abxe=1&lmt=1638056160&dt=1638056160255&dlt=1638056155816&idt=1558&frm=20&biw=1600&bih=1200&oid=2&adxs=250&adys=2762&adks=3865697788&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x5158&msz=750x61&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9d_19jeUcj9vyH18ndw23AFDSXO8lorBnZKM7BRaJXq3t5y6-IvS4hIvVNXGGACeAucrUjEwYkfIIfoRWed3xqpk5rKnGPAJ8&ga_vid=405606440.1638056157&ga_sid=1638056157&ga_hid=1364800232&ga_fc=true&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c30366e2cf6852cc476664d4f6df1898e46c78174c4e803d2848d14e0d8d2713

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 228
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
335 B 774ms
773ms Image
image/gif 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3717&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=e928afd5ae

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive5 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
x-content-type-options: nosniff
server: revive5
x-cached: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
x-xss-protection: 1;mode=block

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
335 B 774ms
773ms Image
image/gif 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3718&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=77ddd4975b

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive5 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
x-content-type-options: nosniff
server: revive5
x-cached: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
x-xss-protection: 1;mode=block

GET
H2 200 d598983a0af0c8c52665e162e36bea01.jpg
newrevive.detik.com/images/ 173 KB
174 KB 391ms
390ms Image
image/jpeg 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/images/d598983a0af0c8c52665e162e36bea01.jpg

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive5 /

Resource Hash

4f659948b1767dac97cd195d60028064755090cebf60bdb2424bc1c3ed64195a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
last-modified: Fri, 26 Nov 2021 19:57:11 GMT
server: revive5
etag: "61a13c17-2b5bb"
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 177595

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
335 B 773ms
772ms Image
image/gif 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=174523&campaignid=68311&zoneid=1513&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=83fad6d0c3

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive5 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
x-content-type-options: nosniff
server: revive5
x-cached: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
x-xss-protection: 1;mode=block

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
335 B 773ms
773ms Image
image/gif 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=1514&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=5afc7e39fc

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive5 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
x-content-type-options: nosniff
server: revive5
x-cached: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
x-xss-protection: 1;mode=block

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
335 B 773ms
773ms Image
image/gif 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=2679&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=96d8b9c124

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 Jakarta, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive5 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:00 GMT
x-content-type-options: nosniff
server: revive5
x-cached: MISS
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
x-xss-protection: 1;mode=block

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 20ms
19ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9a6ba91e98d993b21b8af1f6617c0c1720cf4965a740da8fe54d2d018070afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 23:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9135
x-xss-protection: 0

POST
H2 200 rum Show response
www.haibunda.com/cdn-cgi/ 0
232 B 58ms
58ms XHR
text/plain 2606:4700::6812:154
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:154 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.haibunda.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

date: Sat, 27 Nov 2021 23:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6b4f2d1fd952f933-MXP
vary: Origin

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 27 Nov 2021 23:36:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0ED3 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 27 Nov 2021 20:25:53 GMT
expires: Sun, 27 Nov 2022 20:25:53 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1D05 783 B
534 B 17ms
17ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5aa952cddab75674972b8f53ebaef310234d890fddd1ae14190d95dbb7289040

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JbCC0ugacJBoP4cfhWgd2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 27 Nov 2021 23:36:01 GMT
date: Sat, 27 Nov 2021 23:36:01 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-JbCC0ugacJBoP4cfhWgd2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 0ED3 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:22:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 17:22:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1D05 0
0 47ms
47ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=2124077385527916&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=2124077385527916&bg=!_v2l_bnNAAZQLpa_UC47ACkAdvg8Wjjq-yWhA9yC50De7fH-VoZCOg7buq_bVBl1epx_lK8oXRcvsgIAAABpUgAAAAtoAQeZAnbGYMAxCPZqJYMXHEbHQ7eohjbh4MJnV-aVK50ypQUuDj1xUXYryeQdtlc7LPRtLdKErKlsfj1N4CWfsx5-nLt2wNLbDfqdJF_5mMvXZlob_4IFFU3OrmlVYpAzjLsMcsyNBdbgR63rCUFPT2nElYzK_m7UaKzS84DAi6aqMo_KLtQTLPOT67m09Uycy_VmFlKZgvIVnjpxfcnVeD2ntE3bwHOx5XmVvs9-dTQ1nAE4EqsmA1Csjoc5BV-GiwzyxchIqFCjJVYK56GaCc3zNn6ILrTI-SG9hVLMZg5Lw0v6Icey4QgIwDbOBWI-SeFgLzustsbk-9vw6EzpUH99kZMQsjOfSNBLTriyKi3zTHlDKLEsBDHmEtF7iHy4b-cspiC88Jl3WbEoY-iU3sdytjvV3Kx9RMaoHbxn1gCwBrQy5YfdfVyBxroOc57Vos1ZZmquIgpe5Eguau290d2okMk11QL7gnjSxVWv1KpQzenBr4jk8k28Mo4oyKSzUaGVyBMYQKmYJmtGsb2NJfg_XLtrroBRCTFgJCVBz32iPYQFOz5t7O5ZtYD2eWWTGzwkI_fpJM_xnnqVKJI2LcD-OYtLRZ4BcgfFNHHiEk7DFjyqk4vFubrXizlHlx7C6CMibhKcOlurvl07KCj9QhZhP__4PRgauNaJMLTq1gUTrRtVny0LG5B-2Mhw9JRk7_E9xe3VW4zmY7gz40zZSzTXJ_06tx7pTt2sxLGDlQYXB1jmu7w4-5BHk1NJ6B2e2tuSgalAPewG3Aj2gEGt3gWC8iuXbbdxU2jNw5fCjdDrTmbEzDUHmPqtTj_TGMjPP2PvK7V8V0hSTmU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:36:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.haibunda.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 23:36:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.haibunda.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 23:36:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 216ms
216ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2124077385527916&correlator=3362699178121298&output=ldjh&impl=fif&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211127&iu_parts=21751243814%3A4905536%2C921738-728-90-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&cookie=ID%3D1aea7b41d1c74b43%3AT%3D1638056157%3AS%3DALNI_Masw0hEPCyWDF0hTXlomr4WYrZHOQ&bc=31&abxe=1&lmt=1638056163&dt=1638056163171&dlt=1638056155816&idt=1558&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1230&adks=891859022&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=405606440.1638056157&ga_sid=1638056157&ga_hid=1364800232&ga_fc=true&fws=512&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

3931c394cbc6648334ae362b60d74938635d8115826d42b224a25c45da1ebcdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7129
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DCA0 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 27 Nov 2021 23:35:57 GMT
expires: Sun, 27 Nov 2022 23:35:57 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 89E2 640 B
318 B 32ms
17ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARim5eioATAB&v=APEucNXGJPz2N6SlYP1Fv1jiLfX1CYqF5NDEcNP_mXxpqzchNjiS67vjs6PsRFFszlrziVVoWgArcHFe2hFi4eoC26RPDGLXDe0cYXUdVU6uzZoEAA31k-gBY71YVEpK0uKOStQvDnUT_RHHH_fzvV6SYg2Z6wTuz3yyLVcHkRWdKqwfTCQj6fs

Requested by

Host: 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
URL: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 27 Nov 2021 23:36:03 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 27 Nov 2021 23:36:03 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DCA0 78 KB
31 KB 72ms
58ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aeu-COpDCaF68pfTbqyOMYuyzDsxvaa_FJtSuYl9iRpN1GEj6RIcxFglexCrXYqz8a_D7_N3ffIEOW7Q3LM0mDkNDVWJFBtwjXJj80X6fh9zdt0bWaUWzyYBwzm0bQmFPImEuPQuLzuBEClmKjuLN06MbL5w&dbm_d=AKAmf-A_zw5QveuHezNN3aF-zPUawfz8ITpUZ97Ldx0Ww1r7s3k0p-gYv0EszyaeeQkAB2RwU4QF2Ow2rAitY_0vKbZDIBWAJHekoo4WHJvVT131yCFutBEZr75GhwnUNx1r8TsYv9yCe9e-K7gduMM0GWnZkL660tD617DXCA7rGj4iS1IKlJ-dAMhR7aYwib7nP7RFBFuscrtx5G0RZwWAkjM-e-rHTWR_1jKn2NGojb6eHHvae-2BHSXYHQO2oIVW37YUQMT52mISHamIzsdhU00DG2FROE2xeqjH8_77CV-rnphfoR00suaUxON4tuXP3-FlJBRYFlaoxEnX_iushq78bUjMrjSuoFR7SBK1AiY_6hVpzEjwfN6yCmLA5jLnneGRqNybQZwdAs3vO-1iV0LGIAAZ3MbYa-Z-5VSbqNWGvtGt06kjh33SjTv1ITxlKSsg8oGwwthHGY6o7FLH6luRh4t1hV5ifpL7Sd4pfdEb5CWnbHdKWD_-6XE6i_dD8KEhPOW9OeyDX_yowbkR_LDGLzWZf_1h-Gi0KTmm9Ee7kLA_sWA2sWiCPxYHYBqkSV8pct2GJXwnEBjS9JaFnvN9V8AF23dSYWRS3w7huckqEJNil-65NcXlFrki1nGl9uxJGJhT70iVsA5TWPR2z4KHifcDq-2Z2tpiYOiGa-siuBw6TRibOAVycXxsurcEquHDSmQ-WDrVLYhJiG59KdrmhmvHpuMYM2W5aM5UmXNY0DcTc7jHswMLUqjM4Nxfd4sbkQBWXD1BxgoGFNJ4XMENeYO-LAmWFcfW_M5g_SVK8fh_c6ypgub8Yi-39Ka6LtNmrHItrgnODCVGAPijcouBPyZxrc7So0iX2W2gRxftN_arTz056ysTuOGLG5ANJHlGXlayFBb9NDPZJbEktY94Jfe78-odcO2nNmXzh5lnQh-YVaQcqwY1y8VQYwtckrveaGBW7987uN93lhjJkQKbZwx3b0XdR6bVzX-ZvWgQfJAAKdg-QH7W6z880WnBjSk4XDyDF-hMiAlz8Ec7JvX6BgqMWWHHHfPSZaKQMkRJ5sthd1BeU8XXqC-wcIwfNp6wrUoj2fzobhQ-WeuaYRtt0y0JJzQcB2fqbxvxCo_tw6H3tnaUwQ3QONp8u5K7Ziw6BvbGbvP2zVCewsiEZUqF5mx4omy46vRzNmFSHdiJkEhCOjdbEaYLNbL3tYP7phS71fj7CcEZyWU-ZyqS1riCQ4z03gLH7GG1uMbnPxTfbOIOeCKj6po1pO-tD74iSM0HVR1AB-FzABiI-hHKP6ARQsX65IX6erKqqikeTHrVM-o8aO5fWf4mTkGQ22Yz1VB-nhtaQrRzeLJ8qesHSJTfe-GRqMekn-wFnGPFvNNKgsFKm0ddNnCsWNVbjhkB1cUHFAt6mnhwDNwEQAdLFDjEn0PCfVmj_WW-aeDUvyCHAVg9FMUJ6VYql1U-S-CnpEKNJ6onuqPLwFkZKlkdGDBxS1w5tubqH3WGQNK5S_MUwcoJZBhMJasP9PfPvo9k-UI0F0TyImIr5n7GLQLvMeYnfuIHFHe-UBvgWcgNTSnCwDF0tO0xpYGloueV9pcYeOoR5agKFocXF3a1rYPT7kBN_q2Cc-Z24MmlxtJUZHwGZluDfjDrOyOc5JJiXGuuznnY0FiVrWY703ogslYHpofzd1T_3LPendMSIU4OXMc0RYV8cphSsnS4U5waQdpEUzo-jVpm--gkmXD8DIvSVi9wGY3nBA5GhmRyOQrZhnw1M1OEGbqNLsAUnznHaq2DO9qppqXPSC3qIWRXWOSORNLrox4aUJ_LV60rSUYK6WQSqUbTKZPxfRmlwvYL76Qnu2i7tAz_PbmZWKuz_t4GwKELj4v5piu-7D7qOwo-imXajE45gzArG4XUYBYnkA3bzzPzUa-E2YzKL6GYUx3LFbinAPHzUpbSxlGiJLsHf-WZukosEX61OSwB9ee7WVP6Qpg6QZlDUaBSyFdQhOPfu86uDx2w2Gsq0aABJuHqpVpYPrVNTrI1obEL2zcFIOmxGSl_aaJ-wwYeX7M09GF_fDCl6uIpvQ1qn7Kvhkgtblz66efOyhuvuC4aVxrx_BS0M0bKzt-SRUJB_dqA8hGYYX2fSEIWlaeGRY5QSCOGSqBbnI3tIAr98oTgpHRpZW_V9_g1Grdbxu_Mb62WESkymlQd4QAX5eykOxLr-dqdqO1BpUh79fsEJC38YNH8VYZOv4vfgdaZyRykM8pYs9WRVnj0-e02TQkwR-Kdo5p1m3xZtssoZlLGA6f8pzoUbWq-83RnOifqYFLffk2wNPg1xzEEzp9O7HcSGZ4JraiEna5kpVuibIHUeZJOCoI2fz4udO8LC2pz6WFbOIA4PfDGXim-MZJ0FzSwLGyOrMPm3CK6wldRXqrIHzvv9n68OodDgUyzDAnX7bZ67WPD7ZAM39Ht9yAsYNx1J6gzzo1CH_RLeBvzfM4Mrfv5KZ6ydhJS37lEkxv1DrfAf4BRW3teG8zYDFcRewxdUn6vOkbSAeV0z1MeGESXXdKZJNTBLhTegGSVSYG-MtdMYdkYgePcLJV4eZ53VX_TQSxCSbhZDp_fiQ78p_Ym_KkoSdt_E0vWb8Lex9QIaixwMsdE7DHr2OdeRa3kuceMCwBIg6HH5txZXTuy2hOulBgw-sPoW7FIu2rJqS1eroFXYMSWXnhrsH25OJPHb8mpc4yeU3W2Kj9s66u_zRDCoLT3zC5ut0GWn7tE7WTeI6BS-qqcziGUA2bkfTINaMvS_uDaJQ2BVvERFqKkUzjNvwZRBCNTm9ufQd_6IBH365PGXDtDLUDUIXX5NhWCA-ty7fdKKRq3seLW6BwuIXTiTivgaGiv1AfjNTlXvzqbFsqW1xlxDHkA1Sg9Oi00rf4nuIRMO4xDuBxihGza9uFKkVQ9Nu7yI8GfZYlCYblcnQoXV1akbXb1F5DA7nY7NSu5T4DwJj20RcQfdfGA4QTnzOoPXTWq2TiPGDNzvrOxqDKhzYnZ3gQUfWBHhBBUELIhvzb9Qo9Pw2AU6rRHQiUyM7IxAxA6ro0oTI4h4xxX&cid=CAASEuRo295cgr3O6baRrWTc1SKe0Q&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4499a5d4b53e3f845225b53dc8fb25d4bb00250b6ce0a4a9949d63ad5352b452

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:36:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32033
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DCA0 42 B
63 B 40ms
40ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DfRSCc-Td3Z5C_RDPcnS0DpSrf8K2ELFCSgWKzyi11of1_DzPxOfvlcTauRq98Wq8tkPTbF92Ipt1Iw7iy1XDQDPZ8mGeOfyDs3hSWayXO7yZvWaQ

Requested by

Host: 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
URL: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:36:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame DCA0 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
URL: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:24:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 23:24:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DCA0 119 KB
36 KB 48ms
48ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
URL: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Nov 2021 23:36:03 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame DCA0 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
URL: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 23:16:52 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 89E2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOitALdignaEEAJ2yKWrHcg&google_cver=1

43 B
114 B

124ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOitALdignaEEAJ2yKWrHcg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARim5eioATAB&v=APEucNXGJPz2N6SlYP1Fv1jiLfX1CYqF5NDEcNP_mXxpqzchNjiS67vjs6PsRFFszlrziVVoWgArcHFe2hFi4eoC26RPDGLXDe0cYXUdVU6uzZoEAA31k-gBY71YVEpK0uKOStQvDnUT_RHHH_fzvV6SYg2Z6wTuz3yyLVcHkRWdKqwfTCQj6fs
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:36:03 GMT
via: 1.1 google
server: OXGW/16.221.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:36:03 GMT
server: HTTP server (unknown)
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOitALdignaEEAJ2yKWrHcg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 89E2 43 B
306 B 140ms
17ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARim5eioATAB&v=APEucNXGJPz2N6SlYP1Fv1jiLfX1CYqF5NDEcNP_mXxpqzchNjiS67vjs6PsRFFszlrziVVoWgArcHFe2hFi4eoC26RPDGLXDe0cYXUdVU6uzZoEAA31k-gBY71YVEpK0uKOStQvDnUT_RHHH_fzvV6SYg2Z6wTuz3yyLVcHkRWdKqwfTCQj6fs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:36:03 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 89E2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEEVBCq60veuvd_dAtImBRDg&google_cver=1

23 B
172 B

151ms
45ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEEVBCq60veuvd_dAtImBRDg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARim5eioATAB&v=APEucNXGJPz2N6SlYP1Fv1jiLfX1CYqF5NDEcNP_mXxpqzchNjiS67vjs6PsRFFszlrziVVoWgArcHFe2hFi4eoC26RPDGLXDe0cYXUdVU6uzZoEAA31k-gBY71YVEpK0uKOStQvDnUT_RHHH_fzvV6SYg2Z6wTuz3yyLVcHkRWdKqwfTCQj6fs
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:36:03 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 27 Nov 2021 23:36:03 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:36:03 GMT
server: HTTP server (unknown)
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEEVBCq60veuvd_dAtImBRDg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 89E2 23 B
172 B 169ms
46ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARim5eioATAB&v=APEucNXGJPz2N6SlYP1Fv1jiLfX1CYqF5NDEcNP_mXxpqzchNjiS67vjs6PsRFFszlrziVVoWgArcHFe2hFi4eoC26RPDGLXDe0cYXUdVU6uzZoEAA31k-gBY71YVEpK0uKOStQvDnUT_RHHH_fzvV6SYg2Z6wTuz3yyLVcHkRWdKqwfTCQj6fs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:36:03 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 27 Nov 2021 23:36:03 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H3 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame DCA0 169 KB
59 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
Origin: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 08:30:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 08:30:44 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame DCA0 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aeu-COpDCaF68pfTbqyOMYuyzDsxvaa_FJtSuYl9iRpN1GEj6RIcxFglexCrXYqz8a_D7_N3ffIEOW7Q3LM0mDkNDVWJFBtwjXJj80X6fh9zdt0bWaUWzyYBwzm0bQmFPImEuPQuLzuBEClmKjuLN06MbL5w&dbm_d=AKAmf-A_zw5QveuHezNN3aF-zPUawfz8ITpUZ97Ldx0Ww1r7s3k0p-gYv0EszyaeeQkAB2RwU4QF2Ow2rAitY_0vKbZDIBWAJHekoo4WHJvVT131yCFutBEZr75GhwnUNx1r8TsYv9yCe9e-K7gduMM0GWnZkL660tD617DXCA7rGj4iS1IKlJ-dAMhR7aYwib7nP7RFBFuscrtx5G0RZwWAkjM-e-rHTWR_1jKn2NGojb6eHHvae-2BHSXYHQO2oIVW37YUQMT52mISHamIzsdhU00DG2FROE2xeqjH8_77CV-rnphfoR00suaUxON4tuXP3-FlJBRYFlaoxEnX_iushq78bUjMrjSuoFR7SBK1AiY_6hVpzEjwfN6yCmLA5jLnneGRqNybQZwdAs3vO-1iV0LGIAAZ3MbYa-Z-5VSbqNWGvtGt06kjh33SjTv1ITxlKSsg8oGwwthHGY6o7FLH6luRh4t1hV5ifpL7Sd4pfdEb5CWnbHdKWD_-6XE6i_dD8KEhPOW9OeyDX_yowbkR_LDGLzWZf_1h-Gi0KTmm9Ee7kLA_sWA2sWiCPxYHYBqkSV8pct2GJXwnEBjS9JaFnvN9V8AF23dSYWRS3w7huckqEJNil-65NcXlFrki1nGl9uxJGJhT70iVsA5TWPR2z4KHifcDq-2Z2tpiYOiGa-siuBw6TRibOAVycXxsurcEquHDSmQ-WDrVLYhJiG59KdrmhmvHpuMYM2W5aM5UmXNY0DcTc7jHswMLUqjM4Nxfd4sbkQBWXD1BxgoGFNJ4XMENeYO-LAmWFcfW_M5g_SVK8fh_c6ypgub8Yi-39Ka6LtNmrHItrgnODCVGAPijcouBPyZxrc7So0iX2W2gRxftN_arTz056ysTuOGLG5ANJHlGXlayFBb9NDPZJbEktY94Jfe78-odcO2nNmXzh5lnQh-YVaQcqwY1y8VQYwtckrveaGBW7987uN93lhjJkQKbZwx3b0XdR6bVzX-ZvWgQfJAAKdg-QH7W6z880WnBjSk4XDyDF-hMiAlz8Ec7JvX6BgqMWWHHHfPSZaKQMkRJ5sthd1BeU8XXqC-wcIwfNp6wrUoj2fzobhQ-WeuaYRtt0y0JJzQcB2fqbxvxCo_tw6H3tnaUwQ3QONp8u5K7Ziw6BvbGbvP2zVCewsiEZUqF5mx4omy46vRzNmFSHdiJkEhCOjdbEaYLNbL3tYP7phS71fj7CcEZyWU-ZyqS1riCQ4z03gLH7GG1uMbnPxTfbOIOeCKj6po1pO-tD74iSM0HVR1AB-FzABiI-hHKP6ARQsX65IX6erKqqikeTHrVM-o8aO5fWf4mTkGQ22Yz1VB-nhtaQrRzeLJ8qesHSJTfe-GRqMekn-wFnGPFvNNKgsFKm0ddNnCsWNVbjhkB1cUHFAt6mnhwDNwEQAdLFDjEn0PCfVmj_WW-aeDUvyCHAVg9FMUJ6VYql1U-S-CnpEKNJ6onuqPLwFkZKlkdGDBxS1w5tubqH3WGQNK5S_MUwcoJZBhMJasP9PfPvo9k-UI0F0TyImIr5n7GLQLvMeYnfuIHFHe-UBvgWcgNTSnCwDF0tO0xpYGloueV9pcYeOoR5agKFocXF3a1rYPT7kBN_q2Cc-Z24MmlxtJUZHwGZluDfjDrOyOc5JJiXGuuznnY0FiVrWY703ogslYHpofzd1T_3LPendMSIU4OXMc0RYV8cphSsnS4U5waQdpEUzo-jVpm--gkmXD8DIvSVi9wGY3nBA5GhmRyOQrZhnw1M1OEGbqNLsAUnznHaq2DO9qppqXPSC3qIWRXWOSORNLrox4aUJ_LV60rSUYK6WQSqUbTKZPxfRmlwvYL76Qnu2i7tAz_PbmZWKuz_t4GwKELj4v5piu-7D7qOwo-imXajE45gzArG4XUYBYnkA3bzzPzUa-E2YzKL6GYUx3LFbinAPHzUpbSxlGiJLsHf-WZukosEX61OSwB9ee7WVP6Qpg6QZlDUaBSyFdQhOPfu86uDx2w2Gsq0aABJuHqpVpYPrVNTrI1obEL2zcFIOmxGSl_aaJ-wwYeX7M09GF_fDCl6uIpvQ1qn7Kvhkgtblz66efOyhuvuC4aVxrx_BS0M0bKzt-SRUJB_dqA8hGYYX2fSEIWlaeGRY5QSCOGSqBbnI3tIAr98oTgpHRpZW_V9_g1Grdbxu_Mb62WESkymlQd4QAX5eykOxLr-dqdqO1BpUh79fsEJC38YNH8VYZOv4vfgdaZyRykM8pYs9WRVnj0-e02TQkwR-Kdo5p1m3xZtssoZlLGA6f8pzoUbWq-83RnOifqYFLffk2wNPg1xzEEzp9O7HcSGZ4JraiEna5kpVuibIHUeZJOCoI2fz4udO8LC2pz6WFbOIA4PfDGXim-MZJ0FzSwLGyOrMPm3CK6wldRXqrIHzvv9n68OodDgUyzDAnX7bZ67WPD7ZAM39Ht9yAsYNx1J6gzzo1CH_RLeBvzfM4Mrfv5KZ6ydhJS37lEkxv1DrfAf4BRW3teG8zYDFcRewxdUn6vOkbSAeV0z1MeGESXXdKZJNTBLhTegGSVSYG-MtdMYdkYgePcLJV4eZ53VX_TQSxCSbhZDp_fiQ78p_Ym_KkoSdt_E0vWb8Lex9QIaixwMsdE7DHr2OdeRa3kuceMCwBIg6HH5txZXTuy2hOulBgw-sPoW7FIu2rJqS1eroFXYMSWXnhrsH25OJPHb8mpc4yeU3W2Kj9s66u_zRDCoLT3zC5ut0GWn7tE7WTeI6BS-qqcziGUA2bkfTINaMvS_uDaJQ2BVvERFqKkUzjNvwZRBCNTm9ufQd_6IBH365PGXDtDLUDUIXX5NhWCA-ty7fdKKRq3seLW6BwuIXTiTivgaGiv1AfjNTlXvzqbFsqW1xlxDHkA1Sg9Oi00rf4nuIRMO4xDuBxihGza9uFKkVQ9Nu7yI8GfZYlCYblcnQoXV1akbXb1F5DA7nY7NSu5T4DwJj20RcQfdfGA4QTnzOoPXTWq2TiPGDNzvrOxqDKhzYnZ3gQUfWBHhBBUELIhvzb9Qo9Pw2AU6rRHQiUyM7IxAxA6ro0oTI4h4xxX&cid=CAASEuRo295cgr3O6baRrWTc1SKe0Q&rfl=1%2Chttps%253A%252F%252Fwww.haibunda.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:34:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 23:34:15 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame DCA0 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 549
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Dec 2021 23:26:54 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DCA0 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
URL: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 12:48:05 GMT

GET
DATA 200
OK truncated
/ Frame DCA0 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd73761c28c7a75fd54710fdfbb94d8c68c0870a04d5b28fb6a0cb9070960861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 728x090.html Show response
s0.2mdn.net/sadbundle/12836924573366616064/ Frame 9660 47 KB
11 KB 31ms
15ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12836924573366616064/728x090.html?e=69&leftOffset=0&topOffset=0&c=rV23zqYLOe&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc10d22f8837c40cd6b6b3ffd3a248fe60f6879017a8099ca716e8f89c5c048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Sat, 27 Nov 2021 23:36:03 GMT
expires: Sun, 27 Nov 2022 23:36:03 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 24 Sep 2021 03:34:41 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DCA0 0
26 B 64ms
49ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv500MvkdlhsaTp1YYdCzAvKJ9SKq2-VocyQCsUUb3ASPo_PYPMg9yXo6Qtjnv0PAtZ3j8ZmhBp4zfk9iPAevcLHjh4G0iP1yI_RLYhgsIleaDHDjVFlP7tcHOFjlh0eu5XBkOtbDIZZ4pYdf54zIGhItNiqhmxc58b0wX_BaWUzfHT1yHEqEYgViCzbsmfz2OoDWlbOatp18qHaHUEqSKKuVsCTztgP55evMZ732cZIUw8kxAbLVbQttYs-WfrY2FRwbkhRehj7FXWxnOlc13NqRRS5LFL73fbir1QRvRtQTY48XBZDKOoIOBo-Q3uGkMGedSEtrtFUCI-NNTTFSMZcbd9RoPndLoKHGi6paRWMZjpfoueWvWeQgA-Owlp365XWxVLMIvgTNyOoGCsvtzkOHOO5lU8VaeVZEB20URwflvbCpIxt8tNqeq1elJ1E4PzUUDk5Zr8mOzNQp4nkspUmIeK8CT6fB0NzfVuv6qOGSkE96MwdIBq46yWZBtgvaiM2zQ6oa_kUHYL7A6wN4-1oAC9xM8WacDcoG7ls_zzboH59WueEfLfqIqyZoLsydug70hziWXW_xnlI9GQJNB2h6nF2YPTyD-Wjd1oIpuOAQs7FbDCimFZ5RIpwBrdaeE-S4WMldOT2aGpDSlLHg0qQ_ObVT9VbUR5Tx_cB1_9jPtCp_oKUPS6UIQouxmfQc_Vp1a-seMKKPU6K0GPREC11ksUDAbOEiKKcrP75KT2MtELjGo1hUz4cX-4DstKxfIPEkql525nSgMCHtc9zXQuTqYdEFdejA8zK67seh8TbCJzGhFTprAO7lMn9JWOZ9N9mom3gSxDluqGcwT4kmBMC9ZdkrUP-NevDGDTaqaBXGBgDggK4B3CXC9puZUoh2KFB9CKBC46CoIoHco7awacVAC5zc9W2eAwO8HgI42iL8XVHAdeQ7W5ijyWbHnZa9j1-dJXHS9B_irhDri0AcFhj22TESLuJfanVKfnqTblT_tVBsJXRN8_e1PQs6jp7UParRPTz8cQEjlMnz1NjO-XM7WwmAPeGUy28Oh-TJElXOEUf5KByGK7vovowgV3tT45WNS6iz1UmXnZfjMvXRbzROnq02qeEYmB-7rApNYn3wUa2PjOqgj_Fv2yigqG-cZnEvpA9PuGuoRziFkDNNC_20vWRHmHgX6kNJO_oOSm98QzRK2dFnr85nILPfa3EMDOJo3V0OkX6KCnr-RI_8CJyMiS5rYMVqkuEdK0z23873ct&sai=AMfl-YRFURi2wCnO0RNeuFx1JpswW_RwUeulC2ybfFPx0r3OqhxEkhPEjd6BE84g9AZ-_OMjH3dgcJNdZJ8NHS3ixW7leDtuh-DcVrd9GXkyoWQneIsUttEzNGhVVL-RcsR759LBl6daOsSt7VXw1O4RDxyCvDUONg&sig=Cg0ArKJSzKog-e3Nbf4AEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=112&cbvp=1&cstd=106&cisv=r20211111.75071&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
date: Sat, 27 Nov 2021 23:36:03 GMT
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: image/gif
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
cache-control: private
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5403 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 125277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 5403 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:22:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 17:22:12 GMT

GET
H3 200 Enabler_01_246.js Show response
s0.2mdn.net/879366/ Frame 9660 116 KB
39 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836924573366616064/728x090.html?e=69&leftOffset=0&topOffset=0&c=rV23zqYLOe&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12836924573366616064/728x090.html?e=69&leftOffset=0&topOffset=0&c=rV23zqYLOe&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 12:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38846
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40237
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 12:48:37 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9660 60 KB
24 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12836924573366616064/728x090.html?e=69&leftOffset=0&topOffset=0&c=rV23zqYLOe&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12836924573366616064/728x090.html?e=69&leftOffset=0&topOffset=0&c=rV23zqYLOe&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 23:36:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5403 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_rkD48CiYantHrvb7_UP2MS0-AMAAAAAOAHgBAI&bg=!TE-lTwvNAAZQLpa_UC47ACkAdvg8WgwxPZm5oRtjSbLTZXpHw075QCo5SFEp2HnkM_nWZNHrlRPIDAIAAABeUgAAAAtoAQeZAtO54sQ68dfTD3MhOhLra5dusYF5I4yGGBaW9OrB6nerh_jDpGVeJFYrZKHSZVzM4bDF4GTUYNORO4janlY3dmr4q-JmzN3nACSiaMso_cz1FnHXoPU_CQhVLUJnB77Au5uwOxh5BrcBACJFOtawCn0greta49KzYcTeOt3cqKY2fYXWZpLrEz_2coN-401aV1f0XH9DnUq-H04S7kWVmnWxPV7_7aT96cHsR9N2LmkKwN1Isqq3gPzre5V6RL4oZWH4OwHFFUd9KV-wyeEiCaD8fsTn9gCgA5hJLciFmKhoPiqePnsXUnuhAUZ4VMJlVHf0vsVrfihlG6LfhjWFl2wo3jd9PxXcAhSw1xQXqmyIRfFbOF0CyYHwusEKjWg_nRggXdywa4-2r9xV5u37vidtQ7j6cwziv4-1BIgQjtbC3J0ZkeNrY29Ee2vLIGUkoVcJypwmhzDd4xUkP2QYUtCG3Bk1EpvJy4QMUUIG-KrYj1YI6qqaKQorPNodiB8Fe_ejflzXTiNsa3JSMsQjntioCzr6CUDrwUYJ2PiXveAxWhVTXujEA4DZnXbTfnlh_oS45yI28ullmZck3F-F8p8CLvnStEsXomSy4y5ES98uMlrrq51AxJLPkPvzBTsGTaOkUO_i8aX6LhoAeGTgkX13DwFuer_i8tMrlH8H2TVWFwwu1q3aCDjGbTN3vviV4wNyLe-3RZzfZHgXlesdSEoV70BrO5GlQUtFJRRxjoz0nhCdr3pzhhb-VGCpgZzjjKW9rmRqg9ncfl38svYdw1jRoI35HEDWfFNbitf95w2lDo0ZHfjnM5kxEMC45RpFt8TnWlCHwJpsMnoKqEcpnaZwzkhKG10Pqbiu5htttrRN1X7iH6Kvo8XTyV58qeh3Dr6cnEvs40RKwn1arZDkQbOOCz_thAU9pWMoT69X7z0ojs0-h_zi5X6NWeZ5coVeuhl_pRg

Requested by

Host: 87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
URL: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 23:36:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 201 events
api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage/ 0
0 1295ms
1295ms Ping
application/json 2606:4700:10::ac43:2516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vidy.com/apps/45d30d46-8ef6-4e02-aa07-da685ac3e3db/content/homepage/events?uid=aumuj711.bseknhuxp
Requested by: Host: static.vidy.com
URL: https://static.vidy.com/0.38.5/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DCA0 0
25 B 43ms
43ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv500MvkdlhsaTp1YYdCzAvKJ9SKq2-VocyQCsUUb3ASPo_PYPMg9yXo6Qtjnv0PAtZ3j8ZmhBp4zfk9iPAevcLHjh4G0iP1yI_RLYhgsIleaDHDjVFlP7tcHOFjlh0eu5XBkOtbDIZZ4pYdf54zIGhItNiqhmxc58b0wX_BaWUzfHT1yHEqEYgViCzbsmfz2OoDWlbOatp18qHaHUEqSKKuVsCTztgP55evMZ732cZIUw8kxAbLVbQttYs-WfrY2FRwbkhRehj7FXWxnOlc13NqRRS5LFL73fbir1QRvRtQTY48XBZDKOoIOBo-Q3uGkMGedSEtrtFUCI-NNTTFSMZcbd9RoPndLoKHGi6paRWMZjpfoueWvWeQgA-Owlp365XWxVLMIvgTNyOoGCsvtzkOHOO5lU8VaeVZEB20URwflvbCpIxt8tNqeq1elJ1E4PzUUDk5Zr8mOzNQp4nkspUmIeK8CT6fB0NzfVuv6qOGSkE96MwdIBq46yWZBtgvaiM2zQ6oa_kUHYL7A6wN4-1oAC9xM8WacDcoG7ls_zzboH59WueEfLfqIqyZoLsydug70hziWXW_xnlI9GQJNB2h6nF2YPTyD-Wjd1oIpuOAQs7FbDCimFZ5RIpwBrdaeE-S4WMldOT2aGpDSlLHg0qQ_ObVT9VbUR5Tx_cB1_9jPtCp_oKUPS6UIQouxmfQc_Vp1a-seMKKPU6K0GPREC11ksUDAbOEiKKcrP75KT2MtELjGo1hUz4cX-4DstKxfIPEkql525nSgMCHtc9zXQuTqYdEFdejA8zK67seh8TbCJzGhFTprAO7lMn9JWOZ9N9mom3gSxDluqGcwT4kmBMC9ZdkrUP-NevDGDTaqaBXGBgDggK4B3CXC9puZUoh2KFB9CKBC46CoIoHco7awacVAC5zc9W2eAwO8HgI42iL8XVHAdeQ7W5ijyWbHnZa9j1-dJXHS9B_irhDri0AcFhj22TESLuJfanVKfnqTblT_tVBsJXRN8_e1PQs6jp7UParRPTz8cQEjlMnz1NjO-XM7WwmAPeGUy28Oh-TJElXOEUf5KByGK7vovowgV3tT45WNS6iz1UmXnZfjMvXRbzROnq02qeEYmB-7rApNYn3wUa2PjOqgj_Fv2yigqG-cZnEvpA9PuGuoRziFkDNNC_20vWRHmHgX6kNJO_oOSm98QzRK2dFnr85nILPfa3EMDOJo3V0OkX6KCnr-RI_8CJyMiS5rYMVqkuEdK0z23873ct&sai=AMfl-YRFURi2wCnO0RNeuFx1JpswW_RwUeulC2ybfFPx0r3OqhxEkhPEjd6BE84g9AZ-_OMjH3dgcJNdZJ8NHS3ixW7leDtuh-DcVrd9GXkyoWQneIsUttEzNGhVVL-RcsR759LBl6daOsSt7VXw1O4RDxyCvDUONg&sig=Cg0ArKJSzKog-e3Nbf4AEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=892&vt=11&dtpt=780&dett=3&cstd=106&cisv=r20211111.75071&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 23:36:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
server: cafe
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 9660 47 KB
47 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12836924573366616064/728x090.html?e=69&leftOffset=0&topOffset=0&c=rV23zqYLOe&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:35:30 GMT
x-content-type-options: nosniff
age: 34
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 23:50:30 GMT

GET
H3 200 OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 9660 47 KB
47 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12836924573366616064/728x090.html?e=69&leftOffset=0&topOffset=0&c=rV23zqYLOe&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:33:41 GMT
x-content-type-options: nosniff
age: 143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 27 Nov 2021 23:48:41 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9660 7 KB
5 KB 18ms
17ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

467979312b706f5d2e21b49862e908699d1c6b534eaa0ed85e9b556d19e429b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 23:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5111
x-xss-protection: 0

GET
H3 200 60005582_20180201040701083_empty.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 9660 95 B
121 B 8ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20180201040701083_empty.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12836924573366616064/728x090.html?e=69&leftOffset=0&topOffset=0&c=rV23zqYLOe&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:07:59 GMT
x-content-type-options: nosniff
age: 44885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Thu, 01 Feb 2018 12:07:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 11:07:59 GMT

GET
H3 200 60005582_20211014235342828_APP_iPhone-13-Pro-Max_Asset.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 9660 26 KB
26 KB 8ms
8ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211014235342828_APP_iPhone-13-Pro-Max_Asset.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94c861b3e4bc918650205113892b86d7768e0fbc75fdfcd8e103e87988eea6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12836924573366616064/728x090.html?e=69&leftOffset=0&topOffset=0&c=rV23zqYLOe&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 20:08:06 GMT
x-content-type-options: nosniff
age: 12478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26950
x-xss-protection: 0
last-modified: Fri, 15 Oct 2021 06:53:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Nov 2021 20:08:06 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 9660 43 B
609 B 34ms
10ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=25667676_4307561_303197252_146338374_-0&ref=25667676_4307561_303197252_146338374_-0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 23:36:04 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9660 17 KB
6 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 23:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 27 Nov 2021 23:36:04 GMT

GET
H3 200 CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js Show response
pagead2.googlesyndication.com/bg/ Frame 27B0 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 17:22:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13332
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 17:22:12 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kayumanis.detik.com
URL: https://kayumanis.detik.com/api/validation/

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsst_Oj6OkQv47AzmcJsmOPDwKVHBZbXcF9Gy4VND6kTwkRi_uoiU4oyaZbMj0pGH4Usk7YMxum9vKYSdCuU059h3GbLXlfQA1SUn07p1k6jk8aL2gDU&sig=Cg0ArKJSzHzymZx6NpPUEAE&id=lidartos&mcvt=141&p=1199,800,1200,801&mtos=141,141,141,141,141&tos=141,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=528661791&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1638056157640&rpt=107&isd=0&lsd=0&ec=0&met=ce&wmsd=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5pDK6qHct-l1YXwUkvyPFzs5THVA1ICJdnaJUBjEd5ZCur6UqRF8T2_LLp6Yl1g4rvrj-8c3vciN4wo95k_FSKJfr14iaW3qeMKA7kKA_GHLqD64D&sig=Cg0ArKJSzJdmX8zXMsF9EAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=0&app=0&itpl=19&adk=3302686316&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1638056157821&rpt=69&isd=0&lsd=0&ec=0&met=ce&wmsd=0

Domain: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/fonts/slick.woff

Domain: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/fonts/slick.ttf

Verdicts & Comments Add Verdict or Comment

327 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.eyeota.net/	1970-01-19 23:00:56	Name: SERVERID Value: 18117~DM
.spotxchange.com/	1970-01-20 07:46:36	Name: audience Value: c54c58df-4fda-11ec-ad60-186cd56e0506
.haibunda.com/	1970-01-20 01:10:32	Name: _gcl_au Value: 1.1.1810601703.1638056157
.scorecardresearch.com/	1970-01-20 16:17:44	Name: UID Value: 1LZS0BCQY6UQRJGTETV7UHg1638056157
.haibunda.com/	1970-01-19 23:00:57	Name: __asc Value: 47499c9917d63c16115ec5e8644
.haibunda.com/	1970-01-20 07:47:58	Name: __auc Value: 47499c9917d63c16115ec5e8644
.haibunda.com/	1970-01-20 16:32:08	Name: _ga Value: GA1.2.405606440.1638056157
.haibunda.com/	1970-01-19 23:02:22	Name: _gid Value: GA1.2.556736028.1638056157
.haibunda.com/	1970-01-19 23:00:56	Name: _gat_UA-891770-244 Value: 1
.haibunda.com/	1970-01-20 01:10:32	Name: _fbp Value: fb.1.1638056157577.904842471
.facebook.com/	1970-01-20 01:10:32	Name: fr Value: 0kRRI7TOuOyAR13u3..BhosDd...1.0.BhosDd.
.doubleclick.net/	1970-01-20 08:22:32	Name: IDE Value: AHWqTUlGCaFPmKyKYZWNm1g5pjdZrEW-Zgpjw3AYy0CflHRuw3A-E0j7i1zxY4f0ncE
.casalemedia.com/	1970-01-20 01:10:32	Name: CMPS Value: 5207
.adnxs.com/	1970-01-20 01:10:32	Name: uuid2 Value: 36957439632813547
.casalemedia.com/	1970-01-19 23:02:22	Name: CMST Value: YaLA3mGiwN4A
.casalemedia.com/	1970-01-20 07:46:32	Name: CMID Value: YaLA3jJwiqOuHttv2MEwMgAA
.casalemedia.com/	1970-01-20 01:10:32	Name: CMPRO Value: 1159
.casalemedia.com/	1970-01-20 07:46:32	Name: CMRUM3 Value: 2d61a2c0de2760CAESED8bJDODUXOvZmT-mdPf9rE
.adnxs.com/	1970-01-20 01:10:32	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GUdL1ojo!@wnfH8K6pQK`!5=E<L5?%K@3jc=aGEuRmr]ki.T^=n^NR.IC2X'!K?$Il9RFMZ9T5_m!wwF<)d+2)
.haibunda.com/	1970-01-20 07:46:32	Name: FCNEC Value: [["AKsRol--oj1gZ4RlbKu4N3QD0vDrh4wVYI7Ryo-yeZi_balizAlpMFkKPKGDo2hxTLZw-iNpMJllAFeYnYe2vbiras2A63IJgcAbXRq9Dmd5FBNSYmRrElhoU8gsEtSxUE_rtqtmbNtGThIxaEuU23DwXvHPr4rKhQ=="],null,[]]
.haibunda.com/	1970-01-20 08:22:32	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1638056158498],null,null,null,[]]
.haibunda.com/	1970-01-19 23:02:22	Name: __dtmids Value: undefined
.haibunda.com/	1970-01-20 07:46:32	Name: _hjSessionUser_961139 Value: eyJpZCI6ImM3NmIzYTZjLTkzZmUtNWJjMy1iZDNkLWI3ZjE2NGVkNjA1MiIsImNyZWF0ZWQiOjE2MzgwNTYxNTc1NTMsImV4aXN0aW5nIjpmYWxzZX0=
.haibunda.com/	1970-01-19 23:00:57	Name: _hjFirstSeen Value: 1
.haibunda.com/	1970-01-19 23:00:57	Name: _hjSession_961139 Value: eyJpZCI6IjE2Y2Q2Y2IwLWJkYjYtNDZlNC04NTc5LTVjNGM5ZTU0ZWM5NyIsImNyZWF0ZWQiOjE2MzgwNTYxNTg2NjR9
www.haibunda.com/	1970-01-19 23:00:56	Name: _hjIncludedInSessionSample Value: 0
.haibunda.com/	1970-01-19 23:00:57	Name: _hjAbsoluteSessionInProgress Value: 1
newrevive.detik.com/	1969-12-31 23:59:59	Name: OAGEO Value: DE%7C05%7CFrankfurt+Am+Main%7C60326%7C50.1025%7C8.6299%7C%7C%7C%7C%7C
.haibunda.com/	1970-01-20 07:46:32	Name: dtklucx Value: gen_cf5d042d-5abf-c206-5608-625ecd349f1f
.haibunda.com/	1970-01-20 08:22:32	Name: __gads Value: ID=1aea7b41d1c74b43:T=1638056157:S=ALNI_Masw0hEPCyWDF0hTXlomr4WYrZHOQ
newrevive.detik.com/	1970-01-20 07:46:32	Name: OAID Value: 8a3c9b17664adc07901a062691e1dfc9
.o2online.de/	1970-01-19 23:11:00	Name: webShopPV Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=25667676_4307561_303197252_146338374_-0&ref=25667676_4307561_303197252_146338374_-0

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
javascript	error	URL: https://www.haibunda.com/ Message: Access to XMLHttpRequest at 'https://kayumanis.detik.com/api/validation/' from origin 'https://www.haibunda.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://kayumanis.detik.com/api/validation/ Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://cdn.haibunda.com/css/ajax-loader.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.haibunda.com/undefined Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://www.haibunda.com/ Message: Access to font at 'https://cdn.haibunda.com/css/fonts/slick.woff' from origin 'https://www.haibunda.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn.haibunda.com/css/fonts/slick.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.haibunda.com/ Message: Access to font at 'https://cdn.haibunda.com/css/fonts/slick.ttf' from origin 'https://www.haibunda.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdn.haibunda.com/css/fonts/slick.ttf Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8119dd83f071041d61f685eb3b5eaea0.safeframe.googlesyndication.com
87eda1d74e1b98a3706ddbdc0b8c6e7c.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
akcdn.detik.net.id
api.vidy.com
bid.g.doubleclick.net
cdn.detik.net.id
cdn.haibunda.com
cdn.jsdelivr.net
cdn.taboola.com
cdnstatic.detik.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
connect.detik.com
connect.facebook.net
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
global.cloud.netacuity.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
images.detik.com
imasdk.googleapis.com
kayumanis.detik.com
newrevive.detik.com
pagead2.googlesyndication.com
portal.o2online.de
ps.eyeota.net
r1---sn-4g5lznle.c.2mdn.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
s0.2mdn.net
sb.scorecardresearch.com
script.hotjar.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.hotjar.com
static.vidy.com
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
us-u.openx.net
vars.hotjar.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.haibunda.com
cdn.haibunda.com
kayumanis.detik.com
pagead2.googlesyndication.com
103.49.221.102
103.49.221.172
104.111.242.245
13.226.145.101
13.226.145.106
13.226.145.115
13.226.145.122
13.226.145.26
13.226.145.7
13.226.145.99
142.250.13.157
142.250.184.226
142.250.185.226
142.250.186.98
151.101.129.44
185.33.220.241
185.94.180.125
2.18.234.21
203.190.242.102
203.190.242.172
203.190.242.244
203.190.245.173
2600:1f16:bc:1201:6b79:521a:2fc2:9364
2606:4700:10::ac43:2516
2606:4700::6810:5514
2606:4700::6810:5e41
2606:4700::6812:154
2607:f8b0:4012:81b::2003
2a00:1450:4001:1d::6
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.124.210.90
35.244.159.8
52.49.172.98
82.113.101.132
0066ca9ea6c261ca49ef079e4933b3c6fe1b4812e33bfdf004bda8da9e4da939
00d5516e5518784ccb4859d49e80a30b0a027b5b644d0b1102ad6494de6d6089
04d0ea694f279255eaf563d5ca1d83926cb3633b340c2a3616ce8f6d3196a4b3
05d20b8b8b5db9ad1794d810f11803a59fbda373d04d313deeb842d388aac6c8
05d87c3a91185a96c227af54bdd8a004eefa792b247abcf4fbd4214b0c3b52c7
06b276a97a4711565b340e4c6df18ae76b6f7e9167c9584e81d10de6370dbb27
077fa94b0c20fca54ef881b3a7bbfb754032b10587d320fdbf0a38d158f80c2e
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
09bbbc72b0c1e4a77791b1bcdf372897b2b51c9ae4f1b692a20494bab7d1cac8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1153fd4d2a7b218439b3cac7f14ac3647b03b911855f4e76731723f36042cb65
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
147abcd981f7939f14184e96ef62d2d08885057b34e1aaea210bebb2dcfc02ea
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16ddb7004c8fd4363b7cd0c674bd75b946bca320b071c925b6dbd1f7021aca57
17552f720d33b40e16004864aa41015571611e878977716716ba2a6583cc77db
1a56fec1266b8719298779577773d69b2f59d229d490a1ec240ff380761ccef4
1d52fc99fa593282ebc410f9a27cff8452a2b2327b91b85d6e2338307ab18e40
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e2c025e605115feee451785985fc924023d9473e44787a8c25d8c72e221f01c
1e2d6fe9b61d4613aa3c10f7b75988ff963d0af0d4b9ec88b44a231f60a7ba4c
1ee245f002113d24eeca1097c7345d61da21e98dcd0da6911454a6160a229cca
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
200174cdfb9da0cc1397d8bfbc2673bb4e67f28fc4b6c6871d985adc70f1f7e5
2039d1462586dbf6a88f8d33cf2fc6b1043ba76019929ea83cc5e386cbf0e3e6
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
2202fa796324f006c0b5b3ec0416e66573ef71ae3c2a4d0d18fa898e84f7231a
233b686449a2feceb0d93620660d90de4a9cc88cdfa974faf4f7d36b14cc7349
24188bfb37dfe180f21d1de5e12d8901c3c92ed457b00bb4bd2f7896a454c315
279bcb202040b2627e7767944484116a8327b43a32099c5dd39319ed5b833441
29f40d8bd97eeab29d23fcd3ae3da55b70d8c53221f28ac2126da765c8d3979f
2b3991dce1045bf0ca402d1d8a49bfbedbe421c87d6791b883e92e82c5ac7495
2c31f728d5ab455e700b6072ca4bc53b94b9c0937813ce82c736a967548edd70
2ca252b1ec28d3fc04078a3a87894fea0cb9d5ee81f0bbc5a66ff8c5ecaab333
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2e34d1260f26dc4980a2bfeb849192ac8831693a2bf698ff258cb5fd6adb1efd
2fe7f1e499e3f37c6b1f96eb7de1e63ea205104280a32a858ec0da0bc1f845c2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
38d4825946c29a0abd077b9d190fa6e3f41100d7ee2f05994ee9ef8988231fff
3931c394cbc6648334ae362b60d74938635d8115826d42b224a25c45da1ebcdf
3bbb862d7ec66e071907012834b3a6e26ee158e81f6d4ace864fac5187329a46
3c4e4b573af97b478459b02295bbb9c85f1e4125fc4e44b23974fbea22a687b7
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ecc75dfc0b89f78ae5adb56087bd9c5e82bc9fcbdb2351da4c63f800e9ee04e
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3f476514fa2f753e600ebc50ba73905337b344d8bac152f7549ecab2cda6dc83
3fc333eb3107febd406586ee8206bc0ee2aeb7f6c7a77f3923a353b72b0ca080
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
4311bdd1f46cfc09916e1cd450c449488cbc83f28f65f09f6250705206b0b1ec
43c4a17436f23370f3d364bc1f64ee8b9a65aa3ad27310ae8bc5adbad3c292fb
4499a5d4b53e3f845225b53dc8fb25d4bb00250b6ce0a4a9949d63ad5352b452
465e430edcef6aca232c84f9b7c1dfb97cbd83dd464a561ae403793a23d8c13e
466073efb656bb212924c55dc35015a96a726ca786ac872fb4e332908a127781
467979312b706f5d2e21b49862e908699d1c6b534eaa0ed85e9b556d19e429b6
4842be1644d3ff35ba6090a48a2ada270ec5af1963bd9e69f39cb385eab29632
4885c1c647b93d166713ffd9989b63239f2b9a37dd5495a5f3cc0b0832a6fd40
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0f57d62338e4fa1f8a4294d8ae6f14ca888d41dab5732f31550eb02efb3640
4ead2bd6c769b87d010407b5bea2b3b642b1d5bcfea1d9103e5044f9c02195fa
4f659948b1767dac97cd195d60028064755090cebf60bdb2424bc1c3ed64195a
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e7e16fa947036ed479023375a7a44597c72dcc780c110ddb87a28cfa7fd16c
519f36dfb169cf61d16bab3b2e62107657910c4daa039cc3692d7b9e6a9c4a6b
5229307b633bbb93bb45ad376fef87db824fa4200eaa1e65fd2f180f1dafcd93
55a20280c6e8178b51998f0ed310a6bc4838f4d3cc88154547f159f893dd7920
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57532ca0f542594b21e66a42c0ecac74b2b89b9922839fc2508d2c375ce0f3c9
591650f961335ac51209c9460bdf46400158b1cb4c03e0ea4d06fdd217d3ce02
5929c2771e4180059ae0df1b45fdd48211aae0b75c671a0258649533b0fe0511
5a954f8a8aba790ea7488a605640190ef1ad1659bab25e7df5b96345b72ee818
5aa952cddab75674972b8f53ebaef310234d890fddd1ae14190d95dbb7289040
5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6
5c8530b3a15538b349a408d3544b1f4720f06acf3e4cb34e196118a41e804e50
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
649dcf55ac367e0902021fcb2e99b803e2d9cb3d06e5c3443d3c4ec92089b82e
64f92ac5b3e5e53a9fbe7815fc07b9c10de1e6489f1c020041f543fb1c84ba3a
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
67aae3ab97e82df125f167d14d97cb60cd54c427476cf54f0cd545bfa21d3558
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6879a987172c12f5cd0a92ea77a79ed0b2e9864ffb1f2d1d66c71ede1f5449a2
68dfc61bc10278397931914a1bf9f70dd2595a393f55c868206f2edefd8d7c76
6d0a94daeed6fb13bff4a040ee8a19cf4e987f9425b42dc2c116f4c7b2717039
713a485cfb9df67760a976d525787728ecfc1e2b23ab06a372beb7e625eb8bd3
7140a907c2d5e058b18f9c64b37cbca0c4915a3cc5919f5be199849db17099b8
7217ac0d012247ae7b691bee9b36c2c3dfd6f5c81f7ab5302ec21cad24bee3c2
73969a0f836e1d03b3e951961141b6bd630a1d80d0389ba96a5d1b2efe2cb744
73ddd587b27ed08c0768aae3a8394ab600e2bcb585bec9003dcf0a8bf2955cb0
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5
76a326a4f7cc744e20ea5b679b7cca976552ed2bad3b0db69ceca5c2936e6a51
7737de8ea7813aa2e98822fd89c2d449c0624d17d56a3f00802bdd9e5dca4c62
776cb49daa7fbef8a13ab76abaed0c92a4f7b09ed9d832cc4665a1e3e6a568e5
7787917a6143a217af620df3b2cd3fb1c84fa36ef088477a75d674aade5acc1f
7dc10d22f8837c40cd6b6b3ffd3a248fe60f6879017a8099ca716e8f89c5c048
7eca0fe7087d47bf8bba5ab355c02dc00bd403498edcdf259cb8eced59e8db45
838a508831ba3763f8fb1ad2f01d8dd0e51463b1f6c17f3580d97b545a0db5c4
847b5713e2aa6f31fc31108d68cb8269efea37a56253e7d72050e356b645e993
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85094b91c85e6dd45a8af3352356b1c0fa38d7d67a667701e0508c72b0827d22
85753003131a1b2621547b01785257fb2fbe12b77fef0fe6a01eb3d5a0ddfc6d
889ed0f48c04d82f2bd820be3891c084083bd88f253a8e4018227e8c7d81f21b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a033d8f85ef60fc0f1b2b6dbd87fbdd2ffedbd29749937de47ee533071f63c6
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8ab498df51bd76d040318633cbbeca6f7ace32cb232b303be057db6881bddb02
8ad3e1be1b9cb15ea3c9379f994f99e8c97af5a04f894299e1999ed2582ad62e
8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0
8ff983d58b09ee6da5270c96f77719da4db7b7fde747b2c29615691cf72b0b4a
9004823d780fcf88599883c12d7f3f43cf15a3dd3b7ccef0cc3a57520b2311cd
91e3e9479b81590d447db1480185e8068e0c768514dc64ae59d18b6c1de9db0d
936f4961bcf810b503b5e00d6c4347848a3136e1d1c59d7318dd6687332cae1a
9410178c2684d3fcc1067cc765804b8ba6d856d42164db49a95897ccb7db9818
94c861b3e4bc918650205113892b86d7768e0fbc75fdfcd8e103e87988eea6aa
95e07552647dba0920cbdbad1e6ad21bc1f27048a691e9f576a78334e71f1576
95ea4f9b70f2ca3ad7bab58bc9dc7ef03450b206e493bd6da1a9878d7e0b9f16
98ce2a3ea24bc6d29cf87c63e36d2ec703691056dfde86478c30034c622aa0e4
9905f2438aa32d809922c8eabf800fc907c75801e15e0b29481a7dcf99007deb
9c2638f6f7254424a976b27decc5ce63acba828134e343f814add0a5218d4dc0
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a13c3185915409efcbec0f3be6c968916c770e284c74a1be4b41373677271432
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a321e62c3702ec8b6b191376a4482d5c9c5497e6fe4410458732ddac6d549a94
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8524fd8a8584fd91f8c113e7d38fe6d02031986593db92cae33a1d62805b6f2
a88a351e0ad78ab48f5ce0b9d4bf7eea91fb365c844d5fdb45fee434fbcc5ab9
a937f533ce907af98d82e08ab0f98469c9631884b1202f85e8c45e3500f19d45
ac9f7cfe5e67a750a6d0fc3918470b4ac66d9b1fde07e6b4f82c541cdca9c200
ad1abd34545b5ababa9e47931ec57625b3622456db4ef964940fc9cfc066d6f9
ae0fa70fac30cf88c7d2aad7b983661756e539df66baa05ba0bbf0f07ee0ee58
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b154c3045e03f762b3f12acca6a29588a882ed5cd08d2a7381e68646ee2f88b2
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2452668399814faf040e35fe9ef501fdc0d6f52bd5292cae648e14630b1d652
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b94579183745a1f26edaa013f39ae71fa693c6e166a7eb7a74dce8e97dd304fe
b9a01ce89abb5bf760c23fff8fab0d62221ed2abdb5383606de90d93a361c091
b9ec068094ebd96c28f6d899c0195bfbaf9c853a309b1787c6f60c2a236a1773
ba5a40a31c43363bd0ea2c1ee5bf53887702c099e598464860969fc0dc78852f
bd9f492dfb66e4c79d17d3807524d04c8c73ef58840ef012c79555039c66c495
bda2b2b3fe408efaec1312cdc117f353a14e6d1717f1846d827c319c5836bbff
bdf983a7d3f8b72e7819dd5a8297a8db62d82b84af2434950a2ed2ca10678c19
bff38b9aea6240de0008b12d8c00624a299945165c7c533a9e7d68188fa5318c
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c2c2966aae8201bc780e69791af145c18f8ef0167896f2fa01c6d1532baebd9a
c30366e2cf6852cc476664d4f6df1898e46c78174c4e803d2848d14e0d8d2713
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
c6b125c8dc7b6c653f8b83247885e3ebb9f92ffe94a32efa224302737eb0174d
caf0c8bab7329b3c721eec9ba026b15667d3556c8ad8144ab623118d42fb26f0
cb7637fb42fc291914656f7112c0b288bdd2961ff42546730daa7b7da46db898
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce146d218b23af17e1eb05a4e8cf08beb466eca2e87ee4c6523694b4fcec176e
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d231b672aea39d98bee92025242644ddf141f09e9442708a0efeae7f40f49c72
d2be6c1b8f8d56695ff6f85c5fb500922b1b0c76a9820e88a78b0fca01b51c6e
d2cafb73ea65d999b1c2e7cb5db2d634033f618c727d1df26442d77122dbd6c7
d3e1a155b737f5ddf4de621ae74badaefdaa448529f077240374405e60838c07
d83e9935695c996946bfad955752b483ff58fc2ce589b50990ac44ecbceeeae6
d871d2e77a06c3f0eba9a19c6c9637b3c1bce6b763613d687cadb1ae0c82749f
d9662f11021061dc643fe015acc4a28870cb8b3c9877e6ca4976c6f021786e68
d9a6ba91e98d993b21b8af1f6617c0c1720cf4965a740da8fe54d2d018070afd
db4d3506734cf097349374f1ddd1b3c87dc6d96effa47d974af5c2b77342e427
dbe2fa84e0258944f8419d6d9284989145c5d4ab18d7e61246f66a973d5656b4
dd73761c28c7a75fd54710fdfbb94d8c68c0870a04d5b28fb6a0cb9070960861
ddcba9cb7bf4ad80842a32d4302ce18d28b318818c9107f175224b9b486154b6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6e38bc135d157b92d0151f7a202c94294786074b49e5a3ac5fbb0c1d968b3a
e101b567c517c069e8223a925225c87222096a799224ce015ada58452a19c585
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e57167617bfd89f44b6b45ebbbf8c77ef427bab544a440d9c53bff9b50bf6c6f
e669e0d5c0ab70545fe0ddd2ec85f1a323adc26c7e1b22bd276160909c9094f0
e6ee817417e2116d8d2c64cfd7670fb698da06d58c32ec63538389a11cc740f5
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
eb22877643be19823f22f74c1a2e55e18c8e81f49624e2d1d0fcbf0badc73555
eb40531a629538ad7ad83251dadf2113c4806ff0700f607717743889cdfcb472
eb5b1128d29d5efe4ac0809c4f92eaedea9153b9192cc6fd1bb0755d2726d7a5
ed92518c8e1991f83f39fe4a7b40b28723bd6c6d0f077ea99371f0381510d784
edc343f5c266818bc8d743c0ae52cbda6646d39db27652e43fca94e825b0c517
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd03b0d726d18465de44b4bcbe6ada589e6d4cd28c022efda2b23ff2db80060
f0b8f2f1618721708ad8ba50af0aefd2097fe32505402a7dc0cba3b53193b854
f13abb259dcc4abd8726fb32e9fbb624a99fec6f0ebc2fdb52309692e06c8dcf
f211d5515e06968363611e44e707886e702b561ade1964a285437f9de9af8a19
f25cf1a788fd845ec9fd9612d636207ad7db744aa99624c76fb6c8ecd379e92f
f2e426a23e461bb20960dbb9e3aef39a5827af0b0af572a7e48cf1b19f938baf
f4cd7f7ed98b0310777a38c4ff88ac0aac7ff110821415e925121b1e8893e350
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383
f767ff57e754a486c69aa7015e51ae752683921919a05a2e1af14142a085109e
f79056eaef6d1b663b971acfd0064fc6d529a3d0c0c49abe6d98423cc722be9d
f7ba144d13acfaacc8297bd004d13247e9deabf403ab2e541e57286c22cbb4b7
f8e6d431d0a4a2087615e20b0c58c118f8133e74a505de8e6e8e303bef22ff0b
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
f9e636f727224622670d7d0f07cd54746b2bb7f2366c3f23c93dfa6a175ca164
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.haibunda.com Open in urlscan Pro 2606:4700::6812:154 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

296 Requests

94 %HTTPS

52 %IPv6

32 Domains

59 Subdomains

54 IPs

6 Countries

7656 kBTransfer

13979 kBSize

32 Cookies

21 Outgoing links

Redirected requests

296 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.haibunda.com Open in urlscan Pro
2606:4700::6812:154 Public Scan

Screenshot
Live screenshot

Full Image

296
Requests

94 %
HTTPS

52 %
IPv6

32
Domains

59
Subdomains

54
IPs

6
Countries

7656 kB
Transfer

13979 kB
Size

32
Cookies

296 HTTP transactions
2 data transactions