kontolnemek.situs-web34.my.id Open in urlscan Pro
2606:4700:3037::6815:1133 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kontolnemek.situs-web34.my.id/
Submission: On August 27 via automatic, source certstream-suspicious (August 27th 2022, 9:49:37 am UTC) — Scanned from DE

Summary HTTP 115 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 44 IPs in 8 countries across 38 domains to perform 115 HTTP transactions. The main IP is 2606:4700:3037::6815:1133, located in United States and belongs to CLOUDFLARENET, US. The main domain is kontolnemek.situs-web34.my.id.
TLS certificate: Issued by E1 on August 18th 2022. Valid for: 3 months.

This is the only time kontolnemek.situs-web34.my.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:303... 2606:4700:3037::6815:1133	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:d725	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
6	23.205.241.117 23.205.241.117	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.23.160 13.32.23.160	16509 (AMAZON-02) (AMAZON-02)
5	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6813:d625	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.205.239.15 23.205.239.15	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 16	104.18.183.224 104.18.183.224	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.18.182.224 104.18.182.224	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
6	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1 9	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.66.91 65.9.66.91	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0d::9c	15169 (GOOGLE) (GOOGLE)
2 2	3.121.84.223 3.121.84.223	16509 (AMAZON-02) (AMAZON-02)
3 4	52.58.8.248 52.58.8.248	16509 (AMAZON-02) (AMAZON-02)
1 1	54.36.172.109 54.36.172.109	16276 (OVH) (OVH)
2 2	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.30.152.75 52.30.152.75	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
5 6	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
3	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.166.1.10 69.166.1.10	27630 (AS-XFERNET) (AS-XFERNET)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	18.195.73.243 18.195.73.243	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	99.86.4.91 99.86.4.91	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.215.95 143.204.215.95	16509 (AMAZON-02) (AMAZON-02)
1	44.237.43.91 44.237.43.91	16509 (AMAZON-02) (AMAZON-02)
115	44

5 2606:4700:3037::6815:1133 (United States)

ASN13335 (CLOUDFLARENET, US)

kontolnemek.situs-web34.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:d725 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.otnolatrnup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.205.241.117 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-241-117.deploy.static.akamaitechnologies.com

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l3.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.23.160 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-160.fra56.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:d625 (United States)

ASN13335 (CLOUDFLARENET, US)

otnolatrnup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.239.15 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-239-15.deploy.static.akamaitechnologies.com

www.aaxdetect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.18.183.224 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

static.mediafire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.182.224 (None, )

ASN13335 (CLOUDFLARENET, US)

www.mediafire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

85d03a68e65d779d96bdb6794e318fd8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-91.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.84.223 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-84-223.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.58.8.248 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-8-248.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.172.109 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pl01.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.152.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-152-75.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.236 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.194 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

c21lg-d.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.31 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.73.243 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-73-243.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-91.fra6.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-95.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.237.43.91 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-43-91.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	mediafire.com 2 redirects static.mediafire.com — Cisco Umbrella Rank: 55911 www.mediafire.com — Cisco Umbrella Rank: 33828	82 KB
13	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2210 adservice.google.com — Cisco Umbrella Rank: 88 translate.google.com — Cisco Umbrella Rank: 1239 www.google.com — Cisco Umbrella Rank: 9	170 KB
13	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 stats.g.doubleclick.net — Cisco Umbrella Rank: 108 cm.g.doubleclick.net — Cisco Umbrella Rank: 214	413 KB
9	openx.net 1 redirects jp-u.openx.net — Cisco Umbrella Rank: 9434 eu-u.openx.net — Cisco Umbrella Rank: 1992 us-u.openx.net — Cisco Umbrella Rank: 399	2 KB
9	media.net contextual.media.net — Cisco Umbrella Rank: 537 c21lg-d.media.net — Cisco Umbrella Rank: 1823 cs.media.net — Cisco Umbrella Rank: 1357	15 KB
6	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 957 fonts.googleapis.com — Cisco Umbrella Rank: 54 ajax.googleapis.com — Cisco Umbrella Rank: 286	453 KB
6	aaxads.com c.aaxads.com — Cisco Umbrella Rank: 2793 l3.aaxads.com — Cisco Umbrella Rank: 4038	361 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	305 KB
5	situs-web34.my.id kontolnemek.situs-web34.my.id	129 KB
4	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	2 KB
4	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com	19 KB
4	otnolatrnup.com cdn.otnolatrnup.com — Cisco Umbrella Rank: 64334 otnolatrnup.com — Cisco Umbrella Rank: 58063	74 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	171 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 619 script.hotjar.com — Cisco Umbrella Rank: 853 vars.hotjar.com — Cisco Umbrella Rank: 858	69 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45 region1.google-analytics.com — Cisco Umbrella Rank: 3094	20 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 958	1 KB
2	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 407 dis.criteo.com — Cisco Umbrella Rank: 712	830 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 371	529 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 612	926 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 230	2 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 783	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 422	64 KB
2	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 3452 api.amplitude.com — Cisco Umbrella Rank: 1360	22 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6076	501 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 792	493 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 572	375 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 992	498 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 743	669 B
1	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 458	495 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 476	644 B
1	bidr.io match.prod.bidr.io — Cisco Umbrella Rank: 504	430 B
1	rqtrk.eu 1 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 1900	513 B
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 492	6 KB
1	googlesyndication.com 85d03a68e65d779d96bdb6794e318fd8.safeframe.googlesyndication.com	4 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 868	35 KB
1	aaxdetect.com www.aaxdetect.com — Cisco Umbrella Rank: 5554	342 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1113	5 KB
1	google.com.au adservice.google.com.au — Cisco Umbrella Rank: 91302	792 B
115	38

	Domain	Requested by
16	static.mediafire.com	2 redirects kontolnemek.situs-web34.my.id
9	fundingchoicesmessages.google.com	kontolnemek.situs-web34.my.id
7	www.mediafire.com	kontolnemek.situs-web34.my.id
6	cm.g.doubleclick.net	5 redirects jp-u.openx.net
6	contextual.media.net	kontolnemek.situs-web34.my.id contextual.media.net
5	securepubads.g.doubleclick.net	kontolnemek.situs-web34.my.id securepubads.g.doubleclick.net
5	c.aaxads.com	kontolnemek.situs-web34.my.id c.aaxads.com
5	www.googletagmanager.com	kontolnemek.situs-web34.my.id
5	kontolnemek.situs-web34.my.id	kontolnemek.situs-web34.my.id static.cloudflareinsights.com
4	x.bidswitch.net	3 redirects contextual.media.net
4	eu-u.openx.net	jp-u.openx.net
4	translate.googleapis.com	kontolnemek.situs-web34.my.id
3	connect.facebook.net	kontolnemek.situs-web34.my.id connect.facebook.net
3	us-u.openx.net	jp-u.openx.net
3	www.gstatic.com	kontolnemek.situs-web34.my.id translate.googleapis.com
3	otnolatrnup.com	kontolnemek.situs-web34.my.id cdn.otnolatrnup.com
2	rtb.mfadsrvr.com	2 redirects
2	c21lg-d.media.net	contextual.media.net c.aaxads.com
2	match.adsrvr.org	jp-u.openx.net contextual.media.net
2	c1.adform.net	2 redirects
2	ib.adnxs.com	2 redirects
2	pm.w55c.net	2 redirects
2	jp-u.openx.net	1 redirects kontolnemek.situs-web34.my.id
2	www.google.com	kontolnemek.situs-web34.my.id
2	cdn.jsdelivr.net	kontolnemek.situs-web34.my.id
2	www.google-analytics.com	kontolnemek.situs-web34.my.id www.google-analytics.com
1	api.amplitude.com	cdn.amplitude.com
1	vars.hotjar.com	static.hotjar.com
1	www.google.de	kontolnemek.situs-web34.my.id
1	script.hotjar.com	static.hotjar.com
1	ajax.googleapis.com	kontolnemek.situs-web34.my.id
1	fonts.googleapis.com	kontolnemek.situs-web34.my.id
1	ad.turn.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	dis.criteo.com	1 redirects
1	cs.media.net	contextual.media.net
1	sync.go.sonobi.com	contextual.media.net
1	p.rfihub.com	1 redirects
1	gum.criteo.com	contextual.media.net
1	pixel.quantserve.com	1 redirects
1	sync.mathtag.com	1 redirects
1	match.prod.bidr.io	jp-u.openx.net
1	ws.rqtrk.eu	1 redirects
1	l3.aaxads.com	kontolnemek.situs-web34.my.id
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	ads.pubmatic.com	kontolnemek.situs-web34.my.id
1	googleads.g.doubleclick.net	kontolnemek.situs-web34.my.id
1	85d03a68e65d779d96bdb6794e318fd8.safeframe.googlesyndication.com	kontolnemek.situs-web34.my.id
1	unpkg.com	kontolnemek.situs-web34.my.id
1	www.aaxdetect.com	kontolnemek.situs-web34.my.id
1	static.cloudflareinsights.com	kontolnemek.situs-web34.my.id
1	encrypted-tbn0.gstatic.com	kontolnemek.situs-web34.my.id
1	translate.google.com	kontolnemek.situs-web34.my.id
1	adservice.google.com	kontolnemek.situs-web34.my.id
1	adservice.google.com.au	kontolnemek.situs-web34.my.id
1	cdn.amplitude.com	kontolnemek.situs-web34.my.id
1	cdn.otnolatrnup.com	kontolnemek.situs-web34.my.id
115	59

This site contains links to these domains. Also see Links.

Domain
translate.google.com
facebook.com
prf.hn
windows.microsoft.com
blog.mediafire.com
vividengine.com
mediafire.zendesk.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
*.situs-web34.my.id E1	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.aaxads.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.aaxdetect.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.mediafire.com Sectigo RSA Organization Validation Secure Server CA	`2021-08-28` - `2022-09-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-05` - `2022-09-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://kontolnemek.situs-web34.my.id/
Frame ID: 9C615718E6C7FB34AC562AF81C94A37D
Requests: 73 HTTP requests in this frame

Frame: https://kontolnemek.situs-web34.my.id/ser.php
Frame ID: 15C5D38EF8A108AFAF7ECDE345A40A11
Requests: 11 HTTP requests in this frame

Frame: https://85d03a68e65d779d96bdb6794e318fd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2A270A440D95F445AF69E2243F75AFEE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0EA444E926FC20EB41E0764B100DDAF9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/zrt_lookup.html
Frame ID: 2FB58A3DB5D2AB981C9DD98922CD2C55
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C173%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: A14BC85329610A6D293CFCF0730A41E2
Requests: 11 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Frame ID: 651CFD95E6047BF47E1B3483B0741A4A
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Frame ID: 99682D481456852494D7A8498C3CA49D
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3045953729085363000V10&type=rkt&refUrl=&vid=15937729293045953729085363000V10&ovsid=5107433824351591776
Frame ID: 1D8412BEE2FD9CD7222F8CCDF141B70B
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 8EA3DECE68DE29E20408DFB45ABE8251
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
Frame ID: D049E99C48B8749A2E2C01A6A086408C
Requests: 1 HTTP requests in this frame

Frame: https://www.mediafire.com/blank.html
Frame ID: 94E8EE76DD6A8084D53EE471E314446D
Requests: 1 HTTP requests in this frame

Frame: https://c.aaxads.com/aacxs.php?flg=AAX3221EY&fv=1&fy=37&ke=1&suylg=292%2C167%2C201%2C213%2C356%2C214%2C108%2C251%2C175%2C325%2C272%2C55%2C141%2C265%2C89%2C250%2C97%2C203%2C206%2C229%2C274%2C231%2C209%2C291%2C271%2C51%2C241%2C267%2C3004%2C211%2C310%2C282%2C264&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: CDA63D76BA36BC605C827D7CAA1EDCFB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bok3p Jepang Di Ent0d Di Hotel

Detected technologies

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

115
Requests

87 %
HTTPS

48 %
IPv6

38
Domains

59
Subdomains

44
IPs

8
Countries

2421 kB
Transfer

7258 kB
Size

64
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://translate.google.com/
Title: Translate

Search URL Search Domain Scan URL

URL: https://facebook.com/share.php?u=http://kontolnemek.situs-web34.my.id
Title: Post to Facebook

Search URL Search Domain Scan URL

URL: https://prf.hn/click/camref:1011ldfGx/destination:https:/shop.pinnaclesys.com/1534/purl-ESDPNST25STML?coupon=MEDIAFIRE10
Title: Pinnacle Studio

Search URL Search Domain Scan URL

URL: http://windows.microsoft.com/en-US/windows/products/windows-media-player
Title: Windows Media Player

Search URL Search Domain Scan URL

URL: http://blog.mediafire.com/
Title: Company Blog

Search URL Search Domain Scan URL

URL: https://vividengine.com/
Title: On-Demand Video Encoding

Search URL Search Domain Scan URL

URL: https://mediafire.zendesk.com/hc/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://twitter.com/#!/mediafire

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mediafire

Search URL Search Domain Scan URL

URL: https://twitter.com/mediafire
Title: Twitter Page

Search URL Search Domain Scan URL

URL: https://blog.mediafire.com/
Title: MediaFire Blog

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://jp-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0 HTTP 302
https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0

Request Chain 74

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=d4N3F8Om1OrSrz5

Request Chain 75

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=openx&g=1&gdpr_pd=&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=openx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=bc9b10c0-6e8a-4821-83cc-1f821753645e&gdpr=&gdpr_consent=

Request Chain 76

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=3016732727924794083

Request Chain 78

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=15a06309-e8ad-4700-b8ab-aa6d384be596

Request Chain 79

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=zDAtPp87fGPXM3g_yjAwMcI3ezbXZ3k_w2KIZ2v4

Request Chain 80

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6735621703417407054

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTQ4MDUwYjYtYmVhMy02MzdjLTU1YTctNGFkZTU4ODQ5MDZk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTQ4MDUwYjYtYmVhMy02MzdjLTU1YTctNGFkZTU4ODQ5MDZk&google_tc=

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED2FxqxyCDD0abfdYodD_oo&google_cver=1

Request Chain 85

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3045953729085363000V10%26type%3Drkt%26refUrl%3D%26vid%3D15937729293045953729085363000V10%26ovsid%3D%7Buserid%7D HTTP 302
https://contextual.media.net/cksync.html?cs=8&vsid=3045953729085363000V10&type=rkt&refUrl=&vid=15937729293045953729085363000V10&ovsid=5107433824351591776

Request Chain 88

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA0NTk1MzcyOTA4NTM2MzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA0NTk1MzcyOTA4NTM2MzAwMFYxMA%3D%3D&google_sc=1&google_tc= HTTP 302
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEHIoB158nKmho60ep_l79BU&google_cver=1

Request Chain 89

https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=420ed5cb-8fa7-48ff-8270-d5962a47cb2e

Request Chain 91

https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3045953729085363000V10%26type%3Dzem%26refUrl%3D%26vid%3D15937729293045953729085363000V10%26ovsid%3D__ZUID__ HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=3045953729085363000V10&type=zem&refUrl=&vid=15937729293045953729085363000V10&ovsid=

Request Chain 92

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3045953729085363000V10 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3045953729085363000V10 HTTP 302
https://contextual.media.net/cksync.php?type=mf&ovsid=669c1fa0-10c4-4e91-b030-f89fba9f9bc3&cs=1

Request Chain 94

https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3045953729085363000V10%26type%3Damb%26refUrl%3D%26vid%3D15937729293045953729085363000V10%26ovsid%3D%23USER_ID%23 HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=3045953729085363000V10&type=amb&refUrl=&vid=15937729293045953729085363000V10&ovsid=9140146291723379872

Request Chain 95

https://static.mediafire.com/css/mfv4_121874.php?ver=ssl&date=2022-05-14 HTTP 302
https://www.mediafire.com/css/mfv4_121874.php?ver=ssl&date=2022-05-14

Request Chain 102

https://static.mediafire.com/js/master_121874.js HTTP 302
https://www.mediafire.com/js/master_121874.js

115 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
kontolnemek.situs-web34.my.id/ 342 KB
92 KB 517ms
377ms Document
text/html 2606:4700:3037::6815:1133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1133 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 317f47e91be4033bfb9147efc3753905463a83b9b1b0e4911e6284a8b5de87ee

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7413e5ce0f1190d6-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 27 Aug 2022 09:49:31 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4pwGV1yxNclkRRZ8CEprI4F4C0qj5yzHZf5pnmFpbFR4MfKCN12GsFmAQXevmUWCeCmFq%2FulxsvzaPBoLWE4zM0fyST%2FTJKBfFdcu4stnmhMsDAgARBSCTeRm7WwI%2FeevcXKZL5Ou24KR6UBwz3Z%2BAIfkQQSxXAAvTtpw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 120ms
37ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2852
date: Sat, 27 Aug 2022 09:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 27 Aug 2022 11:02:00 GMT

GET
H2 200 infinity.js.aspx Show response
cdn.otnolatrnup.com/Scripts/ 199 KB
68 KB 140ms
52ms Script
application/x-javascript 2606:4700::6813:d725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ad1944561b60e769989ed299e321b79bcd04797a560aee6faeded831020e804e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 27 Aug 2022 09:44:12 GMT
server: cloudflare
age: 53
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, no-transform, max-age=900
cf-ray: 7413e5d418f592b9-FRA
content-type: application/x-javascript; charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 170 KB
63 KB 209ms
123ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7768c68b2eb79a6a55010cbe9e4a742cf4bb272ea1d0d1d46f3c2ee4319f9cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64060
x-xss-protection: 0
expires: Sat, 27 Aug 2022 09:49:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 219 KB
69 KB 177ms
92ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eccdf593a4a1484b5209b6e44c7b22704922d0788d0b5e423dc14da0e66abbca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70859
x-xss-protection: 0
last-modified: Sat, 27 Aug 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Aug 2022 09:49:32 GMT

GET
H2 200 aax.js Show response
c.aaxads.com/ 417 KB
117 KB 214ms
111ms Script
text/javascript 23.205.241.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aax.js?pub=AAX3221EY&hst=103.136.43.42&ver=1.2

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-241-117.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e238c7d107dec6923eb003aa3a216e6235b2e36d1742939a126cec471c261840

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Sat, 27 Aug 2022 09:49:32 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
expires: Sat, 27 Aug 2022 10:19:32 GMT

GET
H2 200 amplitude-8.5.0-min.gz.js Show response
cdn.amplitude.com/libs/ 68 KB
22 KB 744ms
651ms Script
application/javascript 13.32.23.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-160.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4

Request headers

Referer: https://kontolnemek.situs-web34.my.id/
Origin: https://kontolnemek.situs-web34.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:34 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 22154
access-control-allow-origin: *
last-modified: Fri, 13 Aug 2021 22:37:42 GMT
server: AmazonS3
etag: "660c3b546f2a131de50b69b91f26c636"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: NY8_7uBz3xoXYJBVsMSBAGHOz8ixMBS3
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: wL5d58-FcF2Y3xSrInXYk3OhIrF1AB6bf_0gVJqnkhniwcAiPg1fUQ==

GET
H2 404 prebid5.17.0.js
kontolnemek.situs-web34.my.id/js/ 0
0 409ms
399ms Script
text/html 2606:4700:3037::6815:1133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kontolnemek.situs-web34.my.id/js/prebid5.17.0.js
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1133 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uB%2BSHAoFM0VYqH54bAkzZWbKgEBPBIp2v1eOCqwIZ6hBem3enelmqyRnuVvcYcyPMppa64PUZzkpV29B26%2BduXdLm67JsQLokZJS6i7JkemQiSZQ3Flmh%2B0ACP%2B2MRJ%2B%2FOq9seGefoIGa7hBKLvOA9lS2X60hlTRgvQXog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7413e5d5b9ca90d6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 266ms
163ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

0e89279483fb861861b57327cdda662db2b12537f759b1200006307c6f7f708d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28509
x-xss-protection: 0
server: sffe
etag: "1315 / 257 of 1000 / last-modified: 1661552013"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Aug 2022 09:49:32 GMT

GET
H2 200 aax.js Show response
c.aaxads.com/ 418 KB
117 KB 177ms
74ms Script
text/javascript 23.205.241.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aax.js?pub=AAX3221EY&hst=www.mediafire.com&ver=1.2

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-241-117.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

04647007beb3089e251c9d7f99a55fa171bc64717cbe248e15b07db9d9644fba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Sat, 27 Aug 2022 09:49:32 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
expires: Sat, 27 Aug 2022 10:19:32 GMT

GET
H2 200 AGSKWxXxhCjA0376PEJRKvPbYABIeaqFcJOARWkOOyVBNfrKKqu3hGNujPnDlFLsbJnzVyv6SNOTkimv2wm82c-AdjA= Show response
fundingchoicesmessages.google.com/f/ 18 KB
8 KB 159ms
67ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXxhCjA0376PEJRKvPbYABIeaqFcJOARWkOOyVBNfrKKqu3hGNujPnDlFLsbJnzVyv6SNOTkimv2wm82c-AdjA=

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89f969575ceaf8f310a8114f8fe9d11e018786ff25476b1dd35499016ca9ea2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yhhyP9sqa1tfCl80JOBTsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yhhyP9sqa1tfCl80JOBTsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 107 KB
42 KB 136ms
52ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-829541-1

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1df4395f0e57f781f758280c4bf3c0fc8a2d82c8060aa8052d05a0a917e73d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42055
x-xss-protection: 0
last-modified: Sat, 27 Aug 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Aug 2022 09:49:32 GMT

GET
H2 200 jquery.min.slim.js Show response
cdn.jsdelivr.net/gh/cdnjquery/jquery/3.6.3/ 204 KB
61 KB 131ms
52ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/cdnjquery/jquery/3.6.3/jquery.min.slim.js

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a586f6cdb044d082cc8221eb883cb72c02c671354c577d8c904fc7c41b555b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15626
x-jsd-version: master
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19177-FRA, cache-iad-kiad7000155-IAD
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"33006-X6/v8i4ZP5XiAOhYuJ0gjpCTmN4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QefWgsRsrvuiikbo4vhSFXLfNnQqYVtJfKDBj6l%2FcJWTgrTHUgFNROWmfuWcZp8WwPagXt9GXCD43Jgg5XsZb%2Bb5K3YvFfIcwIhm0XVVH0NcXOya3SIDzJPNR056n%2B1oW6LYKHe%2F3UfR79Nn3ZU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 7413e5d41ee79b39-FRA
access-control-expose-headers: *

GET
H2 200 pubads_impl_2022051001.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
124 KB 141ms
38ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

cb190163a0d4795999f1905b65b3d026f9308acdffce1cbeabbb96dc26c4816c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 20:13:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48961
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126527
x-xss-protection: 0
last-modified: Tue, 10 May 2022 08:34:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 26 Aug 2023 20:13:31 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 121ms
38ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 27 Aug 2022 10:26:35 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.fnXM8WkEhAk.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfpzhwQxcos8Yr93ABp3a69-Y9hhyg/ 222 KB
76 KB 168ms
84ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.fnXM8WkEhAk.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfpzhwQxcos8Yr93ABp3a69-Y9hhyg/m=el_main

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cd217a21553137aeacaa6e36a35ed416d65de9c36460ee691a3931e1fc17122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 10:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77513
x-xss-protection: 0
last-modified: Tue, 10 May 2022 23:16:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 10:12:09 GMT

GET
H2 200 AGSKWxV9eJxVcrpvmyYsEOfDifXg6BNvs57Wgm_-PU21XZnuabQCx-ztoKOssSTgTAOeBSpJ15PuO0leQyl-t6n0joU= Show response
fundingchoicesmessages.google.com/f/ 253 KB
41 KB 166ms
163ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV9eJxVcrpvmyYsEOfDifXg6BNvs57Wgm_-PU21XZnuabQCx-ztoKOssSTgTAOeBSpJ15PuO0leQyl-t6n0joU=?fccs=W1siQUtzUm9sX1lwTWxVRHFhenpvcG9laUxzc2Zpb2J5U1RFUWY2czR1MTJEWERWZE1FeVdFV1hEWkpiRGJBcjJ2ZXJjdnBPMTRSQVZBeGFyV2ZXcFpyOGROenhGeGtseVJnQVZMNTZLZnVzQ0REcnA0aXdoRzFRb05NTy1lNVFWWW1Rd2dkZUF2UjVTMlpkY3JTZXBUTUhENVgxbUJ4NGFmOHhRPT0iXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsWzE2NTI1NTYxNzUsODQ5MDAwMDAwXSwiMzhBNTVFMDUtOTI1Ri00ODNDLThEMEEtNjVBNzhCMENDMzYwIiwiMDA1NzlFQ0MtRDQwNC00MTkxLUE3MjEtMzI1MUQ0OEQ1M0UyIixudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3Lm1lZGlhZmlyZS5jb20vZmlsZS9iN3VuZWo4cDN0eXNtMjgvY3V0ZV9jYXRfcmVsYXhfb25fb3V0ZG9vcl9ncm91bmRfNjg5MjUzMy5tcDQvZmlsZSIsbnVsbCxbXV0

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e59712c8e0bc1ca04d377f39773e2d2837ce4910f0cf5507b65cee6fd90380cc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-FdGQnKWL8JdAWdC-pCTDpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-FdGQnKWL8JdAWdC-pCTDpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Tag.vrfy Show response
otnolatrnup.com/ 2 KB
1 KB 304ms
216ms Script
application/json 2606:4700::6813:d625
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otnolatrnup.com/Tag.vrfy?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=63764&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1365&bh=969&res=1920x1080&curl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fb7unej8p3tysm28%2FBok3p%20Jepang%20Di%20Ent0d%20Di%20Hotel.zip%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone&sig=BAYAYoAA7gFigADugAGBAcAAIL3atlrl_GZM3EoC5rbIUcm8rXCGklB4FYJwmJsgeS8AwQAgMnIwSvLlexsNFhbr3w8lr4fmqMp7Ld8WTMnt5l_Bqvg
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d625 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8bc1a1fbc164ff64e51f9c0deaa530b84e6e8190bb44025438cc81d0f44784e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 7413e5d42adb5b4a-FRA
date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-adscore-status: null
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
cache-control: private, no-transform
content-type: application/json; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Tag.vrfy Show response
otnolatrnup.com/ 2 KB
3 KB 302ms
214ms Script
application/json 2606:4700::6813:d625
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otnolatrnup.com/Tag.vrfy?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=51240&ver=async&referrerUrl=https%3A%2F%2F103-136-43-42.cprapid.com%3A2087%2F&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1365&bh=969&res=1920x1080&curl=http%3A%2F%2F103.136.43.42%2F~xmediafire%2F&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone&sig=BAYAYoAAggFigACCgAGBAcAAIDYo0zHGzxyppJWlrfQ16ppqjRmAmUAUBxwGwlBa2_E3wQAg-M1MC-tAfhavCrWMBv54ZHQaYRX2SD4D7aB16ay9WoY
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d625 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 08d600ad1da0cb592977e0957740842ebca1446c486cabe43907126e7547480b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 7413e5d42adc5b4a-FRA
date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-adscore-status: null
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
cache-control: private, no-transform
content-type: application/json; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 183096492 Show response
fundingchoicesmessages.google.com/i/ 18 KB
7 KB 79ms
76ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/183096492?ers=3

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e165319834a71165d8450b74c7a8f96e0f7a487389041655eadf44bd9a98f804

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VIgw_FBEUlH2LShb8_y8Tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VIgw_FBEUlH2LShb8_y8Tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
x-frame-options: SAMEORIGIN
date: Sat, 27 Aug 2022 09:49:32 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
792 B 145ms
47ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=www.mediafire.com

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 130ms
47ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.mediafire.com

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 AGSKWxW4mZbHfABgQYQjYivupH9MIZ-3VZJ_U6WjaERrQM9r1glQTSp-NP48XnpoHu4JLfXjoFDAspfze82v8Oj1iiViwUyP_PQDjC4cDP48gaBiiaFw-kWWRoEFKTGRWfwsl7-IsadkKcSkoYYLgqnt7HWh7WPGGRFoMKilbdUTadp8EqC6iLJzjZFNm3xA Show response
fundingchoicesmessages.google.com/f/ 253 KB
42 KB 145ms
143ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW4mZbHfABgQYQjYivupH9MIZ-3VZJ_U6WjaERrQM9r1glQTSp-NP48XnpoHu4JLfXjoFDAspfze82v8Oj1iiViwUyP_PQDjC4cDP48gaBiiaFw-kWWRoEFKTGRWfwsl7-IsadkKcSkoYYLgqnt7HWh7WPGGRFoMKilbdUTadp8EqC6iLJzjZFNm3xA?fccs=W1siQUtzUm9sX1lwTWxVRHFhenpvcG9laUxzc2Zpb2J5U1RFUWY2czR1MTJEWERWZE1FeVdFV1hEWkpiRGJBcjJ2ZXJjdnBPMTRSQVZBeGFyV2ZXcFpyOGROenhGeGtseVJnQVZMNTZLZnVzQ0REcnA0aXdoRzFRb05NTy1lNVFWWW1Rd2dkZUF2UjVTMlpkY3JTZXBUTUhENVgxbUJ4NGFmOHhRPT0iXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsWzE2NTI1NTYxNzcsMjI5MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL2I3dW5lajhwM3R5c20yOC9jdXRlX2NhdF9yZWxheF9vbl9vdXRkb29yX2dyb3VuZF82ODkyNTMzLm1wNC9maWxlIixudWxsLFtdXQ

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c18ef6ce512978da48eb40aefe6b63c169b3eb4c1eb4d90f9a1fd8a6e5da553a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-xwF4sn5qpBVUeHi-vkMIvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-xwF4sn5qpBVUeHi-vkMIvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Sat, 27 Aug 2022 09:49:32 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVePcSnZ7UfDRL9aWF7bBkt9k3nRZywi7kRsA4rHgN7Co_E9OVxs7U64MFwDSVoRWwlR9bI8JMKewn9uBfbIsZv48yGdb1einwlCwVGGLrjNDHFQcBQfauXb6rXrchcNWQv2APThUk4C7hgupudDhbE0CTvP1aloa_Y7ZX4sfQuq392o9e5XaRRQ9Jm Show response
fundingchoicesmessages.google.com/f/ 253 KB
42 KB 177ms
175ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVePcSnZ7UfDRL9aWF7bBkt9k3nRZywi7kRsA4rHgN7Co_E9OVxs7U64MFwDSVoRWwlR9bI8JMKewn9uBfbIsZv48yGdb1einwlCwVGGLrjNDHFQcBQfauXb6rXrchcNWQv2APThUk4C7hgupudDhbE0CTvP1aloa_Y7ZX4sfQuq392o9e5XaRRQ9Jm?fccs=W1siQUtzUm9sX1lwTWxVRHFhenpvcG9laUxzc2Zpb2J5U1RFUWY2czR1MTJEWERWZE1FeVdFV1hEWkpiRGJBcjJ2ZXJjdnBPMTRSQVZBeGFyV2ZXcFpyOGROenhGeGtseVJnQVZMNTZLZnVzQ0REcnA0aXdoRzFRb05NTy1lNVFWWW1Rd2dkZUF2UjVTMlpkY3JTZXBUTUhENVgxbUJ4NGFmOHhRPT0iXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsWzE2NTI1NTYxNzcsNDk2MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL2I3dW5lajhwM3R5c20yOC9jdXRlX2NhdF9yZWxheF9vbl9vdXRkb29yX2dyb3VuZF82ODkyNTMzLm1wNC9maWxlIixudWxsLFtdXQ

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea94ebdaf20952782be9b62d1c8a7d61aec304e3dc23ded951ec081de832818b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-G2GVGFq-QPRQ-xnJnn-DBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-G2GVGFq-QPRQ-xnJnn-DBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Sat, 27 Aug 2022 09:49:32 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVwy3NKtSpzh5HSOuq5kx6Xg4Lbvy0RZ-9IxXsEjL8EKVzR2az9gU8KfMRc2HL9WgUX3PfqdhVRiJ5-UgzKuNqNfyMIyNWZ0rUGFrnSEq2hvtZooVYth5WRsPav1oIIBAD55wEnupRRLW9V8mMDHdoaVpxS2rRIqX1Ada96bo2ZWONp6bM35qFVUGam Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 76ms
74ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVwy3NKtSpzh5HSOuq5kx6Xg4Lbvy0RZ-9IxXsEjL8EKVzR2az9gU8KfMRc2HL9WgUX3PfqdhVRiJ5-UgzKuNqNfyMIyNWZ0rUGFrnSEq2hvtZooVYth5WRsPav1oIIBAD55wEnupRRLW9V8mMDHdoaVpxS2rRIqX1Ada96bo2ZWONp6bM35qFVUGam?fccs=W1siQUtzUm9sX1lwTWxVRHFhenpvcG9laUxzc2Zpb2J5U1RFUWY2czR1MTJEWERWZE1FeVdFV1hEWkpiRGJBcjJ2ZXJjdnBPMTRSQVZBeGFyV2ZXcFpyOGROenhGeGtseVJnQVZMNTZLZnVzQ0REcnA0aXdoRzFRb05NTy1lNVFWWW1Rd2dkZUF2UjVTMlpkY3JTZXBUTUhENVgxbUJ4NGFmOHhRPT0iXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsWzE2NTI1NTYxNzgsNjQwMDAwMDBdLG51bGwsbnVsbCxudWxsLFtudWxsLFs3LDYsMTAsOV0sbnVsbCwyLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm1lZGlhZmlyZS5jb20vZmlsZS9iN3VuZWo4cDN0eXNtMjgvY3V0ZV9jYXRfcmVsYXhfb25fb3V0ZG9vcl9ncm91bmRfNjg5MjUzMy5tcDQvZmlsZSIsbnVsbCxbXV0

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

743f807f106f87ae5cc86304a733f6c4a66fb81c35fbb35ebbb448fff8ac6716

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-vyRAPrcS0vuK_CgaChSGQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-vyRAPrcS0vuK_CgaChSGQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
date: Sat, 27 Aug 2022 09:49:32 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022051101.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 123ms
121ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051101.js?cb=31067573

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

18671558a91f2408ed8f4fe539dc92741d4c3678e8f57ee3f1a53d09d69a9067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 20:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127621
x-xss-protection: 0
last-modified: Wed, 11 May 2022 08:34:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 23 Aug 2023 20:08:38 GMT

GET
H2 500 AGSKWxXtFsV1i49-O9pzkbwE7qk46fVb-vXuGZpU4BlbBsAif0fzj29bNOJVOoei8gJzXck-OjM_leyOTq3wBd1Sgz85PYk_WkL9V0Qly7j0LndAyEMBL-YknbgKd1yCukCbEZftLpJW9abFNOQtgZE3TXKJiwGZ-hK4RT0rvE_DC5lqQwNeX80tztJBVZVU
fundingchoicesmessages.google.com/f/ 0
0 92ms
90ms Script
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fundingchoicesmessages.google.com/f/AGSKWxXtFsV1i49-O9pzkbwE7qk46fVb-vXuGZpU4BlbBsAif0fzj29bNOJVOoei8gJzXck-OjM_leyOTq3wBd1Sgz85PYk_WkL9V0Qly7j0LndAyEMBL-YknbgKd1yCukCbEZftLpJW9abFNOQtgZE3TXKJiwGZ-hK4RT0rvE_DC5lqQwNeX80tztJBVZVU?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUyNTU2MjEwLDIxOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHA6Ly8xMDMuMTM2LjQzLjQyL354bWVkaWFmaXJlLyIsbnVsbCxbXV0
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 500 AGSKWxVzszxZckVyNOuI1QjbAc3Z_C5FLBMelW5rBP4j6RMtatm0KtAisUzxjDCn3RjWsjGs2NGaoHnCMmO3Dg-I4ZUQwO5wzk-ybYrWhPcGdT0EYGRFYPpFseDxgg4FL2W3rTBFSSH2yjCJ8ZXdBwG7vupcTcD9wC80McK9XbIigf8B9VmyRI6ygA-3UHp-
fundingchoicesmessages.google.com/f/ 0
0 75ms
73ms Script
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fundingchoicesmessages.google.com/f/AGSKWxVzszxZckVyNOuI1QjbAc3Z_C5FLBMelW5rBP4j6RMtatm0KtAisUzxjDCn3RjWsjGs2NGaoHnCMmO3Dg-I4ZUQwO5wzk-ybYrWhPcGdT0EYGRFYPpFseDxgg4FL2W3rTBFSSH2yjCJ8ZXdBwG7vupcTcD9wC80McK9XbIigf8B9VmyRI6ygA-3UHp-?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUyNTU2MjEwLDIyNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cDovLzEwMy4xMzYuNDMuNDIvfnhtZWRpYWZpcmUvIixudWxsLFtdXQ
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.fnXM8WkEhAk.O/am=Bg/d=1/exm=el_conf/ed=1/rs=AN8SPfqTwPw6pto53ylsvwQV-kvv4fa6Xw/ 222 KB
76 KB 122ms
40ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.fnXM8WkEhAk.O/am=Bg/d=1/exm=el_conf/ed=1/rs=AN8SPfqTwPw6pto53ylsvwQV-kvv4fa6Xw/m=el_main

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9309123f2f619d3ff749e60744bf2ca8c6dab1e8a5f04193bf95343481a9bc43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 14:52:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77529
x-xss-protection: 0
last-modified: Tue, 10 May 2022 23:16:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 14:52:01 GMT

GET
H2 500 AGSKWxWhqzBYk2BIjB37-W2g8LzVKsoBlzRw9_hbeF3Ll8M3QrIY3c8JQLJxDUbuuspYPoSXvwzik4oChzfFtf4aD3phkI_ITwzN35R7zfCMxvfdTrBC98NlZPmNC8bAceUBc2g5Nt4aVYmrzNeQpVkWATP71QJ8SM9q-6SNA8h_bf0NlIlvwaXAuMfczgZW
fundingchoicesmessages.google.com/f/ 0
0 100ms
98ms Script
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fundingchoicesmessages.google.com/f/AGSKWxWhqzBYk2BIjB37-W2g8LzVKsoBlzRw9_hbeF3Ll8M3QrIY3c8JQLJxDUbuuspYPoSXvwzik4oChzfFtf4aD3phkI_ITwzN35R7zfCMxvfdTrBC98NlZPmNC8bAceUBc2g5Nt4aVYmrzNeQpVkWATP71QJ8SM9q-6SNA8h_bf0NlIlvwaXAuMfczgZW?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUyNTU2MjExLDczMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cDovLzEwMy4xMzYuNDMuNDIvfnhtZWRpYWZpcmUvIixudWxsLFtdXQ
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 121ms
37ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 03:41:33 GMT
x-content-type-options: nosniff
age: 22079
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 27 Aug 2023 03:41:33 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 76 KB
26 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googHeadTranslate

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

891f2b3f75df81f3c95d5ecf242efa9a39fbe5009c061cb914f8bce73ece4ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aax.js Show response
c.aaxads.com/ 417 KB
117 KB 872ms
872ms Script
text/javascript 23.205.241.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aax.js?pub=AAX3221EY&hst=kontolnemek.situs-web34.my.id&ver=1.2

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-241-117.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

681e2088ef8a59e8743ff2ac4e518d8bff66ddfa7512d04e85c1aebb7da5cf3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Sat, 27 Aug 2022 09:49:33 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
expires: Sat, 27 Aug 2022 10:19:33 GMT

GET
H2 200 fb-login.png
kontolnemek.situs-web34.my.id/ 30 KB
31 KB 617ms
610ms Image
image/png 2606:4700:3037::6815:1133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kontolnemek.situs-web34.my.id/fb-login.png
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1133 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feda321bb681dc8593f1cc761778fe3b2ba6447399d3a152cf3c65917df6b147

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:33 GMT
cf-cache-status: MISS
last-modified: Thu, 19 May 2022 13:08:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8r2Pjb0mBMg00KX9ziaL7D6HIFeuj3aR1qWbB3GU66TD5nwVha0iokHw%2BmFtrkGINW4bBduKYPw6N5%2B5PCMOFJ2wxf3junIA%2F6D3bA0Gzfy31s9RSCPl1FoILK34vJidY2BGrd6G%2BbjXJMppHw17p3cfnkfbDSf40Onog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7413e5d5b9cb90d6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31218

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 14 KB
15 KB 148ms
45ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTPziTImggDacoac2FhB8i6xivwre1nMVCaBUpzrXDhqfZDAd_3ejFMLPZN&s=10

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15794fe40d6d8aca71e7aff46a28e70a0ac0235fa59aef65dc620cd9ef0bf90e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14338
x-xss-protection: 0
last-modified: Fri, 02 Oct 2020 02:28:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 27 Aug 2023 09:49:32 GMT

GET
H2 200 base64.min.js Show response
cdn.jsdelivr.net/npm/js-base64@3.7.1/ 5 KB
2 KB 44ms
44ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-base64@3.7.1/base64.min.js

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fae6b0eb07e3fbf137e7338ed11f8f3649723c71da033e02d86aabadbbc09fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13739226
x-jsd-version: 3.7.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19156-FRA, cache-hhn4057-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1403-Iw1GRY+LVjIB//oGCUa3Uouq6NQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3cNqXuT1WMloSY9ZmfU9oG3xFLQ78v0rQ5CHjYg4W7hB%2BBOwev%2FIWncLTSekc50mtAoc17ACJIWIxfdMgBWtH3Tg6T66BOQyseJ58KkaScJHgjFgZf2pZvK9JNkQazx7n2ZPdu%2F03cCR8Prses%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 7413e5d578ac9b39-FRA

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 146ms
66ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://kontolnemek.situs-web34.my.id/
Origin: https://kontolnemek.situs-web34.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7413e5d79f4a906c-FRA

GET
H2 200 pxusr.gif
c.aaxads.com/ 43 B
205 B 76ms
72ms Image
image/gif 23.205.241.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/pxusr.gif

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-241-117.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
last-modified: Mon, 26 Feb 2018 13:29:58 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: image/gif
cache-control: max-age=952462
accept-ranges: bytes
content-length: 43
expires: Wed, 07 Sep 2022 10:23:54 GMT

GET
H/1.1 200
OK pxext.gif
www.aaxdetect.com/ 43 B
342 B 148ms
38ms Image
image/gif 23.205.239.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aaxdetect.com/pxext.gif
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.239.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-239-15.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Unused62: 8096267
Date: Sat, 27 Aug 2022 09:49:32 GMT
Last-Modified: Mon, 26 Feb 2018 13:29:58 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=952500
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 07 Sep 2022 10:24:32 GMT

GET
H3 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
870 B 115ms
37ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:39:58 GMT
x-content-type-options: nosniff
age: 574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 27 Aug 2023 09:39:58 GMT

GET
H2 200 ionicons.js Show response
unpkg.com/iconio@1.0.2/ 107 KB
35 KB 131ms
54ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/iconio@1.0.2/ionicons.js

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5ac8b7b5fa12d207dfaea827c1bd5ea98f79467d75d21328ebcca7d6550c102

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5848282
fly-request-id: 01G611Y6MW5HKANDDQDH7HMWRK-fra
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1ad18-byggkM29z/KbKlB9d/PddYpCpSg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7413e5d5fcfa9bbc-FRA

GET
H2 200 Tag.engine Show response
otnolatrnup.com/ 2 KB
1 KB 383ms
377ms Script
application/json 2606:4700::6813:d625
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otnolatrnup.com/Tag.engine?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=62414&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fkontolnemek.situs-web34.my.id%2F&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone
Requested by: Host: cdn.otnolatrnup.com
URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d625 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8c4cb7b7aea5a0aa2a582fbd694920c3b4633bebe81c6b8e3276e3e1fbd048ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
cache-control: private, no-transform
cf-ray: 7413e5d5bc4e5b4a-FRA
content-type: application/json; charset=utf-8

GET
H2 200 mf_logo_full_color.svg
static.mediafire.com/images/backgrounds/header/ 3 KB
2 KB 150ms
61ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Oct 2016 22:22:42 GMT
server: cloudflare
age: 11782
etag: W/"5813cfb2-d1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 7413e5d64c4e9124-FRA

GET
H2 200 twitter.svg
static.mediafire.com/images/icons/svg_light/ 949 B
830 B 154ms
65ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_light/twitter.svg
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f15316721389b1b084e6fb85747089ea51ccf9d81fcfb1b33ace326898e2913f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 11066
etag: W/"62deda56-3b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 7413e5d64c519124-FRA

GET
H2 200 facebook.svg
static.mediafire.com/images/icons/svg_light/ 401 B
572 B 158ms
69ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_light/facebook.svg
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d98133ce0dc7033265505bffc7aebd92fad444a0cd0271832a877418ccc889c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 11314
etag: W/"62deda56-191"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 7413e5d64c539124-FRA

GET
H2 200 usa.svg
www.mediafire.com/images/flags_svg/ 1 KB
915 B 149ms
63ms Image
image/svg+xml 104.18.182.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mediafire.com/images/flags_svg/usa.svg
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.182.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bacb685be7cec7f41a0270e694fa90c0fb448b2c0ded5f1734baf51050d695c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 11666
etag: W/"62deda56-5c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 7413e5d64d63906c-FRA

GET
H2 200 arrow_dropdown.svg
www.mediafire.com/images/icons/svg_dark/ 315 B
518 B 159ms
72ms Image
image/svg+xml 104.18.182.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mediafire.com/images/icons/svg_dark/arrow_dropdown.svg
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.182.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82b94716473aa225e715e117802145c5d2d725aa1ba9d476d61a5d3da16a8c26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 10928
etag: W/"62deda56-13b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 7413e5d64d64906c-FRA

GET
H2 200 file-zip-v3.png
static.mediafire.com/images/filetype/ 2 KB
2 KB 156ms
87ms Image
image/png 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/filetype/file-zip-v3.png
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 11814
etag: "62deda56-750"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7413e5d68cc39124-FRA
content-length: 1872
expires: Mon, 26 Sep 2022 05:10:34 GMT

GET
H2 200 download.svg
static.mediafire.com/images/icons/svg_light/ 348 B
725 B 117ms
54ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_light/download.svg
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b719a37796ef8486a9e7948d9c206d65c28e1e076445e037163b28107d431705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 11734
etag: W/"62deda56-15c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 7413e5d64c5b9124-FRA

GET
H2 200 link.svg
static.mediafire.com/images/icons/svg_dark/ 375 B
530 B 121ms
58ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/link.svg
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c120725f5033ebaffbfd7c7d32de0bd1e452a7cf68b5afa14bb6a40964b4585

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 4955
etag: W/"62deda56-177"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 7413e5d64c589124-FRA

GET
H2 200 facebook.svg
static.mediafire.com/images/icons/svg_dark/ 389 B
559 B 138ms
76ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/facebook.svg
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23c6fab55cca5617226b806344cdb35d568c69e54556bc726ab08e7dc1dd219a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 4955
etag: W/"62deda56-185"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 7413e5d64c559124-FRA

GET
H2 200 share.svg
static.mediafire.com/images/icons/svg_dark/ 737 B
718 B 130ms
68ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/share.svg
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bac2ecaebdb39fa5ab5231f9f02e57efcdcfbc7a2e34f8891dcb7911f14464ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 11810
etag: W/"62deda56-2e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 7413e5d64c5d9124-FRA

GET
H2 200 add.svg
static.mediafire.com/images/icons/svg_dark/ 199 B
610 B 144ms
82ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/add.svg
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cd89fdfd6cd180e697226d00af75da1557bf2e6ea354a8f6f3e8491e852294f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 11810
etag: W/"62deda56-c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 7413e5d68cbd9124-FRA

GET
H2 200 world.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 143 KB
53 KB 144ms
95ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/world.svg
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4342feac38021c4fe3069eba0edf1c2e1b4345e2b548b0afb7ab21b7369b3bc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 11733
etag: W/"62deda56-23ce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 7413e5d68cc59124-FRA

GET
H2 200 continent-as.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 43 KB
16 KB 114ms
65ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/continent-as.svg
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 082cecf2da70da88efb1db41dd0096deb999b7b7d1cf8344ca2b37930739a377

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 11573
etag: W/"62deda56-aae3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 7413e5d64c579124-FRA

GET
H2 200 idn.svg
www.mediafire.com/images/flags_svg/ 238 B
456 B 112ms
66ms Image
image/svg+xml 104.18.182.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mediafire.com/images/flags_svg/idn.svg
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.182.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c8f449f1f7ef1dca0d94ee726667eec8c4b7e86e865fb927b12ff2774c9a2f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 8671
etag: W/"62deda56-ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 7413e5d64d66906c-FRA

GET
H2 200 flag.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 234 B
478 B 137ms
88ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/flag.svg
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f52a0c7d9fa7ae8e45916c491ae7193f9a1e289f128f05264122c53d8da970db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 11615
etag: W/"62deda56-ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 7413e5d68cc19124-FRA

GET
H3 200 ser.php Show response
kontolnemek.situs-web34.my.id/ Frame 15C5 31 KB
7 KB 436ms
408ms Document
text/html 2606:4700:3037::6815:1133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kontolnemek.situs-web34.my.id/ser.php
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1133 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e60bf6452b77c6fba549a91f2eaeaa828cec09701b05f5dad904700de1c4d24

Request headers

Referer: https://kontolnemek.situs-web34.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7413e5d62d769054-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 27 Aug 2022 09:49:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVv6ykUKjoIIMmxTOaunxU5gy6%2FV0cuFrGOc%2Bys8G%2Byk0Zh3uR1YBIprtT00jarYYdY1%2FY6heaTfAMfxuvyzHjqjSE2AWIlMHaBUtak8GAzbTTp5B2A8BRSRuUJD0%2FYZ9YtuCmva3j96gR%2BE6GdvczpecFcqAYtf%2BTuoqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 footerIcons.png
static.mediafire.com/images/backgrounds/footer/social/ 583 B
687 B 58ms
54ms Image
image/png 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/footer/social/footerIcons.png
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 11781
etag: "62deda56-247"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7413e5d72dd79124-FRA
content-length: 583
expires: Mon, 26 Sep 2022 05:10:33 GMT

GET
H2 200 container.html Show response
85d03a68e65d779d96bdb6794e318fd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A27 6 KB
4 KB 167ms
42ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://85d03a68e65d779d96bdb6794e318fd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kontolnemek.situs-web34.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 213513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 22:30:59 GMT
expires: Thu, 24 Aug 2023 22:30:59 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 116ms
39ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 08:47:21 GMT
x-content-type-options: nosniff
age: 3731
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 27 Aug 2023 08:47:21 GMT

GET
H2 200 mf_round.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 1 KB
1 KB 58ms
58ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/mf_round.svg
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1a67642fc97b508ce07cf6df329022bf5184a1c573044dc021e0d6e64688c64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 11108
etag: W/"62deda56-5b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 7413e5d68cc79124-FRA

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0EA4 783 B
1 KB 140ms
48ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5208720012a6ed4d114aec4bcc35fe2ae01019e596bbedd37841574ba9d43fa9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P6Mi4hgc4RAKqA_YNadwyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kontolnemek.situs-web34.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-P6Mi4hgc4RAKqA_YNadwyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 09:49:32 GMT
expires: Sat, 27 Aug 2022 09:49:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/ Frame 2FB5 10 KB
5 KB 126ms
35ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/zrt_lookup.html

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kontolnemek.situs-web34.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 86277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 09:51:35 GMT
etag: 8616628553774171045
expires: Fri, 09 Sep 2022 09:51:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame A14B 34 KB
12 KB 182ms
93ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C173%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

82bb6bc9e88cc89adfe4646928ad342118e57104dd8f55e08d45d9557ab897d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://kontolnemek.situs-web34.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 11719
content-type: text/html; charset=UTF-8
date: Sat, 27 Aug 2022 09:49:32 GMT
expires: Mon, 29 Aug 2022 09:49:32 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H3

200

pd Show response
jp-u.openx.net/w/1.0/ Frame 651C
Redirect Chain

https://jp-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0

1006 B
562 B

92ms
53ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 0c46ee1fa0f39761a92a6c9d3d4bf031b46fb517d313f818c4c729efe0c11b7d

Request headers

Referer: https://kontolnemek.situs-web34.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 543
content-type: text/html
date: Sat, 27 Aug 2022 09:49:32 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 27 Aug 2022 09:49:32 GMT
location: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9968 15 KB
6 KB 128ms
36ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://kontolnemek.situs-web34.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=81953
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sat, 27 Aug 2022 09:49:32 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sun, 28 Aug 2022 08:35:25 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 121ms
44ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=859223512&t=pageview&_s=1&dl=https%3A%2F%2Fkontolnemek.situs-web34.my.id%2F&ul=en-us&de=UTF-8&dt=Bok3p%20Jepang%20Di%20Ent0d%20Di%20Hotel&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAUABEAAAAC~&jid=1925447431&gjid=253674398&cid=356312235.1661593773&tid=UA-829541-1&_gid=1247189208.1661593773&_r=1&gtm=2ou8o0&cd1=unregistered&cd7=legacy&cd3=video&cd4=4&cd5=mp4&cd8=%2F20%2F50%2F100%2F&z=278234812

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kontolnemek.situs-web34.my.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kontolnemek.situs-web34.my.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.eiRYmjHst84.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpRQzjrIA78rZd6IQo3LGo6fxLomg/ 262 KB
262 KB 116ms
37ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.eiRYmjHst84.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpRQzjrIA78rZd6IQo3LGo6fxLomg/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.eiRYmjHst84.O/d=1/rs=AN8SPfpRQzjrIA78rZd6IQo3LGo6fxLomg/m=el_conf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf549c4e623edd159ae373e1cb4a31d5804dfa9d65cde5d5f647b2f457500f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 08:27:20 GMT
x-content-type-options: nosniff
age: 91332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 268004
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 21:14:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 08:27:20 GMT

GET
H2 200 hotjar-1232118.js Show response
static.hotjar.com/c/ 5 KB
3 KB 221ms
38ms Script
application/javascript 65.9.66.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1232118.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-91.fra56.r.cloudfront.net

Software

Resource Hash

7418b092ad412043f9f9333a73778547834b614d3af8e722c5d348057e489772

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
age: 22
x-cache: Hit from cloudfront
date: Sat, 27 Aug 2022 09:49:11 GMT
cross-origin-resource-policy: cross-origin
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
cache-control: max-age=60
etag: W/c63568585bf72e32537d855b060886ac
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: sOEGyDOv4Vcru2AtX3HrBtOXGCQXWck8jPizJgWL79FeA9FxxY1NKg==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
357 B 188ms
49ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K68XP6D85D&gtm=2oe8o0&_p=859223512&cid=356312235.1661593773&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661593772&sct=1&seg=0&dl=https%3A%2F%2Fkontolnemek.situs-web34.my.id%2F&dt=Bok3p%20Jepang%20Di%20Ent0d%20Di%20Hotel&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kontolnemek.situs-web34.my.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022082501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 113ms
38ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js?cb=31069174

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

aad48e612efa9d7364a3ad0e06aaa0d46320b7a57cc13697a8997ee9ef7c9101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2151
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132254
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 08:41:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Aug 2023 09:13:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 51 B
90 B 153ms
77ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=kontolnemek.situs-web34.my.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

07e73f0a383d55730155cda0ff27cbe98777391472aafb6c2635507a2c478c28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65
x-xss-protection: 0
expires: Sat, 27 Aug 2022 09:49:32 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
452 B 143ms
47ms XHR
text/plain 2a00:1450:400c:c0d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-829541-1&cid=356312235.1661593773&jid=1925447431&gjid=253674398&_gid=1247189208.1661593773&_u=aEBAAUAAEAAAAC~&z=1295839329

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kontolnemek.situs-web34.my.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 27 Aug 2022 09:49:32 GMT
content-type: text/plain
access-control-allow-origin: https://kontolnemek.situs-web34.my.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 log
l3.aaxads.com/ 35 B
194 B 45ms
37ms Image
image/gif 23.205.241.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&wHos=112&dgw=desktop&flg=AAX3221EY&fw=NURNBERG&ff=DE&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=kontolnemek.situs-web34.my.id&vhuyqdph=ssp-serving-68cbdb8869-km7gs&vyu=082608_432_082507_386_ssp&vf=BY&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001661593772786013588907523759&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=1&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_delay300&deg=2&fdeg=0&gdeg=2&ghqg=111&fhqg=19&hqg=98&gvwduw=19&fvwduw=18&vwduw=19&uhtxuo=https%3A%2F%2Fkontolnemek.situs-web34.my.id%2F&nzui=
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-241-117.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:32 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sat, 27 Aug 2022 09:49:32 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 651C
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=d4N3F8Om1OrSrz5

43 B
106 B

45ms
44ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=d4N3F8Om1OrSrz5
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 27 Aug 2022 09:49:33 GMT
Server: PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-05718d5e855b52f92@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=d4N3F8Om1OrSrz5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 651C
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=o...
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=openx
https://us-u.openx.net/w/1.0/sd?id=537072968&val=bc9b10c0-6e8a-4821-83cc-1f821753645e&gdpr=&gdpr_consent=

43 B
61 B

50ms
49ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=bc9b10c0-6e8a-4821-83cc-1f821753645e&gdpr=&gdpr_consent=
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: //us-u.openx.net/w/1.0/sd?id=537072968&val=bc9b10c0-6e8a-4821-83cc-1f821753645e&gdpr=&gdpr_consent=
Date: Sat, 27 Aug 2022 09:49:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 651C
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=3016732727924794083

43 B
106 B

47ms
46ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=3016732727924794083
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 27 Aug 2022 09:49:33 GMT
X-Proxy-Origin: 80.255.7.101; 80.255.7.101; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e211ac7a-eb9a-4ba2-ac38-1339638ceb8f
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=3016732727924794083
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ox
match.prod.bidr.io/cookie-sync/ Frame 651C 43 B
430 B 235ms
57ms Image
image/gif 52.30.152.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ox

Requested by

Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.152.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-152-75.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
Date: Sat, 27 Aug 2022 09:49:33 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 651C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=15a06309-e8ad-4700-b8ab-aa6d384be596

43 B
106 B

54ms
47ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=15a06309-e8ad-4700-b8ab-aa6d384be596
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 27 Aug 2022 09:49:33 GMT
Server: MT3 4505 5b23575 master cdg-pixel-x10 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=15a06309-e8ad-4700-b8ab-aa6d384be596
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 27 Aug 2022 09:49:32 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 651C
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=zDAtPp87fGPXM3g_yjAwMcI3ezbXZ3k_w2KIZ2v4

43 B
180 B

53ms
47ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=zDAtPp87fGPXM3g_yjAwMcI3ezbXZ3k_w2KIZ2v4
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:33 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=zDAtPp87fGPXM3g_yjAwMcI3ezbXZ3k_w2KIZ2v4
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 651C
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6735621703417407054

43 B
106 B

46ms
46ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6735621703417407054
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:33 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6735621703417407054
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 651C 70 B
264 B 185ms
57ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=c8ef837c-77d4-3dd8-4047-106792665e0d&gdpr=0
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 651C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTQ4MDUwYjYtYmVhMy02MzdjLTU1YTctNGFkZTU4ODQ5MDZk
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTQ4MDUwYjYtYmVhMy02MzdjLTU1YTctNGFkZTU4ODQ5MDZk&google_tc=

170 B
188 B

124ms
50ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTQ4MDUwYjYtYmVhMy02MzdjLTU1YTctNGFkZTU4ODQ5MDZk&google_tc=

Requested by

Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTQ4MDUwYjYtYmVhMy02MzdjLTU1YTctNGFkZTU4ODQ5MDZk&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 651C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED2FxqxyCDD0abfdYodD_oo&google_cver=1

43 B
61 B

48ms
48ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED2FxqxyCDD0abfdYodD_oo&google_cver=1
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED2FxqxyCDD0abfdYodD_oo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame A14B 60 B
300 B 130ms
40ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?r=2&c=321&gdpr=1&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C173%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a4175829629cc0ee4fa83b14602e308f8e82b2323d3d31e316f5ac197f5068f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:32 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 604651
strict-transport-security: max-age=31536000; preload;
expires: 60

GET
H2

200

cksync.html Show response
contextual.media.net/ Frame 1D84
Redirect Chain

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3045953729085363000V10%26type%3Drkt%26refUrl%3D%26vid%3D159377292930459537290853630...
https://contextual.media.net/cksync.html?cs=8&vsid=3045953729085363000V10&type=rkt&refUrl=&vid=15937729293045953729085363000V10&ovsid=5107433824351591776

219 B
651 B

100ms
99ms

Document
text/html

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/cksync.html?cs=8&vsid=3045953729085363000V10&type=rkt&refUrl=&vid=15937729293045953729085363000V10&ovsid=5107433824351591776

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://contextual.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 219
content-type: text/html;charset=UTF-8
date: Sat, 27 Aug 2022 09:49:33 GMT
expires: Sat, 27 Aug 2022 09:49:33 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

Redirect headers

Content-Length: 0
Date: Sat, 27 Aug 2022 09:49:33 GMT
Location: https://contextual.media.net/cksync.html?cs=8&vsid=3045953729085363000V10&type=rkt&refUrl=&vid=15937729293045953729085363000V10&ovsid=5107433824351591776
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.3.29.v20201019)

GET
H/1.1 200
OK log
c21lg-d.media.net/ Frame A14B 35 B
329 B 281ms
184ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=1&vsid=3045953729085363000V10&origin=1&flt=0&pvgid[]=data-p&pvgid[]=data-b&pvgid[]=data-t&pvgid[]=data-sov&pvgid[]=data-r1&pvgid[]=data-pb&pvgid[]=data-xu&pvgid[]=data-tx&pvgid[]=data-ct
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C173%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Aug 2022 09:49:33 GMT
Server: Jetty(9.4.35.v20201120)
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sat, 27 Aug 2022 09:49:33 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame A14B 0
498 B 496ms
119ms Image
text/plain 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3045953729085363000V10&type=son&refUrl=&vid=15937729293045953729085363000V10&ovsid=[UID]

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Aug 2022 09:49:33 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-64
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

cksync
cs.media.net/ Frame A14B
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA0NTk1MzcyOTA4NTM2MzAwMFYxMA%3D%3D&google_sc=1
https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA0NTk1MzcyOTA4NTM2MzAwMFYxMA%3D%3D&google_sc=1&google_tc=
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEHIoB158nKmho60ep_l79BU&google_cver=1

45 B
610 B

375ms
279ms

Image
image/gif

23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEHIoB158nKmho60ep_l79BU&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C173%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol: HTTP/1.1
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Aug 2022 09:49:33 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 45
X-MNET-HL2: E
Expires: Sat, 27 Aug 2022 09:49:33 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEHIoB158nKmho60ep_l79BU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame A14B
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=420ed5cb-8fa7-48ff-8270-d5962a47cb2e

45 B
616 B

66ms
66ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=420ed5cb-8fa7-48ff-8270-d5962a47cb2e

Requested by

Protocol

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Sat, 27 Aug 2022 09:49:33 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Sat, 27 Aug 2022 09:49:33 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:32 GMT
server: Kestrel
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=420ed5cb-8fa7-48ff-8270-d5962a47cb2e
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1916998
content-length: 0
expires: Sat, 27 Aug 2022 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame A14B 43 B
220 B 159ms
39ms Image
image/gif 52.58.8.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=medianet&gdpr=1&gdpr_consent=&gdpr_pd=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C173%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.8.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-8-248.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 09:49:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cksync.php
contextual.media.net/ Frame A14B
Redirect Chain

https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3045953729085363000V10%26type%3Dzem%26refUrl%3D%26vid%3D15937729293045953729085363...
https://contextual.media.net/cksync.php?cs=8&vsid=3045953729085363000V10&type=zem&refUrl=&vid=15937729293045953729085363000V10&ovsid=

44 B
291 B

72ms
72ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=3045953729085363000V10&type=zem&refUrl=&vid=15937729293045953729085363000V10&ovsid=

Requested by

Protocol

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Sat, 27 Aug 2022 09:49:33 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 44
x-mnet-hl2: E
expires: Sat, 27 Aug 2022 09:49:33 GMT

Redirect headers

Location: https://contextual.media.net/cksync.php?cs=8&vsid=3045953729085363000V10&type=zem&refUrl=&vid=15937729293045953729085363000V10&ovsid=
Pragma: no-cache
Date: Sat, 27 Aug 2022 09:49:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 176
Content-Type: text/html; charset=utf-8

GET
H2

200

cksync.php
contextual.media.net/ Frame A14B
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3045953729085363000V10
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3045953729085363000V10
https://contextual.media.net/cksync.php?type=mf&ovsid=669c1fa0-10c4-4e91-b030-f89fba9f9bc3&cs=1

45 B
465 B

68ms
68ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=mf&ovsid=669c1fa0-10c4-4e91-b030-f89fba9f9bc3&cs=1

Requested by

Protocol

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Sat, 27 Aug 2022 09:49:33 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Sat, 27 Aug 2022 09:49:33 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?type=mf&ovsid=669c1fa0-10c4-4e91-b030-f89fba9f9bc3&cs=1
Date: Sat, 27 Aug 2022 09:49:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A14B 70 B
265 B 185ms
56ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C173%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

cksync.php
contextual.media.net/ Frame A14B
Redirect Chain

https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3045953729085363000V10%26type%3Damb%26refUrl%3D%26vid%3D15937729293045953729085363000V10%26ov...
https://contextual.media.net/cksync.php?cs=8&vsid=3045953729085363000V10&type=amb&refUrl=&vid=15937729293045953729085363000V10&ovsid=9140146291723379872

45 B
454 B

69ms
68ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=3045953729085363000V10&type=amb&refUrl=&vid=15937729293045953729085363000V10&ovsid=9140146291723379872

Requested by

Protocol

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Sat, 27 Aug 2022 09:49:33 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Sat, 27 Aug 2022 09:49:33 GMT

Redirect headers

location: https://contextual.media.net/cksync.php?cs=8&vsid=3045953729085363000V10&type=amb&refUrl=&vid=15937729293045953729085363000V10&ovsid=9140146291723379872
pragma: no-cache
date: Sat, 27 Aug 2022 09:49:32 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

404

mfv4_121874.php
www.mediafire.com/css/ Frame 15C5
Redirect Chain

https://static.mediafire.com/css/mfv4_121874.php?ver=ssl&date=2022-05-14
https://www.mediafire.com/css/mfv4_121874.php?ver=ssl&date=2022-05-14

0
0

276ms
276ms

Stylesheet
text/html

104.18.182.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mediafire.com/css/mfv4_121874.php?ver=ssl&date=2022-05-14
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/ser.php
Protocol: H2
Server: 104.18.182.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Redirect headers

date: Sat, 27 Aug 2022 09:49:33 GMT
cf-cache-status: HIT
server: cloudflare
location: https://www.mediafire.com/css/mfv4_121874.php?ver=ssl&date=2022-05-14
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=0
cf-ray: 7413e5d8f8e89124-FRA

GET
H2 200 css
fonts.googleapis.com/ Frame 15C5 10 KB
1 KB 148ms
46ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:800,700,400,300

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/ser.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0cfc348c06306b78fdba6c3630b04e40419f4a635685a86ce3dbc621ec155bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Aug 2022 09:41:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Aug 2022 09:49:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Aug 2022 09:49:33 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 15C5 219 KB
69 KB 125ms
50ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/ser.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eccdf593a4a1484b5209b6e44c7b22704922d0788d0b5e423dc14da0e66abbca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70859
x-xss-protection: 0
last-modified: Sat, 27 Aug 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Aug 2022 09:49:33 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 15C5 298 KB
85 KB 79ms
39ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7296eee65955ad3c3ee9f7d2f48cbc4c

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/ser.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b2c6cd7cc8e3c328d5bebf26f33c5c145ed5b2050ac21375b9258ebcb3ffc6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://kontolnemek.situs-web34.my.id/
Origin: https://kontolnemek.situs-web34.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: TwQwAFdxEQ6NjvWG+HjHtw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86511
x-fb-rlafr: 0
x-fb-debug: IhsuPYI8l9JTcOkLxjoEihnV7K5Hah10CCvJy9c1B9uYh85V7hMw8Hp7tGMCXoxgvAU7gRHtC3kv/D33JgJudg==
x-fb-content-md5: df7716c99dbf670b846de001fe9cd41a
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Aug 2022 09:49:33 GMT
vary: Accept-Encoding
x-content-cdn-origin-ts: 1661275410052
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "09460ff744f9e6e5d996e626f702d79b"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 23 Aug 2023 17:23:30 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 15C5 170 KB
63 KB 54ms
48ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/ser.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7768c68b2eb79a6a55010cbe9e4a742cf4bb272ea1d0d1d46f3c2ee4319f9cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 09:49:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64060
x-xss-protection: 0
expires: Sat, 27 Aug 2022 09:49:33 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 15C5 3 KB
2 KB 134ms
39ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/ser.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

540252ed79b2a285b71b7706d4f26200c42dfdcd55ce1e55fee207715ca9db1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: gn2cNypQ8qtcQNbQ1nGhSw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: YuRJd3EK91EKukYmxoYQXD+FIkb5Wh3X+GkwKJ3Z/pX8aK/3sz9vNyjUemNyJF/d2iZ+RB9SrzRW+faqVKAN6g==
x-fb-trip-id: 686109401
x-fb-content-md5: a321e3f3d807f0a7bf4f7191d81ba035
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Aug 2022 09:49:33 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "b0762c660a60b280e8c7cb27411deb3a"
timing-allow-origin: *
expires: Sat, 27 Aug 2022 09:55:04 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ Frame 15C5 93 KB
34 KB 130ms
37ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/ser.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 15:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 15:40:28 GMT

GET
H2

404

master_121874.js
www.mediafire.com/js/ Frame 15C5
Redirect Chain

https://static.mediafire.com/js/master_121874.js
https://www.mediafire.com/js/master_121874.js

0
0

212ms
212ms

Script
text/html

104.18.182.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mediafire.com/js/master_121874.js
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/ser.php
Protocol: H2
Server: 104.18.182.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Redirect headers

date: Sat, 27 Aug 2022 09:49:33 GMT
cf-cache-status: HIT
server: cloudflare
location: https://www.mediafire.com/js/master_121874.js
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=0
cf-ray: 7413e5d8f8ea9124-FRA

GET
DATA 200
OK truncated Show response
/ Frame 8EA3 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 modules.5cffd253af12af6303c3.js Show response
script.hotjar.com/ 252 KB
65 KB 127ms
41ms Script
application/javascript 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5cffd253af12af6303c3.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1232118.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-91.fra6.r.cloudfront.net

Software

Resource Hash

37aae008e58ea24d2870957c62800093d8873d8503831378d7e2dcd973cfa457

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 15:26:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 152606
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 65635
access-control-allow-origin: *
last-modified: Thu, 25 Aug 2022 15:25:42 GMT
etag: "d238d4598decd6e7569c2a502a453757"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: nj4oRJlsxL9i-7-ZEJ-6-SdE8ouzr6wXVYVRj1xp24XomRmpIlIOrg==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 139ms
61ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-829541-1&cid=356312235.1661593773&jid=1925447431&_u=aEBAAUAAEAAAAC~&z=676686037

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 146ms
62ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-829541-1&cid=356312235.1661593773&jid=1925447431&_u=aEBAAUAAEAAAAC~&z=676686037

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 09:49:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-1ada912494ba7fc7aca15fcef1c2a7ae.html Show response
vars.hotjar.com/ Frame D049 2 KB
1 KB 138ms
37ms Document
text/html 143.204.215.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1232118.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-95.fra53.r.cloudfront.net

Software

Resource Hash

90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://kontolnemek.situs-web34.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3892587
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 08:33:06 GMT
etag: "0b3d3f4206ab84d8861a8cc4b2ddbe66"
last-modified: Wed, 13 Jul 2022 08:32:20 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-id: 6PNEF77YTezjepxEzchiScnC3pp-fEEdAXbFI3UvL57TCLGTMQT9NQ==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 404 contacts_121874.js
www.mediafire.com/js/ Frame 15C5 0
0 187ms
184ms Script
text/html 104.18.182.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mediafire.com/js/contacts_121874.js
Requested by: Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/ser.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.182.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kontolnemek.situs-web34.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

POST
H2 200 / Show response
api.amplitude.com/ 7 B
206 B 631ms
213ms XHR
text/html 44.237.43.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.43.91 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-43-91.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://kontolnemek.situs-web34.my.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 27 Aug 2022 09:49:33 GMT
trace-id: Root=1-6309e8ad-107c52dd79398806421f4ceb
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 15C5 298 KB
85 KB 71ms
38ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=d1ee06ec1d4913417eba97080b16f159

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

508db2a73fe5b7499a1200f6ef7cbc4cb58b29c6c12a80dc6cc20d8666622b85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://kontolnemek.situs-web34.my.id/
Origin: https://kontolnemek.situs-web34.my.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: m93WUPlZfBrEbsb1TDqnpw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86514
x-fb-rlafr: 0
x-fb-debug: NeONPdCm1OCqGjIzxBZ0BYBcWX4Y91O8wm78Cb2sYBigZ/1hUxYCtN+rb7ldEqJINgehUYRjZD0UTxiunXyQkg==
x-fb-content-md5: d8da9ad078f54441555e5ca6907d6ded
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Aug 2022 09:49:33 GMT
vary: Accept-Encoding
x-content-cdn-origin-ts: 1661588561902
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f411ffe98c075e968661e747c62eedc1"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 27 Aug 2023 08:22:41 GMT

GET
H2 200 blank.html Show response
www.mediafire.com/ Frame 94E8 256 B
267 B 219ms
219ms Document
text/html 104.18.182.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mediafire.com/blank.html

Requested by

Host: kontolnemek.situs-web34.my.id
URL: https://kontolnemek.situs-web34.my.id/ser.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.182.224 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b0847dff3d69ebdcdc6e0c5b987856b7b9642fff95c190dfdd415c35b6c7490

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *

Request headers

Referer: https://kontolnemek.situs-web34.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7413e5dbfda4906c-FRA
content-encoding: gzip
content-security-policy: frame-ancestors *
content-type: text/html; charset=UTF-8
date: Sat, 27 Aug 2022 09:49:33 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 15 Aug 2022 22:00:03 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 aacxs.php Show response
c.aaxads.com/ Frame CDA6 22 KB
9 KB 196ms
196ms Document
text/html 23.205.241.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aacxs.php?flg=AAX3221EY&fv=1&fy=37&ke=1&suylg=292%2C167%2C201%2C213%2C356%2C214%2C108%2C251%2C175%2C325%2C272%2C55%2C141%2C265%2C89%2C250%2C97%2C203%2C206%2C229%2C274%2C231%2C209%2C291%2C271%2C51%2C241%2C267%2C3004%2C211%2C310%2C282%2C264&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0

Requested by

Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX3221EY&hst=103.136.43.42&ver=1.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-241-117.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f6a4889706bf600642b56bb642b3abb96708a8aff1cc2f80bd6848e13458d6d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://kontolnemek.situs-web34.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8778
content-type: text/html; charset=UTF-8
date: Sat, 27 Aug 2022 09:49:33 GMT
expires: Mon, 29 Aug 2022 09:49:33 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

POST
H3 200 rum Show response
kontolnemek.situs-web34.my.id/cdn-cgi/ 0
72 B 46ms
38ms XHR
text/plain 2606:4700:3037::6815:1133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kontolnemek.situs-web34.my.id/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:1133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://kontolnemek.situs-web34.my.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
content-type: application/json

Response headers

date: Sat, 27 Aug 2022 09:49:33 GMT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7413e5ddd8d69054-FRA
x-frame-options: DENY

GET
H/1.1 200
OK log
c21lg-d.media.net/ Frame CDA6 35 B
329 B 331ms
331ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?___stu13p=5idgihgb3r73nr56xnl0ch00yxnzunr&gho=1&yvlg=3045953739085386000V10&ruljlq=1&iow=0&syjlg[]=028AAX&syjlg[]=041AAX&syjlg[]=054AAX&syjlg[]=076AAX&syjlg[]=080AAX&syjlg[]=097AAX&syjlg[]=109AAX
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAX3221EY&fv=1&fy=37&ke=1&suylg=292%2C167%2C201%2C213%2C356%2C214%2C108%2C251%2C175%2C325%2C272%2C55%2C141%2C265%2C89%2C250%2C97%2C203%2C206%2C229%2C274%2C231%2C209%2C291%2C271%2C51%2C241%2C267%2C3004%2C211%2C310%2C282%2C264&yvVbqf=1&uhiXuo=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.aaxads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Aug 2022 09:49:34 GMT
Server: Jetty(9.4.35.v20201120)
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sat, 27 Aug 2022 09:49:34 GMT

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kontolnemek.situs-web34.my.id/	1969-12-31 23:59:59	Name: g36FastPopSessionRequestNumber Value: 1
otnolatrnup.com/	1969-12-31 23:59:59	Name: IKSR Value: {}
otnolatrnup.com/	1969-12-31 23:59:59	Name: INF_DFL8 Value: false
otnolatrnup.com/	1969-12-31 23:59:59	Name: ISSH Value: 6589C9
otnolatrnup.com/	1969-12-31 23:59:59	Name: VMI Value:
otnolatrnup.com/	1970-01-20 15:09:13	Name: CHN Value: #[]
otnolatrnup.com/	1970-01-20 15:09:13	Name: MSSH Value: #{}
otnolatrnup.com/	1970-01-20 15:09:13	Name: MSRH Value: #{}
otnolatrnup.com/	1970-01-20 15:09:13	Name: ILP Value: null
otnolatrnup.com/	1970-01-20 15:09:13	Name: ILPLU Value: #1/1/0001 12:00:00 AM
otnolatrnup.com/	1970-01-20 15:09:13	Name: ILEALC Value: #1/1/0001 12:00:00 AM
otnolatrnup.com/	1970-01-20 05:33:28	Name: ILMPF Value: #False
otnolatrnup.com/	1970-01-20 15:09:13	Name: IPMPLU Value: #
otnolatrnup.com/	1970-01-20 15:09:13	Name: IPMUID Value: #
otnolatrnup.com/	1970-01-20 15:09:13	Name: BSWUID Value: #
otnolatrnup.com/	1970-01-20 15:09:13	Name: IBL Value: #[]
otnolatrnup.com/	1970-01-20 15:09:13	Name: IUID Value: f0f3ec5e-8feb-48cb-bb24-7b1877e17094
.mediafire.com/	1970-01-20 05:33:15	Name: __cf_bm Value: OqdCeSagsFVe7_oFZ2pR2hydww1zR33uSESC5SgFtuM-1661593772-0-AXvD+Cp2D4kZTLwtGfkjIP9cI0pD+RfPdTgK9FY/+Mbwir6JwvJw1hH2Nfj98ZNy/HVGK3PWzP/p0qimso6reF0=
.situs-web34.my.id/	1970-01-20 05:34:40	Name: _gid Value: GA1.3.1247189208.1661593773
.situs-web34.my.id/	1970-01-20 05:33:13	Name: _gat_gtag_UA_829541_1 Value: 1
.openx.net/	1970-01-20 14:18:49	Name: i Value: 1b43bc25-de53-022f-1a91-d88ff6416df0\|1661593772
.media.net/	1970-01-20 14:18:49	Name: visitor-id Value: 3045953729085363000V10
.situs-web34.my.id/	1970-01-20 15:09:13	Name: _ga Value: GA1.1.356312235.1661593773
kontolnemek.situs-web34.my.id/	1969-12-31 23:59:59	Name: aasd Value: 1%7C1661593772787
.openx.net/	1970-01-20 05:54:49	Name: pd Value: v2\|1661593772\|mOgeginskin0vNomiygu
otnolatrnup.com/	1970-01-20 15:09:13	Name: ISH Value: #{"101":[{"SId":"6589C9","D":"22/8/27T2:49:32"},{"SId":"6589C9","D":"22/8/27T2:49:32"}]}
otnolatrnup.com/	1970-01-20 15:09:13	Name: ISH_Q Value: #[101,101]
kontolnemek.situs-web34.my.id/	1969-12-31 23:59:59	Name: __aaxsc Value: 2
.adnxs.com/	1970-01-20 07:42:49	Name: uuid2 Value: 3016732727924794083
.quantserve.com/	1970-01-20 07:42:49	Name: d Value: ENYBDAH6JoqsMA
.quantserve.com/	1970-01-20 15:03:28	Name: mc Value: 6309e8ad-0e803-684f1-dd89a
.w55c.net/	1970-01-20 15:03:28	Name: wfivefivec Value: d4N3F8Om1OrSrz5
.bidswitch.net/	1970-01-20 14:18:49	Name: tuuid Value: bc9b10c0-6e8a-4821-83cc-1f821753645e
.bidswitch.net/	1970-01-20 14:18:49	Name: c Value: 1661593773
.bidswitch.net/	1970-01-20 14:18:49	Name: tuuid_lu Value: 1661593773
.criteo.com/	1970-01-20 14:54:49	Name: uid Value: 420ed5cb-8fa7-48ff-8270-d5962a47cb2e
.adform.net/	1970-01-20 06:17:52	Name: C Value: 1
.mathtag.com/	1970-01-20 14:59:08	Name: uuid Value: 15a06309-e8ad-4700-b8ab-aa6d384be596
.turn.com/	1970-01-20 09:52:25	Name: uid Value: 9140146291723379872
.w55c.net/	1970-01-20 06:16:25	Name: matchopenx Value: 5
.adform.net/	1970-01-20 06:59:37	Name: uid Value: 6735621703417407054
.media.net/	1970-01-20 06:16:25	Name: data-c Value: 420ed5cb-8fa7-48ff-8270-d5962a47cb2e~~1
.media.net/	1970-01-20 06:16:25	Name: data-c-ts Value: 1661593773
.rfihub.com/	1970-01-20 14:54:49	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjE2NTS1NDQ3NxPiM9TNdsp0SXYu8AnKCDYDAA27-IklAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjE2NTS1NDQ3NxPiM9TNdsp0SXYu8AnKCDYDAA27-IklAAAA
.mfadsrvr.com/	1970-01-20 15:09:13	Name: tuuid Value: 669c1fa0-10c4-4e91-b030-f89fba9f9bc3
.mfadsrvr.com/	1970-01-20 15:09:13	Name: c Value: 1661593773
.mfadsrvr.com/	1970-01-20 15:09:13	Name: tuuid_lu Value: 1661593773
.media.net/	1970-01-20 14:18:49	Name: data-amb Value: 9140146291723379872~~8
.doubleclick.net/	1970-01-20 14:54:49	Name: IDE Value: AHWqTUktCTrz2-_SxxraG8pip_rHTErz6uall_TP_pkCa6H1lqZq3vWZRCWwVytd6ek
.mfadsrvr.com/	1970-01-20 15:09:13	Name: ssh Value: !medianet,1661593773
.situs-web34.my.id/	1970-01-20 14:18:49	Name: _hjSessionUser_1232118 Value: eyJpZCI6ImM4YzIxNWIwLTg5MmMtNTFkNy05MTZlLTBkNmJhZTFkOGZkZiIsImNyZWF0ZWQiOjE2NjE1OTM3NzMyMDQsImV4aXN0aW5nIjpmYWxzZX0=
.situs-web34.my.id/	1970-01-20 05:33:15	Name: _hjFirstSeen Value: 1
kontolnemek.situs-web34.my.id/	1970-01-20 05:33:13	Name: _hjIncludedInSessionSample Value: 1
.situs-web34.my.id/	1970-01-20 05:33:15	Name: _hjSession_1232118 Value: eyJpZCI6IjAyZmFiN2NlLTU3NmYtNGYxNC1hMDU5LTE4NzQwNDI3Yjg3YyIsImNyZWF0ZWQiOjE2NjE1OTM3NzMyMjAsImluU2FtcGxlIjp0cnVlfQ==
.situs-web34.my.id/	1970-01-20 05:33:15	Name: _hjAbsoluteSessionInProgress Value: 0
.media.net/	1970-01-20 14:17:23	Name: data-rk Value: 5107433824351591776~~8
.media.net/	1970-01-20 14:18:49	Name: data-mf Value: 669c1fa0-10c4-4e91-b030-f89fba9f9bc3~~1
.situs-web34.my.id/	1970-01-20 14:18:49	Name: amp_28916b Value: 2FA2daDASMoCvSXLX1dbCg...1gbfb9p7f.1gbfb9p7g.0.1.1
.rqtrk.eu/	1970-01-20 05:43:18	Name: browser_id Value: 1:91f29655-8933-4e56-8006-df33cefc5efd
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s8654\|Ywnoo
.situs-web34.my.id/	1970-01-20 15:09:13	Name: _ga_K68XP6D85D Value: GS1.1.1661593772.1.1.1661593773.0.0.0
.media.net/	1970-01-20 05:53:23	Name: data-g Value: CAESEHIoB158nKmho60ep_l79BU~~8
.aaxads.com/	1970-01-20 14:18:49	Name: aax-vsid Value: 3045953739085386000V10

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fundingchoicesmessages.google.com/f/AGSKWxVzszxZckVyNOuI1QjbAc3Z_C5FLBMelW5rBP4j6RMtatm0KtAisUzxjDCn3RjWsjGs2NGaoHnCMmO3Dg-I4ZUQwO5wzk-ybYrWhPcGdT0EYGRFYPpFseDxgg4FL2W3rTBFSSH2yjCJ8ZXdBwG7vupcTcD9wC80McK9XbIigf8B9VmyRI6ygA-3UHp-?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUyNTU2MjEwLDIyNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cDovLzEwMy4xMzYuNDMuNDIvfnhtZWRpYWZpcmUvIixudWxsLFtdXQ Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://fundingchoicesmessages.google.com/f/AGSKWxXtFsV1i49-O9pzkbwE7qk46fVb-vXuGZpU4BlbBsAif0fzj29bNOJVOoei8gJzXck-OjM_leyOTq3wBd1Sgz85PYk_WkL9V0Qly7j0LndAyEMBL-YknbgKd1yCukCbEZftLpJW9abFNOQtgZE3TXKJiwGZ-hK4RT0rvE_DC5lqQwNeX80tztJBVZVU?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUyNTU2MjEwLDIxOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHA6Ly8xMDMuMTM2LjQzLjQyL354bWVkaWFmaXJlLyIsbnVsbCxbXV0 Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://fundingchoicesmessages.google.com/f/AGSKWxWhqzBYk2BIjB37-W2g8LzVKsoBlzRw9_hbeF3Ll8M3QrIY3c8JQLJxDUbuuspYPoSXvwzik4oChzfFtf4aD3phkI_ITwzN35R7zfCMxvfdTrBC98NlZPmNC8bAceUBc2g5Nt4aVYmrzNeQpVkWATP71QJ8SM9q-6SNA8h_bf0NlIlvwaXAuMfczgZW?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUyNTU2MjExLDczMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cDovLzEwMy4xMzYuNDMuNDIvfnhtZWRpYWZpcmUvIixudWxsLFtdXQ Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://kontolnemek.situs-web34.my.id/js/prebid5.17.0.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.mediafire.com/js/contacts_121874.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.mediafire.com/js/master_121874.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.mediafire.com/css/mfv4_121874.php?ver=ssl&date=2022-05-14 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

85d03a68e65d779d96bdb6794e318fd8.safeframe.googlesyndication.com
ad.turn.com
ads.pubmatic.com
adservice.google.com
adservice.google.com.au
ajax.googleapis.com
api.amplitude.com
b1sync.zemanta.com
c.aaxads.com
c1.adform.net
c21lg-d.media.net
cdn.amplitude.com
cdn.jsdelivr.net
cdn.otnolatrnup.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
cs.media.net
dis.criteo.com
encrypted-tbn0.gstatic.com
eu-u.openx.net
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
jp-u.openx.net
kontolnemek.situs-web34.my.id
l3.aaxads.com
match.adsrvr.org
match.prod.bidr.io
otnolatrnup.com
p.rfihub.com
pixel.quantserve.com
pm.w55c.net
region1.google-analytics.com
rtb.mfadsrvr.com
script.hotjar.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.hotjar.com
static.mediafire.com
stats.g.doubleclick.net
sync.go.sonobi.com
sync.mathtag.com
translate.google.com
translate.googleapis.com
unpkg.com
us-u.openx.net
vars.hotjar.com
ws.rqtrk.eu
www.aaxdetect.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.mediafire.com
x.bidswitch.net
104.18.182.224
104.18.183.224
13.32.23.160
142.250.184.194
143.204.215.95
172.217.18.2
178.250.2.151
18.195.73.243
185.29.134.244
193.0.160.128
2.18.235.93
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
23.205.239.15
23.205.241.117
23.35.228.23
23.35.236.201
2606:4700:3037::6815:1133
2606:4700:440e::6812:2fe6
2606:4700::6810:5914
2606:4700::6810:7aaf
2606:4700::6813:d625
2606:4700::6813:d725
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::2008
2a00:1450:4001:801::2003
2a00:1450:4001:801::2004
2a00:1450:4001:801::200e
2a00:1450:4001:806::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::200a
2a00:1450:4001:828::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c0d::9c
2a02:2638:1::13
2a03:2880:f01c:8012:face:b00c:0:3
3.121.84.223
35.244.159.8
37.157.2.236
37.252.173.215
44.237.43.91
52.223.40.198
52.30.152.75
52.58.8.248
54.36.172.109
65.9.66.91
69.166.1.10
70.42.32.31
99.86.4.91
04647007beb3089e251c9d7f99a55fa171bc64717cbe248e15b07db9d9644fba
07e73f0a383d55730155cda0ff27cbe98777391472aafb6c2635507a2c478c28
082cecf2da70da88efb1db41dd0096deb999b7b7d1cf8344ca2b37930739a377
08d600ad1da0cb592977e0957740842ebca1446c486cabe43907126e7547480b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c46ee1fa0f39761a92a6c9d3d4bf031b46fb517d313f818c4c729efe0c11b7d
0cfc348c06306b78fdba6c3630b04e40419f4a635685a86ce3dbc621ec155bde
0e89279483fb861861b57327cdda662db2b12537f759b1200006307c6f7f708d
15794fe40d6d8aca71e7aff46a28e70a0ac0235fa59aef65dc620cd9ef0bf90e
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
18671558a91f2408ed8f4fe539dc92741d4c3678e8f57ee3f1a53d09d69a9067
1cd217a21553137aeacaa6e36a35ed416d65de9c36460ee691a3931e1fc17122
1df4395f0e57f781f758280c4bf3c0fc8a2d82c8060aa8052d05a0a917e73d8d
23c6fab55cca5617226b806344cdb35d568c69e54556bc726ab08e7dc1dd219a
2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4
317f47e91be4033bfb9147efc3753905463a83b9b1b0e4911e6284a8b5de87ee
37aae008e58ea24d2870957c62800093d8873d8503831378d7e2dcd973cfa457
4342feac38021c4fe3069eba0edf1c2e1b4345e2b548b0afb7ab21b7369b3bc8
4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4a586f6cdb044d082cc8221eb883cb72c02c671354c577d8c904fc7c41b555b4
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fae6b0eb07e3fbf137e7338ed11f8f3649723c71da033e02d86aabadbbc09fb
508db2a73fe5b7499a1200f6ef7cbc4cb58b29c6c12a80dc6cc20d8666622b85
5208720012a6ed4d114aec4bcc35fe2ae01019e596bbedd37841574ba9d43fa9
540252ed79b2a285b71b7706d4f26200c42dfdcd55ce1e55fee207715ca9db1a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5cd89fdfd6cd180e697226d00af75da1557bf2e6ea354a8f6f3e8491e852294f
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
681e2088ef8a59e8743ff2ac4e518d8bff66ddfa7512d04e85c1aebb7da5cf3f
6b0847dff3d69ebdcdc6e0c5b987856b7b9642fff95c190dfdd415c35b6c7490
7418b092ad412043f9f9333a73778547834b614d3af8e722c5d348057e489772
743f807f106f87ae5cc86304a733f6c4a66fb81c35fbb35ebbb448fff8ac6716
7768c68b2eb79a6a55010cbe9e4a742cf4bb272ea1d0d1d46f3c2ee4319f9cd6
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7e60bf6452b77c6fba549a91f2eaeaa828cec09701b05f5dad904700de1c4d24
82b94716473aa225e715e117802145c5d2d725aa1ba9d476d61a5d3da16a8c26
82bb6bc9e88cc89adfe4646928ad342118e57104dd8f55e08d45d9557ab897d8
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
891f2b3f75df81f3c95d5ecf242efa9a39fbe5009c061cb914f8bce73ece4ac6
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8bacb685be7cec7f41a0270e694fa90c0fb448b2c0ded5f1734baf51050d695c
8bc1a1fbc164ff64e51f9c0deaa530b84e6e8190bb44025438cc81d0f44784e7
8c4cb7b7aea5a0aa2a582fbd694920c3b4633bebe81c6b8e3276e3e1fbd048ed
8c8f449f1f7ef1dca0d94ee726667eec8c4b7e86e865fb927b12ff2774c9a2f5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac
9309123f2f619d3ff749e60744bf2ca8c6dab1e8a5f04193bf95343481a9bc43
9c120725f5033ebaffbfd7c7d32de0bd1e452a7cf68b5afa14bb6a40964b4585
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4175829629cc0ee4fa83b14602e308f8e82b2323d3d31e316f5ac197f5068f0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aad48e612efa9d7364a3ad0e06aaa0d46320b7a57cc13697a8997ee9ef7c9101
ad1944561b60e769989ed299e321b79bcd04797a560aee6faeded831020e804e
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b2c6cd7cc8e3c328d5bebf26f33c5c145ed5b2050ac21375b9258ebcb3ffc6cf
b719a37796ef8486a9e7948d9c206d65c28e1e076445e037163b28107d431705
bac2ecaebdb39fa5ab5231f9f02e57efcdcfbc7a2e34f8891dcb7911f14464ce
c18ef6ce512978da48eb40aefe6b63c169b3eb4c1eb4d90f9a1fd8a6e5da553a
cb190163a0d4795999f1905b65b3d026f9308acdffce1cbeabbb96dc26c4816c
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
d98133ce0dc7033265505bffc7aebd92fad444a0cd0271832a877418ccc889c6
daf549c4e623edd159ae373e1cb4a31d5804dfa9d65cde5d5f647b2f457500f9
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e165319834a71165d8450b74c7a8f96e0f7a487389041655eadf44bd9a98f804
e238c7d107dec6923eb003aa3a216e6235b2e36d1742939a126cec471c261840
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59712c8e0bc1ca04d377f39773e2d2837ce4910f0cf5507b65cee6fd90380cc
e5ac8b7b5fa12d207dfaea827c1bd5ea98f79467d75d21328ebcca7d6550c102
e89f969575ceaf8f310a8114f8fe9d11e018786ff25476b1dd35499016ca9ea2
ea94ebdaf20952782be9b62d1c8a7d61aec304e3dc23ded951ec081de832818b
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
eccdf593a4a1484b5209b6e44c7b22704922d0788d0b5e423dc14da0e66abbca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531
f15316721389b1b084e6fb85747089ea51ccf9d81fcfb1b33ace326898e2913f
f1a67642fc97b508ce07cf6df329022bf5184a1c573044dc021e0d6e64688c64
f52a0c7d9fa7ae8e45916c491ae7193f9a1e289f128f05264122c53d8da970db
f6a4889706bf600642b56bb642b3abb96708a8aff1cc2f80bd6848e13458d6d3
f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
feda321bb681dc8593f1cc761778fe3b2ba6447399d3a152cf3c65917df6b147

kontolnemek.situs-web34.my.id Open in urlscan Pro 2606:4700:3037::6815:1133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

115 Requests

87 %HTTPS

48 %IPv6

38 Domains

59 Subdomains

44 IPs

8 Countries

2421 kBTransfer

7258 kBSize

64 Cookies

11 Outgoing links

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

kontolnemek.situs-web34.my.id Open in urlscan Pro
2606:4700:3037::6815:1133 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

87 %
HTTPS

48 %
IPv6

38
Domains

59
Subdomains

44
IPs

8
Countries

2421 kB
Transfer

7258 kB
Size

64
Cookies

115 HTTP transactions
1 data transactions