hallo.terselubung.id Open in urlscan Pro
2606:4700:3037::6815:1f8b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hallo.terselubung.id/
Submission: On December 01 via api (December 1st 2023, 4:56:48 pm UTC) from US — Scanned from US

Summary HTTP 109 Redirects Behaviour Indicators

Summary

This website contacted 37 IPs in 8 countries across 44 domains to perform 109 HTTP transactions. The main IP is 2606:4700:3037::6815:1f8b, located in United States and belongs to CLOUDFLARENET, US. The main domain is hallo.terselubung.id.
TLS certificate: Issued by E1 on November 27th 2023. Valid for: 3 months.

This is the only time hallo.terselubung.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:303... 2606:4700:3037::6815:1f8b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c07::9d	15169 (GOOGLE) (GOOGLE)
13	2606:4700:1::... 2606:4700:1::6813:834c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c19::5e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:46::38 2620:1ec:46::38	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4004:c07::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
2 5	2600:1408:c40... 2600:1408:c400:c::17cd:6887	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 6	68.67.160.186 68.67.160.186	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.41.168.202 23.41.168.202	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:10:... 2606:4700:10::ac43:8ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
1	51.222.39.184 51.222.39.184	16276 (OVH) (OVH)
1 1	23.73.244.44 23.73.244.44	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.222.193.103 23.222.193.103	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	104.36.113.110 104.36.113.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 6	172.253.62.154 172.253.62.154	15169 (GOOGLE) (GOOGLE)
1 1	104.36.113.107 104.36.113.107	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	8.28.7.84 8.28.7.84	62713 (AS-PUBMATIC) (AS-PUBMATIC)
10	2606:4700:1::... 2606:4700:1::6813:844c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9822	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
1 1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2606:4700:303... 2606:4700:3037::6815:444a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
3 3	54.224.36.11 54.224.36.11	14618 (AMAZON-AES) (AMAZON-AES)
2 2	63.251.86.49 63.251.86.49	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 2	18.207.77.150 18.207.77.150	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1	34.213.32.158 34.213.32.158	16509 (AMAZON-02) (AMAZON-02)
1 1	147.135.71.152 147.135.71.152	16276 (OVH) (OVH)
1 1	8.2.110.134 8.2.110.134	46636 (NATCOWEB) (NATCOWEB)
1 2	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
14 19	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a01:bdec:8761:d93e:b6e9	14618 (AMAZON-AES) (AMAZON-AES)
2 3	67.220.228.200 67.220.228.200	16509 (AMAZON-02) (AMAZON-02)
3 3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3 3	54.156.123.241 54.156.123.241	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:9000:201... 2600:9000:201e:5c00:1a:5235:f980:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:215... 2600:9000:215f:7a00:1b:6b7d:2300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.192.51.109 54.192.51.109	16509 (AMAZON-02) (AMAZON-02)
1 2	63.251.86.50 63.251.86.50	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
1	23.55.243.218 23.55.243.218	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.225.212.107 34.225.212.107	14618 (AMAZON-AES) (AMAZON-AES)
8 11	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1 1	34.233.17.13 34.233.17.13	14618 (AMAZON-AES) (AMAZON-AES)
1 1	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
109	37

23 2606:4700:3037::6815:1f8b (United States)

ASN13335 (CLOUDFLARENET, US)

hallo.terselubung.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c07::9d (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:1::6813:834c (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c19::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1408:c400:c::17cd:6887 (Ashburn, United States) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.67.160.186 (Brooklyn, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

nym1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.41.168.202 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-202.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.39.184 (Canada)

ASN16276 (OVH, FR)
PTR: ip184.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.73.244.44 (Edison, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-244-44.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.222.193.103 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-222-193-103.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.36.113.110 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.253.62.154 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.107 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.84 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:1::6813:844c (United States)

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9822 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.154.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:444a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.rtbsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.224.36.11 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-36-11.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.86.49 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.207.77.150 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-77-150.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.213.32.158 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-32-158.us-west-2.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.71.152 (United States) 1 redirects

ASN16276 (OVH, FR)
PTR: ns105964.ip-147-135-71.us

tracker.direct.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.134 (United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.krushmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.206.161.21 (United States) 1 redirects

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 69.173.151.100 (United States) 14 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.141 (Los Angeles, United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-west.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a01:bdec:8761:d93e:b6e9 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.228.200 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.156.123.241 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-123-241.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:201e:5c00:1a:5235:f980:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:215f:7a00:1b:6b7d:2300:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.51.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-109.yul62.r.cloudfront.net

syncv4.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.86.50 (United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.65.202 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.55.243.218 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-243-218.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.212.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-212-107.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 162.19.138.120 (Frankfurt am Main, Germany) 8 redirects

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.233.17.13 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-17-13.compute-1.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.81 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	rubiconproject.com 16 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 461 pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 4410 pixel.rubiconproject.com — Cisco Umbrella Rank: 339	28 KB
23	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 9066 c.mgid.com — Cisco Umbrella Rank: 7275 cdn.mgid.com — Cisco Umbrella Rank: 11503 servicer.mgid.com — Cisco Umbrella Rank: 9134 s-img.mgid.com — Cisco Umbrella Rank: 9069 cm.mgid.com — Cisco Umbrella Rank: 1303 a.mgid.com — Cisco Umbrella Rank: 13689	168 KB
23	terselubung.id hallo.terselubung.id	145 KB
11	id5-sync.com 8 redirects cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	46 KB
10	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	29 KB
7	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 285 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807	5 KB
7	pubmatic.com 6 redirects ads.pubmatic.com — Cisco Umbrella Rank: 544 image8.pubmatic.com — Cisco Umbrella Rank: 661 image2.pubmatic.com — Cisco Umbrella Rank: 859 image4.pubmatic.com — Cisco Umbrella Rank: 1224 image6.pubmatic.com — Cisco Umbrella Rank: 793	65 KB
7	adnxs.com 1 redirects cdn.adnxs.com — Cisco Umbrella Rank: 1605 nym1-ib.adnxs.com — Cisco Umbrella Rank: 1443 ib.adnxs.com — Cisco Umbrella Rank: 229	32 KB
5	bing.com 2 redirects www.bing.com — Cisco Umbrella Rank: 60	11 KB
5	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	195 KB
4	lijit.com 3 redirects ap.lijit.com — Cisco Umbrella Rank: 650 ce.lijit.com — Cisco Umbrella Rank: 835	3 KB
4	360yield.com 4 redirects ad.360yield.com — Cisco Umbrella Rank: 666 ice.360yield.com — Cisco Umbrella Rank: 1817	1 KB
3	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 465	1 KB
3	bidr.io 3 redirects match.prod.bidr.io — Cisco Umbrella Rank: 563	1 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 331	1 KB
3	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474 ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	1 KB
3	e-volution.ai 2 redirects tracker.direct.e-volution.ai — Cisco Umbrella Rank: 6176 sync.e-volution.ai — Cisco Umbrella Rank: 1756	1 KB
3	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327	1 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 408 id.rlcdn.com — Cisco Umbrella Rank: 711	1 KB
2	intentiq.com 1 redirects sync.intentiq.com — Cisco Umbrella Rank: 846 syncv4.intentiq.com — Cisco Umbrella Rank: 16713	362 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 336	1 KB
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 981	1 KB
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 564	936 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com — Cisco Umbrella Rank: 7622	790 B
2	connectad.io cdn.connectad.io — Cisco Umbrella Rank: 4388 sync-eu.connectad.io — Cisco Umbrella Rank: 3826	864 B
2	gstatic.com fonts.gstatic.com	31 KB
1	criteo.com 1 redirects dis.eu.criteo.com — Cisco Umbrella Rank: 7334	534 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940	280 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 495	280 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 866	647 B
1	primis.tech 1 redirects live.primis.tech — Cisco Umbrella Rank: 1398	557 B
1	krushmedia.com 1 redirects cs.krushmedia.com — Cisco Umbrella Rank: 2606	548 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 656	385 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 1072	413 B
1	rtbsystem.com 1 redirects cm.rtbsystem.com — Cisco Umbrella Rank: 3872	771 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 777	632 B
1	idealmedia.io cm.idealmedia.io — Cisco Umbrella Rank: 8024	158 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 714	864 B
1	33across.com ssc-cms.33across.com — Cisco Umbrella Rank: 904
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	64 KB
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4453	36 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
0	a-mo.net Failed prebid.a-mo.net — Cisco Umbrella Rank: 751 Failed
0	admanmedia.com Failed cs.admanmedia.com Failed
109	44

	Domain	Requested by
23	hallo.terselubung.id	hallo.terselubung.id
12	pixel.rubiconproject.com	8 redirects hallo.terselubung.id
11	cm.mgid.com	jsc.mgid.com hallo.terselubung.id
10	id5-sync.com	8 redirects cdn.id5-sync.com hallo.terselubung.id
7	token.rubiconproject.com	6 redirects eus.rubiconproject.com
6	cm.g.doubleclick.net	4 redirects hallo.terselubung.id
5	www.bing.com	2 redirects googleads.g.doubleclick.net hallo.terselubung.id
4	s.amazon-adsystem.com	2 redirects hallo.terselubung.id
4	s-img.mgid.com	hallo.terselubung.id
4	nym1-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	pixel.tapad.com	2 redirects hallo.terselubung.id
3	match.prod.bidr.io	3 redirects
3	match.adsrvr.org	3 redirects
3	aax-eu.amazon-adsystem.com	2 redirects hallo.terselubung.id
3	ad.360yield.com	3 redirects
3	px.ads.linkedin.com	1 redirects hallo.terselubung.id
3	image8.pubmatic.com	3 redirects
3	pagead2.googlesyndication.com	hallo.terselubung.id pagead2.googlesyndication.com www.googletagservices.com
2	ups.analytics.yahoo.com	2 redirects
2	ce.lijit.com	1 redirects hallo.terselubung.id
2	ib.adnxs.com	1 redirects hallo.terselubung.id
2	sync.e-volution.ai	1 redirects hallo.terselubung.id
2	x.bidswitch.net	2 redirects
2	ps.eyeota.net	1 redirects hallo.terselubung.id
2	ap.lijit.com	2 redirects
2	creativecdn.com	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	idsync.rlcdn.com	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	cdn.mgid.com	hallo.terselubung.id
2	tpc.googlesyndication.com	googleads.g.doubleclick.net
2	c.mgid.com	hallo.terselubung.id
2	fonts.gstatic.com	fonts.googleapis.com
2	jsc.mgid.com	hallo.terselubung.id jsc.mgid.com
1	dis.eu.criteo.com	1 redirects
1	image6.pubmatic.com	1 redirects
1	ice.360yield.com	1 redirects
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	a.mgid.com	hallo.terselubung.id
1	match.sharethrough.com	hallo.terselubung.id
1	hb.yahoo.net	hallo.terselubung.id
1	syncv4.intentiq.com	hallo.terselubung.id
1	sync.intentiq.com	1 redirects
1	live.primis.tech	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	pixel-us-west.rubiconproject.com	1 redirects
1	sync-eu.connectad.io	cdn.connectad.io
1	cs.krushmedia.com	1 redirects
1	tracker.direct.e-volution.ai	1 redirects
1	visitor.omnitagjs.com	hallo.terselubung.id
1	id.rlcdn.com	hallo.terselubung.id
1	t.adx.opera.com	hallo.terselubung.id
1	cm.rtbsystem.com	1 redirects
1	pippio.com	1 redirects
1	cm.idealmedia.io	hallo.terselubung.id
1	image4.pubmatic.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	onetag-sys.com	cm.mgid.com
1	ssc-cms.33across.com	cm.mgid.com
1	cdn.connectad.io	cm.mgid.com
1	ads.pubmatic.com	jsc.mgid.com
1	cdn.id5-sync.com	jsc.mgid.com
1	servicer.mgid.com	jsc.mgid.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	cdn.adnxs.com	googleads.g.doubleclick.net
1	adsdk.microsoft.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	hallo.terselubung.id
0	prebid.a-mo.net Failed	hallo.terselubung.id
0	cs.admanmedia.com Failed	hallo.terselubung.id
109	71

This site contains no links.

Subject Issuer	Validity	Valid
terselubung.id E1	`2023-11-27` - `2024-02-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-10-11` - `2024-04-08`	6 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2023-03-16` - `2024-03-15`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.adx.opera.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-22` - `2024-06-20`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://hallo.terselubung.id/
Frame ID: D4550F4F777C559B4022BE095037C64F
Requests: 69 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: 730F66D37F68F457646FC1F83A1D48AD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2102365647668688&output=html&adk=1812271804&adf=3025194257&lmt=1701449797&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fhallo.terselubung.id%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701449797430&bpp=5&bdt=563&idt=421&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4376537079376&frm=20&pv=2&ga_vid=1894680808.1701449798&ga_sid=1701449798&ga_hid=1278904854&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079715%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3450781561121088&tmod=245653491&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=446
Frame ID: 79D6A6BAC60093D3AAFF23A11E87B45F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2102365647668688&output=html&h=600&slotname=6534705562&adk=119056837&adf=436554144&pi=t.ma~as.6534705562&w=260&fwrn=4&fwrnh=100&lmt=1701449797&rafmt=1&format=260x600&url=https%3A%2F%2Fhallo.terselubung.id%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701449797435&bpp=2&bdt=568&idt=446&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4376537079376&frm=20&pv=1&ga_vid=1894680808.1701449798&ga_sid=1701449798&ga_hid=1278904854&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079715%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3450781561121088&tmod=245653491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=452
Frame ID: 49D608A038DF52DE061462E2A66320CD
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 42C21CE418386408A59C2EAF4838BD15
Requests: 15 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Frame ID: E4C59D2F79A34DA348B733CC1C5E8C68
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X
Frame ID: 269E0FB181954FE11B8C46D0E020273A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=nb1DYQ9OFGU8&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 55691E4BD0DEE6931814E3CD9ED1739F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 3A62E8D24000678C93CA5C3EC21EFFF6
Requests: 20 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Frame ID: 09DE2967087DE2EF8A619DFAFBC37041
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hallo News | Berita Aktual dan Terpercaya

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

109
Requests

64 %
HTTPS

32 %
IPv6

44
Domains

71
Subdomains

37
IPs

8
Countries

849 kB
Transfer

2381 kB
Size

95
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=52f3832c-3bec-4520-a74e-09df43c3b058&bidId=2&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=4ecdea2f-d81a-4879-ad34-b8f692317898&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_2-1-0%3F%26RG%3D6751c1b35d8b44dd9448c37ada25e3cf%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7927588&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_erdhrfgYriryY1&aid=3244419448509993783 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_2-1-0?&RG=6751c1b35d8b44dd9448c37ada25e3cf&SNR=1&GV=2&med=10

Request Chain 59

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 60

https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjdCQzEwOTctOEQ3My00MzdCLUExNTItRjIyQTg2NjBGQzQ0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D27BC1097-8D73-437B-A152-F22A8660FC44&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
https://cm.mgid.com/m?cdsp=712807&c=27BC1097-8D73-437B-A152-F22A8660FC44

Request Chain 62

https://idsync.rlcdn.com/712107.gif?partner_uid=nb1DYQ9OFGU8& HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKu7KxIYChQIARDDoQoaDG5iMURZUTlPRkdVOBAAGg0Ix6CoqwYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=5d84e1dc43cb8ae1e99734b04d833ca1a21fa2730853290b7e4402ed1bb33a52791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5d84e1dc43cb8ae1e99734b04d833ca1a21fa2730853290b7e4402ed1bb33a52791426b5417dce21&rand=04230542 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5d84e1dc43cb8ae1e99734b04d833ca1a21fa2730853290b7e4402ed1bb33a52791426b5417dce21&rand=04230542&expected_cookie=c4698b18-faab-43d2-a3fd-e1b2caf9d10d

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bmIxRFlROU9GR1U4&muidn=nb1DYQ9OFGU8 HTTP 302
https://cm.mgid.com/google?muidn=nb1DYQ9OFGU8&google_ula={guid},5&google_gid=CAESEB8gW9IY9IKO5rwjuRgQHPA&google_cver=1

Request Chain 64

https://cm.rtbsystem.com/mgid?c=nb1DYQ9OFGU8&gdpr=0&gdpr_consent=&us_privacy=&cd=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D556372%26c%3D%24%7BUSER%7D HTTP 302
https://cm.mgid.com/m?cdsp=556372&c=3454e078-d840-5a10-9cdd-5eadba6be3ba

Request Chain 65

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=322eb0c1-401b-43b0-ae5c-052d5dbea91d

Request Chain 66

https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=DVeO0TuBYn9S28t7-yUn9PifyJ-TziyfjiYElEHZNl4&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1

Request Chain 68

https://ad.360yield.com/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=665953&c=7c973c29-d059-4ceb-ac60-8cd52e8c052b

Request Chain 70

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D709070%26c%3D%24UID HTTP 307
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D709070%26c%3D%24UID&sovrn_retry=true HTTP 307
https://cm.mgid.com/m?cdsp=709070&c=Hv84hLZHaa1rwto9QQe6ZX9R

Request Chain 71

https://ps.eyeota.net/match?bid=dn2m51u&uid=nb1DYQ9OFGU8&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match/bounce/?bid=dn2m51u&uid=nb1DYQ9OFGU8&gdpr=0&gdpr_consent=

Request Chain 72

https://x.bidswitch.net/sync?dsp_id=303&user_id=nb1DYQ9OFGU8&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=nb1DYQ9OFGU8&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=7fd779db-678d-4fa7-b710-d67815f717b4&name=BIDSWITCH&gdpr=0&gdpr_consent=

Request Chain 74

https://tracker.direct.e-volution.ai/sync?id=5&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D737576%26c%3D%7BPLL_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=737576&c=292cea2f-c48e-92f0-5a83-4fd0f05a1615

Request Chain 75

https://cs.krushmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D827026%26c%3D%5BUID%5D HTTP 302
https://cm.mgid.com/m?cdsp=827026&c=27173c8f-722c-4302-975b-498cc0be6530

Request Chain 76

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=nb1DYQ9OFGU8&gdpr=0&gdpr_consent=&ccpa_consent= HTTP 302
https://ad.360yield.com/server_match?partner_id=1734&gdpr=0&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA_CONSENT]&r=https%3A%2F%2Fsync.e-volution.ai%2F3bffc195cb0e6517abb8844d59beb2f4.gif%3Fpuid%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.e-volution.ai/3bffc195cb0e6517abb8844d59beb2f4.gif?puid=7c973c29-d059-4ceb-ac60-8cd52e8c052b

Request Chain 77

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F35410%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3Dfeb88240-3187-44bd-892a-e540794e010d%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F35410%253Fgpp%253D%2526gdpr_consent%253D%2526gdpr%253D0%2526gpp_sid%253D%2526us_privacy%253D%2526A%253Dfeb88240-3187-44bd-892a-e540794e010d%2526bidder%253Dappnexus%2526cbx%253DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%2526uid%253D%2524UID HTTP 302
https://prebid.a-mo.net/cchain/0/35410?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=feb88240-3187-44bd-892a-e540794e010d&bidder=appnexus&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=2420001899979848974 HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F35410%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3Dfeb88240-3187-44bd-892a-e540794e010d%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F35410%3Fus_privacy%3D1---%26gpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3Dfeb88240-3187-44bd-892a-e540794e010d%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D&gdpr=0&s=191503&us_privacy=1---&C=1 HTTP 302
https://prebid.a-mo.net/cchain/2/35410?us_privacy=1---&gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=feb88240-3187-44bd-892a-e540794e010d&bidder=index_rtb&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=ZWoQSMgdQyY5-k5tdjVvHQAA%262911 HTTP 302
https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F35410%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3Dfeb88240-3187-44bd-892a-e540794e010d%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID HTTP 307
https://prebid.a-mo.net/cchain/3/35410?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=feb88240-3187-44bd-892a-e540794e010d&bidder=sovrn&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=Hv84hLZHaa1rwto9QQe6ZX9R HTTP 302
https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F35410%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3Dfeb88240-3187-44bd-892a-e540794e010d%26bidder%3Dopenx%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F35410%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3Dfeb88240-3187-44bd-892a-e540794e010d%26bidder%3Dopenx%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24%7BUID%7D&us_privacy=1---&ox_sc=1 HTTP 302
https://prebid.a-mo.net/cchain/5/35410?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=feb88240-3187-44bd-892a-e540794e010d&bidder=openx&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=92563154-884b-4d4b-a511-7a720e6f9d8e HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F6%252F35410%253Fgpp%253D%2526gdpr_consent%253D%2526gdpr%253D0%2526gpp_sid%253D%2526us_privacy%253D%2526A%253Dfeb88240-3187-44bd-892a-e540794e010d%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%2526uid%253D%2523PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECfV3hKcDxuJiHzZmi4Nmk0&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:692D71AA20FD40C1BF09D437986BD216 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F6%2F35410%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3Dfeb88240-3187-44bd-892a-e540794e010d%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D27BC1097-8D73-437B-A152-F22A8660FC44&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
https://prebid.a-mo.net/cchain/6/35410?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=feb88240-3187-44bd-892a-e540794e010d&bidder=pubmatic&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=27BC1097-8D73-437B-A152-F22A8660FC44

Request Chain 85

https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=mgid&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&khaos=LPMVA43O-1D-DVYE HTTP 302
https://cm.mgid.com/m?cdsp=43070&c=LPMVA43O-1D-DVYE&gdpr=0

Request Chain 86

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=52f3832c-3bec-4520-a74e-09df43c3b058&bidId=2&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=4ecdea2f-d81a-4879-ad34-b8f692317898&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D6751c1b35d8b44dd9448c37ada25e3cf%26tids%3D2%26med%3D10&rtype=mvFeedbackURL&tagId=7927588&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_erdhrfgYriryY1&aid=3244419448509993783 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=6751c1b35d8b44dd9448c37ada25e3cf&tids=2&med=10

Request Chain 87

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LPMVA43O-1D-DVYE&ex=d-rubiconproject.com&status=ok&gdpr=0

Request Chain 88

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/ImNB5_hnZJIZ5XzU-okW1Mn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-x8m9XoxE2oLnERo8tG5qkkGAVAQNleRW3skEGA--~A

Request Chain 89

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ItQntsiPTaCKFg5cLU6tKw&rk=usync-other&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ItQntsiPTaCKFg5cLU6tKw&gdpr=0

Request Chain 90

https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPMVA43O-1D-DVYE&gdpr=0

Request Chain 91

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzgwZWM5NDhjNzBkOTExN2I0MjhhYTVhNTg5NjgzMThjMTIyZDQ0Mw&gdpr=0

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEDrCAQDolHPGAABw9o2jSo&google_cver=1

Request Chain 93

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/rubicon?gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=341f2b48-d090-40ef-9f31-633f83142a23&gdpr=0&gdpr_consent=&expires=30

Request Chain 94

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=SF3tdscJQS21R8iZjKzvIw&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=SF3tdscJQS21R8iZjKzvIw&gdpr=0

Request Chain 95

https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBNVkE0M08tMUQtRFZZRQ==&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEKgJfRiM5-KNcNQiHdkCnq0&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNVkE0M08tMUQtRFZZRQ==&google_push=&gdpr=0

Request Chain 96

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0 HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACAwk7K1CEAABI_TdS3Zw&expires=30&gdpr=0

Request Chain 97

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0 HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPMVA43O-1D-DVYE&gdpr=0

Request Chain 98

https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0 HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPMVA43O-1D-DVYE&gdpr=0 HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPMVA43O-1D-DVYE HTTP 302
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPMVA43O-1D-DVYE&ripv6=2001:550:1d05:1::11

Request Chain 99

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0 HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LPMVA43O-1D-DVYE&gdpr=0

Request Chain 100

https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPMVA43O-1D-DVYE&gdpr=0 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LPMVA43O-1D-DVYE&gdpr=0

Request Chain 101

https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPMVA43O-1D-DVYE&redir=true&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPMVA43O-1D-DVYE&gdpr=0&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS12V3dST3daRTJ1RU95elc4cUF5c0pUNjR6SjRYR1hzbX5B&gdpr=0&ovsid=LPMVA43O-1D-DVYE&dpid=58160

Request Chain 102

https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPMVA43O-1D-DVYE&gdpr=0

Request Chain 109

https://id5-sync.com/i/231/8.gif?id5id=ID5*hj9baQxS3_3_qdGOtfHWxP7_oqIUhdVrSHwGR7UeF01x80xH6nbkQB3bKbYtdXSdcfSUBKdsmG1uvyfD0G5u8A&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/231/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/231/2/7/2.gif?puid=2420001899979848974&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=341f2b48-d090-40ef-9f31-633f83142a23&ttl=%%TTL%% HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F108%2F5%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/231/108/5/4.gif?puid=6ea8670b-9af2-4ae1-9f9e-457b4a27ec30&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
https://id5-sync.com/k/155.gif?puid=AACAwk7K1CEAABI_TdS3Zw&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
https://ce.lijit.com/merge?pid=27&3pid=341f2b48-d090-40ef-9f31-633f83142a23&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F1245%2F3%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
https://id5-sync.com/c/231/1245/3/6.gif?puid=Hv84hLZHaa1rwto9QQe6ZX9R&gdpr=0&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-a19b61y99hins4VS_7TPGfHAqfOLt2CvcmRMUhB1Rg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F231%2F124%2F2%2F7.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/cq/231/124/2/7.gif?puid=7c973c29-d059-4ceb-ac60-8cd52e8c052b&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F429%2F1%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/231/429/1/8.gif?puid=27BC1097-8D73-437B-A152-F22A8660FC44&gdpr=0&gdpr_consent= HTTP 302
https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F203%2F0%2F9.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/231/203/0/9.gif?puid=a772c64a-07e8-40b6-83af-a6e87b94440f&gdpr=0&gdpr_consent=

109 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hallo.terselubung.id/ 29 KB
8 KB 1394ms
1253ms Document
text/html 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.24
Resource Hash: f62eeaded6a442e8a7e493f36e0c64b7d1ca56bd592aee23dde9c5452a2a71ba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82ecdd46adb2dac1-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 16:56:36 GMT
link: <https://hallo.terselubung.id/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uc%2FNqt6ZxEP3rKFXZhPpGzwrq%2F6e8N25KVhQeHvxfcqXygsxFfD1QTdkTCVN7EAa7Ry6z%2F9AqclUkelt5R6N3f0N%2BrpzZoJzA%2Fse4CgPahrYuhS2KKZ6twRuAu1QyJqr5mUUHmKOlkQM%2F0SMsQW%2FvJz00A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/8.1.24
x-turbo-charged-by: LiteSpeed

GET
H2 200 style.min.css
hallo.terselubung.id/wp-includes/css/dist/block-library/ 107 KB
15 KB 209ms
202ms Stylesheet
text/css 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 12:21:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1add3-6569cfb1-d58b41f2518ec47a;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1zo69HlrXld860Frgf%2Fobd9u8JlCzQkoAwOnquL61ilc3LK%2BpMi8%2Fr%2FsasK01gY0Qef04SXeMimLHEWUzBjU5IzAG838Xwlrk6LPNGthGRy136ljhX%2B6irHmH2x187li36VlrOejg4ppaSSJfLsIrx8kA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82ecdd4e8c20dac1-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 16:56:36 GMT

GET
H2 200 styles.css
hallo.terselubung.id/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 152ms
145ms Stylesheet
text/css 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 12:21:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b2b-6569cfb0-d16058a962e254b;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfnN6Z8V0cpjwi%2FR7y8ht%2FohQGEfsiTPyGHZvRUsZxKnff5HNKXMrXpUZNXxfdU%2B7WBA8H16xHQ%2BMtf02xQcxkK3tEaUevJm%2FvbbFc1h7hDWeyHRk1%2BngOj8WZ1eme8EepiMpGH9vs5vLRarKsea6XIRyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82ecdd4e8c25dac1-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 16:56:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 181ms
64ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c086e2e4eb60b0a54f5120a162bb6aa409e5f42d08be11871cee6134606a323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 16:56:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Dec 2023 16:56:37 GMT

GET
H2 200 style.css
hallo.terselubung.id/wp-content/themes/revenue-pro/ 54 KB
11 KB 150ms
144ms Stylesheet
text/css 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/wp-content/themes/revenue-pro/style.css?ver=20180523
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a715c661f106fa77ad59146fa901c9a52bbc515e64f8ca8ca6ec7b26078f75d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 12:21:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"d99b-6569cfb0-cee2bf3c5fa0cce5;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTS6LgxRogoJhGsNJ0e48uROZQZLjTtVggjbBtKcuzLBHa6Cj0YJzmmwXghyyY6gHdQSuq6Uc51s1LQg4jhYxSAFTUaSBAA5TcQwhuApyRtX%2FPAEC0F0grdMWynKyUCvinMZbR%2FvrkXnwOpqWcVtgCyrKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82ecdd4e8c29dac1-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 16:56:36 GMT

GET
H2 200 genericons.css
hallo.terselubung.id/wp-content/themes/revenue-pro/genericons/ 154 B
488 B 149ms
143ms Stylesheet
text/css 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/wp-content/themes/revenue-pro/genericons/genericons.css?ver=6.4.1
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 12:21:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"9a-6569cfb0-74a8faa78f80ecc8;;;"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2Bm52leDRwmcHC%2FtU9io2Pr3lqeO5byal%2FqYa3F9nss0fqIl0d6vOskR3K%2B%2BXHzDf1h6COxTKqAEplEESj7bvdMPZAd6K1fE3sDrRvXIwC3L65LRjQ7lLYzXIDrAdSkfk5gol6VH2Kte4BiMvBSz%2FhCpNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82ecdd4e8c2adac1-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 16:56:36 GMT

GET
H2 200 responsive.css
hallo.terselubung.id/wp-content/themes/revenue-pro/ 7 KB
2 KB 166ms
161ms Stylesheet
text/css 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/wp-content/themes/revenue-pro/responsive.css?ver=20171012
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba6c8cac4d8d7e28dcb24eb09c61a0c06d7908198cf17f62de01720e3de5d6c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 12:21:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1ccc-6569cfb0-cdc0968e44e2ab1d;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORCV5vSxssVL50RDjvZYvXBf%2FCwujdOOTPZFBzo72sNIHw9U85GSRXIksSgmDfqq4KgIyJNWj2qLng1NlngP1gKbeZI%2F3hK8yprx7zb9Z%2FPhnj2U7%2ByQNdaAb3itWzCGRJelfgSszr4Ck0S%2BdFkiZUiMFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82ecdd4e9c30dac1-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 16:56:36 GMT

GET
H2 200 jquery.min.js Show response
hallo.terselubung.id/wp-includes/js/jquery/ 86 KB
31 KB 211ms
206ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 12:21:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"15601-6569cfb1-cbef1d2dba9c02ad;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8CqHGQTlHIPEVKnBfSgwoMzTzgTfBn7ObGkMf6ScauOe0MDpyzKFUryCDZ%2BxRdo5KgSojADDdhaOWArr39wPk31bltb0c0znnyqVVSBpcB6ogd3mFsL9hTRwKFL1bDZtmmWyEHrtXbs309EmdIxHV1gzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82ecdd4e9c33dac1-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 16:56:36 GMT

GET
H2 200 jquery-migrate.min.js Show response
hallo.terselubung.id/wp-includes/js/jquery/ 13 KB
5 KB 157ms
152ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 12:21:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3509-6569cfb1-df116439352ae163;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kMmXxT7mdwEzfElE9YoSNnU2BttNLoYsGjZSx%2FSqdUdbfIvHjYBMbzx3VHPfVJpzc5LV7SQacbHZl%2FwdQCSxCUO6w57lJDKTRu%2Fp%2FnaguBjEQbuDsfhum%2F1ZO9aaDczpm65QGhJmiOf67OcsiOXK33C9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82ecdd4e9c36dac1-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 16:56:36 GMT

GET
H2 200 checkclicks.js Show response
hallo.terselubung.id/wp-content/plugins/cfmonitor/js/ 49 B
505 B 97ms
92ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/wp-content/plugins/cfmonitor/js/checkclicks.js?ver=6.4.1
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0df963c9efbf64868ab3312f0ba278b13bf97b69c9b9eae2f9399b922ad07525

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:36 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 12:21:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"31-6569cfaf-1e3090f5f0ab4487;;;"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2hqLjG5ykdGolkvpM1T4brxuOZQYNTeqJ6roDBMS%2Bf1pX6lLu%2FC1WI0u8p1RroVaokUryNo49HP3bS94qkIUNzBfJtA%2F7o0DHcmue16HQjdJ%2FeHhFgJKx8%2FnA6aTuZo%2B4zhXbjfTwV%2FMara9cU%2BWp91Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82ecdd4e9c38dac1-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 16:56:36 GMT

GET
H2 200 updateclicks.js Show response
hallo.terselubung.id/wp-content/plugins/cfmonitor/js/ 52 B
374 B 153ms
149ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/wp-content/plugins/cfmonitor/js/updateclicks.js?ver=6.4.1
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94034a75027b217a0f3fdfb41f799a60ae88425a7b0e69bf5d9c4c8ce73ff1b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 12:21:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"34-6569cfaf-723070f66676fe0f;;;"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7A7NZUmDDFRvcvd%2Bn5qa59rpFsPAIbUwbzDtPEsFqxl6yM12ityYqEoAbcANbuk9p3UQtVAO3%2B1l9f0A0VOFKs%2BQmFovH9MFhilZ8yxVXIe1sIWInO6TJ%2FaitF6zCj29kEwDZsOkW67DySzxETlJ1UBuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82ecdd4e9c39dac1-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 16:56:36 GMT

GET
H2 200 check_min.js Show response
hallo.terselubung.id/wp-content/plugins/cfmonitor/js/ 13 KB
5 KB 154ms
149ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/wp-content/plugins/cfmonitor/js/check_min.js?ver=6.4.1
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deaf971a839013e15b3917c3256b6e19f036bc569b72312da9526adcecf5d5e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 12:21:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3514-6569cfaf-1aaec9da88124c9c;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5ogYL9Ir5fZod0WkMOIdxrXx92CrvnL%2F%2FrxkYs3dg1lwWCq2iTPCt7%2BHk0eopB4sfL%2BYK119nvj8qXReVHfvwWHoTWiU7iI%2BIWs%2BGSk%2F0Y5jYv528orlw4hD7VkbvEmCv%2F5avidyRmHfEiKItIO4r0gVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82ecdd4e9c3bdac1-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 16:56:36 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 199ms
85ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2102365647668688

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7d18858df4aafb06fa1bfc4ad543dd3afc73b5fab06c2cba6e96bd5a0dd08ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hallo.terselubung.id/
Origin: https://hallo.terselubung.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51658
x-xss-protection: 0
server: cafe
etag: 13191848482405995990
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 16:56:37 GMT

GET
H2 200 reeboksneakers.biz.1523443.js Show response
jsc.mgid.com/r/e/ 4 KB
2 KB 366ms
303ms Script
text/javascript 2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/r/e/reeboksneakers.biz.1523443.js

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2f853a569440edd97d7101b365b7ba3d56618a1466530456dcda26c94f7e857

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
x-amz-version-id: ohM.LHhQqoDhYolB2cy63j7gKRCTfMl7
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: KG0KK2FNMEX1SRJF
cf-polished: origSize=3773
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: yFps7EEr5Jj250nv0XHfci/IIBjjCGB+Tf6s85Fld6xfDKIJqco5xfjaMXfNMQj11WieZzMgYqNnV7kPXfxVCWwE2MoCgCE1
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 14:15:08 GMT
server: cloudflare
etag: W/"e9270e0784d11cef70522026cee4882a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82ecdd51588821df-MIA
expires: Fri, 01 Dec 2023 19:56:37 GMT

GET
H2 200 index.js Show response
hallo.terselubung.id/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 186ms
182ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 12:21:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2a12-6569cfb0-a0e709502cc656c7;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9sHjJHhtpO7SlnW4H4ht9tmocVhlgRg8JMF5s1WUuHVimKYSgpkAMci3%2FWR4kz2claqZ2bLu77J2zM9zYTx%2FsKIWvWoHvkMxjNM1zFa8HaSciU98jRcDNsbycpREM53PEEDv7q%2BubQ3KXdSfB3K2rTgnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82ecdd4ebc7cdac1-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 16:56:37 GMT

GET
H2 200 index.js Show response
hallo.terselubung.id/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 185ms
181ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 12:21:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"328f-6569cfb0-6565ff1ad956f65e;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h89uFEW8MTj3c7g5eSmkKqRt%2Brg7nLvtSoZNrStAMLXshA71C9s5Umls%2FRkuX4fsNvVHgwkYs0QO4XAf%2BVM0HGaD5wKGs7urH6QnWtL3ac%2F2v9ZaxaNcg1xOuGCm7gnruQEdUFs%2B9B4jckBE03UPaImeeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82ecdd4ebc7ddac1-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 16:56:37 GMT

GET
H2 200 superfish.js Show response
hallo.terselubung.id/wp-content/themes/revenue-pro/assets/js/ 7 KB
3 KB 188ms
185ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/wp-content/themes/revenue-pro/assets/js/superfish.js?ver=6.4.1
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 12:21:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1d7c-6569cfb0-ed760259cc6fff68;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JVgjkpZ7pZosQXYDGSDwj17rsD8kUeCa6fjuenOhBx53nPXmjDxSnKf5Fk9RgDVFhz0yoAQQxVaJWI9TlG2B8fQrlTxu%2BIrYfRB7U8CaMAYRW4iLlkMOwvQrHe63s0%2F%2F6X%2BPbWzRE5%2FXuTZvhDC2%2BjtZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82ecdd4ebc82dac1-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 16:56:37 GMT

GET
H2 200 jquery.slicknav.min.js Show response
hallo.terselubung.id/wp-content/themes/revenue-pro/assets/js/ 8 KB
3 KB 189ms
185ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/wp-content/themes/revenue-pro/assets/js/jquery.slicknav.min.js?ver=6.4.1
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 12:21:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"20df-6569cfb0-ab86bc74495cd6e1;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0cXln6npfN8moPexIWN6%2F0EP7NXBS4GdByTW7WymNKRYQQFeNgRY5wVsq1eaQj4CuZjaPdnm%2FWJ3ePsaQxxcuVUk0%2FNKItha9Xgbadvoz49ARMe0Iwb2kytdo4naqqgxQDnJmhi4hxIYa1VQuZGg2SzDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82ecdd4ebc85dac1-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 16:56:37 GMT

GET
H2 200 jquery.sticky.js Show response
hallo.terselubung.id/wp-content/themes/revenue-pro/assets/js/ 10 KB
3 KB 187ms
184ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/wp-content/themes/revenue-pro/assets/js/jquery.sticky.js?ver=6.4.1
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcf6b9b28cec8958f9d3f3ee39070e85ffd46d670f1f0baa7cd21aa24c188a00

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 12:21:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2765-6569cfb0-d1ba65155e21730;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ra6hRgwVTdxnD%2B%2BTS8vYxCC5N7FiWcQak7Gjz3e2uWv9mI3ihZcKsnXWnVE7CcTKy1poWPdtOHrXZtrBZdOX0eJPdKrD85wPjZEhj4QI9CW9hiCymGbWhjJSA49DfLB8V7BC3skP818Bs4%2FmtfXrcjWLWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82ecdd4ebc88dac1-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 16:56:37 GMT

GET
H2 200 modernizr.min.js Show response
hallo.terselubung.id/wp-content/themes/revenue-pro/assets/js/ 15 KB
7 KB 186ms
183ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/wp-content/themes/revenue-pro/assets/js/modernizr.min.js?ver=6.4.1
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 12:21:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3c36-6569cfb0-32215c5b8a7df0f0;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dF%2F%2FZ%2FLs85VLX%2BpIWq05XKYj1KouaFzvmYr2TAoudoozmDnJ6pAmFLrvWBL1ZkYp%2FWvdCsNQUeusDgVnluKMkQybYDmpoyLi8JX7nEFzcwaFZ%2BtS%2BjACC50uecVoZLZCrcEw4tAFoBrBswVTUtPHWzyKDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82ecdd4ebc8adac1-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 16:56:37 GMT

GET
H2 200 html5.js Show response
hallo.terselubung.id/wp-content/themes/revenue-pro/assets/js/ 10 KB
3 KB 185ms
183ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/wp-content/themes/revenue-pro/assets/js/html5.js?ver=6.4.1
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 12:21:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"285a-6569cfb0-ed35ae721799fcf1;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5i1wzmmt75Z4BvWJ0wcIpmWzurkOMFwsRO6wQS5auF4eQYW%2B5MgXgsEa6wm51ppL2l1GDikcU3I7gUL9R0jcReVM7EYdGUX5%2BnJaewoTmpX8j2iE0WXFmVWw4p4xfuJOIhCabsHn3CjM0TLEpyw4jE3%2F1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82ecdd4ebc8ddac1-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 16:56:37 GMT

GET
H2 200 jquery.bxslider.min.js Show response
hallo.terselubung.id/wp-content/themes/revenue-pro/assets/js/ 66 KB
16 KB 251ms
249ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/wp-content/themes/revenue-pro/assets/js/jquery.bxslider.min.js?ver=6.4.1
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 12:21:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"107e0-6569cfb0-6d5ea1cc0b6a975e;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aF1REMvaI5o0d43ND0QQIAXQtEFhLV1rtDGae0Z5CO%2F%2B0%2F7HF%2FdW6o7LAuPosje4nB1epomuYhY7UW65kSsgpHMYXZQy9%2Buos8edxDFY3UpqzoANv7s78f9m%2Fuz333ZJIWNi9hKr7uHZr2%2B%2B15hvV08aKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82ecdd4ebc8fdac1-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 16:56:37 GMT

GET
H2 200 jquery.custom.js Show response
hallo.terselubung.id/wp-content/themes/revenue-pro/assets/js/ 4 KB
1 KB 182ms
180ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/wp-content/themes/revenue-pro/assets/js/jquery.custom.js?ver=20171010
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b54c606593230660358db37e22ffba85f6a17b9c8619677ecaa6e1e12702f21f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 12:21:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1046-6569cfb0-6dc7f07098e7dc1;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjuHPkX1d53X2ZN1kDOeLkXBVknEcJY1oHag5vPYkpccqM9sIOVNQYvQH1wgf7d34SLz7oTjtWxT8uHm46thV3IgNYoLsYIjq5hRMbBhe7csEBVRqMTtY03aGfGiQmB1Gc%2BNdQGHyiiblXGMSWoADzVYJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82ecdd4ebc94dac1-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 16:56:37 GMT

GET
BLOB 200
OK 272fabb6-d0be-463f-9294-fe7e9a23df04
https://hallo.terselubung.id/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hallo.terselubung.id/272fabb6-d0be-463f-9294-fe7e9a23df04
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 genericons.css
hallo.terselubung.id/wp-content/themes/revenue-pro/genericons/genericons/ 28 KB
16 KB 204ms
204ms Stylesheet
text/css 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/wp-content/themes/revenue-pro/genericons/genericons/genericons.css
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/wp-content/themes/revenue-pro/genericons/genericons.css?ver=6.4.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/wp-content/themes/revenue-pro/genericons/genericons.css?ver=6.4.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 12:21:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6e6a-6569cfb0-1a619a72f73bb72a;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2Bjv7zaA7Kq2hoQNP5m7PJd4EDQa7wFcSzA3b8YM15fYGXgN5oszZmkYxrt2aabMjiK6ITxrXh5KwperigQjSqBWw69%2BMEy4yoxOojWl0yzK9oKxqn5lLAFjaLPZs8RMrxB8TjZMOeVB8ZUOGaMubd5uTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82ecdd4f7fe8dab1-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 16:56:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 606ms
56ms Font
font/woff2 2607:f8b0:4004:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hallo.terselubung.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 09:46:11 GMT
x-content-type-options: nosniff
age: 25826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 09:46:11 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://hallo.terselubung.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 619ms
70ms Font
font/woff2 2607:f8b0:4004:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hallo.terselubung.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:32:18 GMT
x-content-type-options: nosniff
age: 433459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Nov 2024 16:32:18 GMT

GET
H3 200 wp-emoji-release.min.js Show response
hallo.terselubung.id/wp-includes/js/ 18 KB
5 KB 152ms
152ms Script
application/javascript 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hallo.terselubung.id/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 01 Dec 2023 12:21:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4904-6569cfb1-5dfd79fc262c26dd;gz"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NsW1epgy9IqXIJeNNkeMCl%2B6BYax4ft0xt3%2FdPk1ZfFaO34K3wnTkI6ryj9NTL%2FEhqjf52pPnTXn%2BILFhqXNpEREltWiOI7JyzwR7qNhZFw9GlEQ%2FFxg0DxM4kryU1h0YIY%2F1l%2B32k1sb0G1yTQHEqWfyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 82ecdd513b6cdab1-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 16:56:37 GMT

POST
H3 200 admin-ajax.php Show response
hallo.terselubung.id/wp-admin/ 35 B
672 B 831ms
831ms XHR
application/json 2606:4700:3037::6815:1f8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hallo.terselubung.id/wp-admin/admin-ajax.php?action=ajax-checkclicks&nonce=d1b0f14444

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:1f8b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.24

Resource Hash

bee21190895d4bc1b457c1687bd56d603c1b2377651cc18afe2e48631aaf7b68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://hallo.terselubung.id/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.1.24
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/json
access-control-allow-origin: https://hallo.terselubung.id
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4faScQCIyMM2tcaRV8jY%2F%2Fc0JGw9vEIIuL%2FXhNmyiDkPHzAp48jb%2BqOyzGo9Tril%2B%2BiGQT3UsBP%2BU%2BXXOnCvUAcrbq8bLY%2Fhm6udbf9CWdeBE6KynyXnHS%2FCA8n2rkiydaJLcaWHfWlThQQ3QjjsP3O8KA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-turbo-charged-by: LiteSpeed
x-robots-tag: noindex
cf-ray: 82ecdd513b82dab1-MIA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/ 398 KB
134 KB 237ms
129ms Script
text/javascript 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_fy2021.js?bust=31079889

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2102365647668688

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7416a2902c603be8fd0a27e49e926ba4681534017b24785bbebb75488bd9c8e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137486
x-xss-protection: 0
server: cafe
etag: 12670685107820615993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 16:56:37 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 730F 9 KB
4 KB 166ms
54ms Document
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2102365647668688

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hallo.terselubung.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 73729
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 20:27:48 GMT
etag: 12051592065903069241
expires: Thu, 14 Dec 2023 20:27:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reeboksneakers.biz.1523443.es6.js Show response
jsc.mgid.com/r/e/ 315 KB
95 KB 249ms
47ms Script
text/javascript 2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/r/e/reeboksneakers.biz.1523443.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/reeboksneakers.biz.1523443.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfc3699dd839ca3a7dc1e8aa7e774359fdc311bda16f675d3ea57aba4383b037

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://hallo.terselubung.id/
Origin: https://hallo.terselubung.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:37 GMT
x-amz-version-id: 0J2EPewNx8zBUk7PetQtn_j6vBnUjcAA
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: T3K50B8E31VE46MP
age: 97
cf-polished: origSize=322222
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: WLBhuIWCPXQkYHJC5+eXVVRxQ0DNY8D7idn+4vYOgPKZLVcvIrCl83S4Wdt2rI86uutH9M4+5JeGD/INKWhD44Yc8ohGo5qG
cf-bgj: minify
last-modified: Mon, 27 Nov 2023 14:15:08 GMT
server: cloudflare
etag: W/"be6c40568fb47806b940d1699994411c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 82ecdd548e8b370d-MIA
expires: Fri, 01 Dec 2023 19:56:37 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 79D6 10 KB
5 KB 472ms
416ms Document
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2102365647668688&output=html&adk=1812271804&adf=3025194257&lmt=1701449797&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fhallo.terselubung.id%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701449797430&bpp=5&bdt=563&idt=421&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4376537079376&frm=20&pv=2&ga_vid=1894680808.1701449798&ga_sid=1701449798&ga_hid=1278904854&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079715%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3450781561121088&tmod=245653491&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=446

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_fy2021.js?bust=31079889

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3eb9e05d67554e734b093a0490d0d050f4f427280aaa2a20e25d5ba50f0133da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hallo.terselubung.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4493
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 16:56:38 GMT
expires: Fri, 01 Dec 2023 16:56:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 49D6 57 KB
19 KB 417ms
372ms Document
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2102365647668688&output=html&h=600&slotname=6534705562&adk=119056837&adf=436554144&pi=t.ma~as.6534705562&w=260&fwrn=4&fwrnh=100&lmt=1701449797&rafmt=1&format=260x600&url=https%3A%2F%2Fhallo.terselubung.id%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701449797435&bpp=2&bdt=568&idt=446&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4376537079376&frm=20&pv=1&ga_vid=1894680808.1701449798&ga_sid=1701449798&ga_hid=1278904854&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079715%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3450781561121088&tmod=245653491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=452

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_fy2021.js?bust=31079889

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a83d4017262ebc64c732acf5aeac5d6393362bfd655b53aa8469a1082b9aea77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hallo.terselubung.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 19130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 16:56:38 GMT
expires: Fri, 01 Dec 2023 16:56:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK 59c90c9e-8301-4368-b615-1f855288a7ec
https://hallo.terselubung.id/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hallo.terselubung.id/59c90c9e-8301-4368-b615-1f855288a7ec
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK af8eed46-f023-4ee4-9fe5-cb03f00081fe
https://hallo.terselubung.id/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hallo.terselubung.id/af8eed46-f023-4ee4-9fe5-cb03f00081fe
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 /
c.mgid.com/pv/ 43 B
138 B 72ms
71ms Image
image/gif 2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/pv/?lu=https%3A%2F%2Fhallo.terselubung.id%2F&cbuster=1701449797978708351587&pvid=18c264f9159a0a4c382&implVersion=11&cxurl=https%3A%2F%2Fhallo.terselubung.id%2F&site=909306&i=1&scum=%3F0&scuw=%3F0

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 82ecdd557e2421df-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
BLOB 206
Partial Content ad921a0c-2a1b-4c75-8711-d8b9d46ce3ed
https://hallo.terselubung.id/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hallo.terselubung.id/ad921a0c-2a1b-4c75-8711-d8b9d46ce3ed
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 42C2 91 KB
36 KB 131ms
53ms Script
application/javascript 2620:1ec:46::38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2102365647668688&output=html&h=600&slotname=6534705562&adk=119056837&adf=436554144&pi=t.ma~as.6534705562&w=260&fwrn=4&fwrnh=100&lmt=1701449797&rafmt=1&format=260x600&url=https%3A%2F%2Fhallo.terselubung.id%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701449797435&bpp=2&bdt=568&idt=446&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4376537079376&frm=20&pv=1&ga_vid=1894680808.1701449798&ga_sid=1701449798&ga_hid=1278904854&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079715%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3450781561121088&tmod=245653491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=452
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 16:56:39 GMT
content-encoding: br
last-modified: Fri, 10 Nov 2023 19:05:36 GMT
vary: Accept-Encoding
x-azure-ref: 20231201T165639Z-rhexu9e8890k3ere055vmpmpy00000000shg000000021zrf
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a9390128-d01e-00ca-6e17-20e0ef000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 42C2 80 KB
28 KB 88ms
28ms Script
application/x-javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2102365647668688&output=html&h=600&slotname=6534705562&adk=119056837&adf=436554144&pi=t.ma~as.6534705562&w=260&fwrn=4&fwrnh=100&lmt=1701449797&rafmt=1&format=260x600&url=https%3A%2F%2Fhallo.terselubung.id%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701449797435&bpp=2&bdt=568&idt=446&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4376537079376&frm=20&pv=1&ga_vid=1894680808.1701449798&ga_sid=1701449798&ga_hid=1278904854&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079715%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3450781561121088&tmod=245653491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=452
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires: Thu, 14 Nov 2024 14:07:00 GMT
Date: Fri, 01 Dec 2023 16:56:39 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 1392579
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27680
X-Served-By: cache-lga21956-LGA, cache-mia-kmia1760096-MIA
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
X-Timer: S1701449799.232317,VS0,VE0
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 17, 69726

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 42C2 3 KB
1 KB 174ms
62ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2102365647668688&output=html&h=600&slotname=6534705562&adk=119056837&adf=436554144&pi=t.ma~as.6534705562&w=260&fwrn=4&fwrnh=100&lmt=1701449797&rafmt=1&format=260x600&url=https%3A%2F%2Fhallo.terselubung.id%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701449797435&bpp=2&bdt=568&idt=446&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4376537079376&frm=20&pv=1&ga_vid=1894680808.1701449798&ga_sid=1701449798&ga_hid=1278904854&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079715%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3450781561121088&tmod=245653491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 13:49:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 13:49:31 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 42C2 20 KB
9 KB 166ms
54ms Script
text/javascript 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:53:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75807
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:53:12 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 42C2 202 KB
64 KB 171ms
59ms Script
text/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 16:56:39 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 42C2
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=52f3832c-3bec-4520-a74e-09df43c3b058&bidId=2&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=4ecdea2f-d81a-4879-ad3...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_2-1-0?&RG=6751c1b35d8b44dd9448c37ada25e3cf&SNR=1&GV=2&med=10

0
546 B

95ms
94ms

Image
text/plain

2600:1408:c400:c::17cd:6887
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_2-1-0?&RG=6751c1b35d8b44dd9448c37ada25e3cf&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2102365647668688&output=html&h=600&slotname=6534705562&adk=119056837&adf=436554144&pi=t.ma~as.6534705562&w=260&fwrn=4&fwrnh=100&lmt=1701449797&rafmt=1&format=260x600&url=https%3A%2F%2Fhallo.terselubung.id%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701449797435&bpp=2&bdt=568&idt=446&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4376537079376&frm=20&pv=1&ga_vid=1894680808.1701449798&ga_sid=1701449798&ga_hid=1278904854&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079715%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3450781561121088&tmod=245653491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=452
Protocol: H2
Server: 2600:1408:c400:c::17cd:6887 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E8C314872C454631A2457E862B788369 Ref B: BLUEDGE1917 Ref C: 2023-12-01T16:56:39Z
x-cdn-traceid: 0.87dcda17.1701449799.b600a3e
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 01 Dec 2023 16:56:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D8F4D3FC04D94799B20CA3204F79A50A Ref B: ASHEDGE1312 Ref C: 2023-12-01T16:56:39Z
x-cdn-traceid: 0.87dcda17.1701449799.b600904
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_2-1-0?&RG=6751c1b35d8b44dd9448c37ada25e3cf&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 150
expires: 0

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 38ms
37ms Image
image/svg+xml 2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/mgid/mgid_ua.svg

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:39 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: FT3B2YNDBGENVSWC
age: 3961
alt-svc: h3=":443"; ma=86400
x-amz-id-2: T5sPcjZtf+bDh6XdJmp7hMMaIrle5xKb9BwVfmaNkAxai8X9iK4oKQPncfqBkIMJTmPLzS6Pbg2Yz9at9uMFJU2Q4p1mhW6T9hRl6tH5ghk=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 82ecdd5ce8dd21df-MIA
expires: Sat, 02 Dec 2023 16:56:39 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
815 B 38ms
38ms Image
image/svg+xml 2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgid.com/images/logos/Adchoices.svg

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:39 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: YQB9E0XZ4AF5YHE7
age: 2871
alt-svc: h3=":443"; ma=86400
x-amz-id-2: CxpyNkMvUy7EglrL46ndveEgmcKj5NlhgNn3xrtwadQGLxOYO5GJbbUWfWYVC/75XuxenQ1eXpI=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 82ecdd5ce8df21df-MIA
expires: Sat, 02 Dec 2023 16:56:39 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1523443/ 5 KB
2 KB 107ms
106ms Script
application/x-javascript 2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/1523443/1?mp4=1&ap=1&w=260&h=1014&sz=257x227&szp=1,2,3,4&szl=1;2;3;4&cols=1&sessionId=656a1046-13dc8&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fhallo.terselubung.id%2F&cbuster=1701449799221839418030&pvid=18c264f9159a0a4c382&implVersion=11&cxurl=https%3A%2F%2Fhallo.terselubung.id%2F&scum=%3F0&scuw=%3F0&uniqId=0b1c0&niet=4g&nisd=false&pv=5&lct=1701043200&jsv=es6&pageView=1&dpr=1&ref=&tfre=2347

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/reeboksneakers.biz.1523443.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e846df0722586596b65f53041a5ed657477b65c5613661c8edee191a8a66a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 82ecdd5d39a721df-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 th
www.bing.com/ Frame 42C2 9 KB
10 KB 170ms
170ms Image
image/jpeg 2600:1408:c400:c::17cd:6887
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OPHS.jkdaz%2bquoz%2f74g474C474&o=5&pid=21.1&w=300&h=300&qlt=90&c=17
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2102365647668688&output=html&h=600&slotname=6534705562&adk=119056837&adf=436554144&pi=t.ma~as.6534705562&w=260&fwrn=4&fwrnh=100&lmt=1701449797&rafmt=1&format=260x600&url=https%3A%2F%2Fhallo.terselubung.id%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701449797435&bpp=2&bdt=568&idt=446&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4376537079376&frm=20&pv=1&ga_vid=1894680808.1701449798&ga_sid=1701449798&ga_hid=1278904854&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079715%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3450781561121088&tmod=245653491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=452
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:c::17cd:6887 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 06a9b01b015f9eb466efe24dc546a7f1a0163682e51f4419261c4e0dbffc697e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:39 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.87dcda17.1701449799.b6009b7
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 9381
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
nym1-ib.adnxs.com/ Frame 42C2 0
533 B 193ms
63ms Script
text/html 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fhallo.terselubung.id&e=wqT_3QKABOgAAgAAAwDWAAUBCMagqKsGELemutbHyZ-DLRgAKjYJR2VivFvPjj8RSC8C-439jT8ZexSuR-F6hD8hSA0SACkRJAAxERuoMKTu4wM4tQFAtV5I4wNQuomKtgFYwLE9YABon6RUeACAAQGKAQNVU0SSAQEG8FKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBEDEtdGVyc2VsdWJ1bmcuaWTYAvAG4AKiqDHqAhxodHRwczovL2hhbGxvLnRlch0o8H2AAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFm8L0_pzxjrQnwAUAyQUAAAAAAADwP9IFCQkJDHgAANgFAOAFAfAF-tAF-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBsKNBNoGFgoQCRIZAWwQABgA4AYB8gYCCACABwGIBwCgBwHIBwDSBw0JESYBJAjaBwYBXKgYAOAHAOoHAggA8AfcjMgEiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=6f9bc01c723cf2d26cbbdc02dbfe2952d3ce9828&bdref=https%3A%2F%2Fhallo.terselubung.id%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fhallo.terselubung.id%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2102365647668688%26output%3Dhtml%26h%3D600%26slotname%3D6534705562%26adk%3D119056837%26adf%3D436554144%26pi%3Dt.ma~as.6534705562%26w%3D260%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701449797%26rafmt%3D1%26format%3D260x600%26url%3Dhttps%253A%252F%252Fhallo.terselubung.id%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701449797435%26bpp%3D2%26bdt%3D568%26idt%3D446%26shv%3Dr20231129%26mjsv%3Dm202311290101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D4376537079376%26frm%3D20%26pv%3D1%26ga_vid%3D1894680808.1701449798%26ga_sid%3D1701449798%26ga_hid%3D1278904854%26ga_fc%3D0%26u_tz%3D-600%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1080%26ady%3D170%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079715%252C44795922%252C31078301%252C31079889%252C44806141%252C44807764%252C44808148%252C44808285%252C44809071%26oid%3D2%26pvsid%3D3450781561121088%26tmod%3D245653491%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26dtd%3D452,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2102365647668688%26output%3Dhtml%26h%3D600%26slotname%3D6534705562%26adk%3D119056837%26adf%3D436554144%26pi%3Dt.ma~as.6534705562%26w%3D260%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701449797%26rafmt%3D1%26format%3D260x600%26url%3Dhttps%253A%252F%252Fhallo.terselubung.id%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701449797435%26bpp%3D2%26bdt%3D568%26idt%3D446%26shv%3Dr20231129%26mjsv%3Dm202311290101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D4376537079376%26frm%3D20%26pv%3D1%26ga_vid%3D1894680808.1701449798%26ga_sid%3D1701449798%26ga_hid%3D1278904854%26ga_fc%3D0%26u_tz%3D-600%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1080%26ady%3D170%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079715%252C44795922%252C31078301%252C31079889%252C44806141%252C44807764%252C44808148%252C44808285%252C44809071%26oid%3D2%26pvsid%3D3450781561121088%26tmod%3D245653491%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26dtd%3D452&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:39 GMT
an-x-request-uuid: 96684c97-9d5d-4572-bba1-9f1cd3b3f6c3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.67; 38.132.118.67; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8xMzUzMDkvOGZkM...
s-img.mgid.com/g/17924127/492x277/-/ 8 KB
8 KB 100ms
39ms Image
image/webp 2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/17924127/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8xMzUzMDkvOGZkMjdlMTNjZDNiZmU1MzFiMzlkODczZTM0NDM2OGUuanBlZw.webp?v=1701449799-NiT7hd6iYqSK_VOfuLvR5r43kc5j0jP7UQ2NbYpdHU0

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d232e960083273781aa206a79b87801a165be4c1f380b456c9052f8546e18f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://hallo.terselubung.id/
Origin: https://hallo.terselubung.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 2e817037-d270-4703-8851-18435eab601d
age: 105527
alt-svc: h3=":443"; ma=86400
content-length: 7772
last-modified: Thu, 30 Nov 2023 11:16:04 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 82ecdd5e885321d9-MIA

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjk0MDMvY2I5M...
s-img.mgid.com/g/16151558/492x277/-/ 26 KB
26 KB 98ms
39ms Image
image/webp 2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/16151558/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjk0MDMvY2I5MDZhYWVjOGIzNjQxYmJlN2JkNmE2MWM3Yzk0YzkuanBlZw.webp?v=1701449799-nvLHDbT0FAZ3ehyPuA2A7gG3gb1R56pMkgCOKr6cInI

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e51211d4f8de1139d08ac3fe5879f68e27ab158e315fdf86906512bd167da0fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://hallo.terselubung.id/
Origin: https://hallo.terselubung.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 8e56e73f-d4b1-4fdf-88bf-90ecee2bd864
age: 120097
alt-svc: h3=":443"; ma=86400
content-length: 26322
last-modified: Tue, 09 May 2023 10:18:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 82ecdd5e885621d9-MIA

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy8zNjk0MDMvZWUyM...
s-img.mgid.com/g/17694976/492x277/-/ 18 KB
18 KB 100ms
40ms Image
image/webp 2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/17694976/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy8zNjk0MDMvZWUyMGE4MjY1N2MzMzk1MDI4NjE0NzliN2E3ODU4NDcuanBn.webp?v=1701449799-AFfXGSesX5jODMD4xaL6g1WEvK5gx4B6nTHz81iPaZ4

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

407571bf914f7fc37d433bb2331723d08982d94ad9568cba2d1b8bde13005a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://hallo.terselubung.id/
Origin: https://hallo.terselubung.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: ab73f17f-57ce-4b1b-8246-6524dbc301d1
age: 184321
alt-svc: h3=":443"; ma=86400
content-length: 18172
last-modified: Thu, 09 Nov 2023 09:44:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 82ecdd5e885821d9-MIA

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNi8zNjY5MDQvMzljM...
s-img.mgid.com/g/16606294/492x277/-/ 9 KB
9 KB 102ms
43ms Image
image/webp 2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/16606294/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNi8zNjY5MDQvMzljMTZhYzMzZDRkZDAxMjJlYjI4YTIyODQ0Yzk5NjQuanBn.webp?v=1701449799-Z5UK3l9ACGIkzwKuMUVgfNP_lx9AfREcsI0nS-07YP4

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6055f3148ddc7f73338abc085b9d8bf26841e12955affeab752e528e355e95d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://hallo.terselubung.id/
Origin: https://hallo.terselubung.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 4454f06a-4639-47d0-8eb2-0dfd43b9212b
age: 1848034
alt-svc: h3=":443"; ma=86400
content-length: 8722
last-modified: Sun, 02 Jul 2023 22:54:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 82ecdd5e885721d9-MIA

GET
H2 200 i.js Show response
cm.mgid.com/ 4 KB
2 KB 66ms
65ms Script
application/javascript 2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.mgid.com/i.js?muid=nb1DYQ9OFGU8&cbuster=1701449799378291692753

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/reeboksneakers.biz.1523443.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d3dea9ff019cdcc54eda72e8ecf7d404f6ef6c538477e354c3928e62408eda0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82ecdd5e3b2021df-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 151 KB
33 KB 103ms
43ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/reeboksneakers.biz.1523443.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 11:19:25 GMT
server: cloudflare
x-amz-request-id: P91W47HHEZS8ND2D
age: 2356
etag: W/"53159e4ae3ffbda2ff6c0204350035be"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 82ecdd5e9b933dd7-MIA
x-amz-id-2: BtjRvaFOHKAloduKDjJ/cJr8bM4ZdH9EthIEq23FPyPC5mbd98gFP/3e/ZJLgAUqochKpmMeKj6Lf7o/t9Thyg==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 207 KB
63 KB 376ms
69ms Script
application/javascript 23.41.168.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/reeboksneakers.biz.1523443.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.41.168.202 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-168-202.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:39 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=20676
accept-ranges: bytes
content-length: 63913
expires: Fri, 01 Dec 2023 22:41:15 GMT

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame E4C5 1 KB
864 B 106ms
46ms Document
text/html 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=nb1DYQ9OFGU8&cbuster=1701449799378291692753
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer: https://hallo.terselubung.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 492
alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: HIT
cf-ray: 82ecdd5f0b558dc1-MIA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 16:56:39 GMT
last-modified: Fri, 01 Dec 2023 16:48:27 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 269E 0
0 307ms
62ms Document
text/plain 67.202.105.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001hSPhhAAG&us_privacy=&ru=https%3A//cm.mgid.com/m%3Fcdsp%3D796887%26c%3D33XUSERID33X
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=nb1DYQ9OFGU8&cbuster=1701449799378291692753
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-105.static.steadfastdns.net
Software: 33XP010 /
Resource Hash

Request headers

Referer: https://hallo.terselubung.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

date: Fri, 01 Dec 2023 16:56:39 GMT
server: 33XP010
x-33x-status: 2000208

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 5569 2 KB
864 B 314ms
71ms Document
text/html 51.222.39.184
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7cd9d7c7c13ff36&sync_id=nb1DYQ9OFGU8&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=nb1DYQ9OFGU8&cbuster=1701449799378291692753

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.184 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip184.ip-51-222-39.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://hallo.terselubung.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3A62
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=

281 B
555 B

169ms
54ms

Document
text/html

23.222.193.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=nb1DYQ9OFGU8&cbuster=1701449799378291692753
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.193.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-222-193-103.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://hallo.terselubung.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 01 Dec 2023 16:56:39 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 01 Dec 2023 16:56:39 GMT
location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
server: AkamaiGHost

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m...
https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjdCQzEwOTctOEQ3My00MzdCLUExNTItRjIyQTg2NjBGQzQ0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D27BC1097-8D73-437B-A152-F22A8660FC44&us_privacy=%24%7BUS_PRIVACY%7D
https://cm.mgid.com/m?cdsp=712807&c=27BC1097-8D73-437B-A152-F22A8660FC44

43 B
542 B

63ms
63ms

Image
image/gif

2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=712807&c=27BC1097-8D73-437B-A152-F22A8660FC44

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Server

2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82ecdd658cc2288c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=712807&c=27BC1097-8D73-437B-A152-F22A8660FC44
date: Fri, 01 Dec 2023 16:56:39 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
158 B 297ms
65ms Image
image/gif 2606:4700::6813:9822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.idealmedia.io/setmuidn/?muidf=nb1DYQ9OFGU8

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 82ecdd60195b8dcd-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://idsync.rlcdn.com/712107.gif?partner_uid=nb1DYQ9OFGU8&
https://idsync.rlcdn.com/1000.gif?memo=CKu7KxIYChQIARDDoQoaDG5iMURZUTlPRkdVOBAAGg0Ix6CoqwYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=5d84e1dc43cb8ae1e99734b04d833ca1a21fa2730853290b7e4402ed1bb33a52791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5d84e1dc43cb8ae1e99734b04d833ca1a21fa2730853290b7e4402ed1bb33a52791426b5417dce21&rand=04230542
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5d84e1dc43cb8ae1e99734b04d833ca1a21fa2730853290b7e4402ed1bb33a52791426b5417dce21&rand=04230542&expected_cookie=c4698b18-faab-43d2-a3fd-e1b2caf9d10d

0
142 B

81ms
81ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5d84e1dc43cb8ae1e99734b04d833ca1a21fa2730853290b7e4402ed1bb33a52791426b5417dce21&rand=04230542&expected_cookie=c4698b18-faab-43d2-a3fd-e1b2caf9d10d
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:39 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: F913672ECA6A44A495AE33251090FB9E Ref B: MIA301000107011 Ref C: 2023-12-01T16:56:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLdabu4HzLj5eQN0WfbQ==

Redirect headers

date: Fri, 01 Dec 2023 16:56:38 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 6175A25914DD4291B5CB16065A4DF270 Ref B: MIA301000107011 Ref C: 2023-12-01T16:56:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: /db_sync?pid=10339&puuid=5d84e1dc43cb8ae1e99734b04d833ca1a21fa2730853290b7e4402ed1bb33a52791426b5417dce21&rand=04230542&expected_cookie=c4698b18-faab-43d2-a3fd-e1b2caf9d10d
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLdabs/4O2qI2uNjZvTg==

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bmIxRFlROU9GR1U4&muidn=nb1DYQ9OFGU8
https://cm.mgid.com/google?muidn=nb1DYQ9OFGU8&google_ula={guid},5&google_gid=CAESEB8gW9IY9IKO5rwjuRgQHPA&google_cver=1

0
45 B

68ms
68ms

Image
text/plain

2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/google?muidn=nb1DYQ9OFGU8&google_ula={guid},5&google_gid=CAESEB8gW9IY9IKO5rwjuRgQHPA&google_cver=1

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain
cf-ray: 82ecdd609e0a21df-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.mgid.com/google?muidn=nb1DYQ9OFGU8&google_ula={guid},5&google_gid=CAESEB8gW9IY9IKO5rwjuRgQHPA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://cm.rtbsystem.com/mgid?c=nb1DYQ9OFGU8&gdpr=0&gdpr_consent=&us_privacy=&cd=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D556372%26c%3D%24%7BUSER%7D
https://cm.mgid.com/m?cdsp=556372&c=3454e078-d840-5a10-9cdd-5eadba6be3ba

43 B
480 B

63ms
63ms

Image
image/gif

2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=556372&c=3454e078-d840-5a10-9cdd-5eadba6be3ba

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Server

2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82ecdd610c55288c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

date: Fri, 01 Dec 2023 16:56:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBYX7sAGBQs1lfFu4ZyfSMKafF3maVDyowsGgz2K3lAbTmYEEI%2FJbGPKEecSoohg8twPPRjY13jU%2FShaX7%2F8eaYRbG5stOJiZrke3lk35phLhIry66tYMNUE6SyO9TNs%2FRInAcmDLH9agZogwMKx"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
location: https://cm.mgid.com/m?cdsp=556372&c=3454e078-d840-5a10-9cdd-5eadba6be3ba
cf-ray: 82ecdd601cca6dd4-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=322eb0c1-401b-43b0-ae5c-052d5dbea91d

43 B
496 B

64ms
64ms

Image
image/gif

2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=287839&c=322eb0c1-401b-43b0-ae5c-052d5dbea91d

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Server

2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82ecdd617d2c288c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=322eb0c1-401b-43b0-ae5c-052d5dbea91d
date: Fri, 01 Dec 2023 16:56:39 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=
https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
https://cm.mgid.com/m?cdsp=501037&c=DVeO0TuBYn9S28t7-yUn9PifyJ-TziyfjiYElEHZNl4&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1

43 B
511 B

74ms
73ms

Image
image/gif

2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=501037&c=DVeO0TuBYn9S28t7-yUn9PifyJ-TziyfjiYElEHZNl4&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Server

2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82ecdd625ead288c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=DVeO0TuBYn9S28t7-yUn9PifyJ-TziyfjiYElEHZNl4&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
pragma: no-cache
date: Fri, 01 Dec 2023 16:56:39 GMT, Fri, 01 Dec 2023 16:56:39 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 sync
t.adx.opera.com/pub/ 0
413 B 380ms
125ms Image
text/plain 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/pub/sync?pub6103523253312&gdpr=0&consent=&us_privacy=
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:39 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://cm.mgid.com/m?cdsp=665953&c=7c973c29-d059-4ceb-ac60-8cd52e8c052b

43 B
516 B

64ms
63ms

Image
image/gif

2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=665953&c=7c973c29-d059-4ceb-ac60-8cd52e8c052b

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Server

2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82ecdd60dc21288c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=665953&c=7c973c29-d059-4ceb-ac60-8cd52e8c052b
access-control-allow-origin: *
date: Fri, 01 Dec 2023 16:56:39 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 712056.gif
id.rlcdn.com/ 42 B
309 B 75ms
65ms Image
image/gif 35.244.154.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/712056.gif?
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:39 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D709070%26c%3D%24UID
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D709070%26c%3D%24UID&sovrn_retry=true
https://cm.mgid.com/m?cdsp=709070&c=Hv84hLZHaa1rwto9QQe6ZX9R

43 B
526 B

65ms
64ms

Image
image/gif

2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=709070&c=Hv84hLZHaa1rwto9QQe6ZX9R

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Server

2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82ecdd62dfa3288c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

Date: Fri, 01 Dec 2023 16:56:40 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.mgid.com/m?cdsp=709070&c=Hv84hLZHaa1rwto9QQe6ZX9R
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/
Redirect Chain

https://ps.eyeota.net/match?bid=dn2m51u&uid=nb1DYQ9OFGU8&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match/bounce/?bid=dn2m51u&uid=nb1DYQ9OFGU8&gdpr=0&gdpr_consent=

70 B
440 B

54ms
54ms

Image
image/gif

18.207.77.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?bid=dn2m51u&uid=nb1DYQ9OFGU8&gdpr=0&gdpr_consent=
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: HTTP/1.1
Server: 18.207.77.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-77-150.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 01 Dec 2023 16:56:40 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?bid=dn2m51u&uid=nb1DYQ9OFGU8&gdpr=0&gdpr_consent=
Date: Fri, 01 Dec 2023 16:56:40 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

sync
visitor.omnitagjs.com/visitor/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=nb1DYQ9OFGU8&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=nb1DYQ9OFGU8&gdpr=0&gdpr_consent=&us_privacy=
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=7fd779db-678d-4fa7-b710-d67815f717b4&name=BIDSWITCH&gdpr=0&gdpr_consent=

49 B
385 B

329ms
113ms

Image
image/gif

34.213.32.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=7fd779db-678d-4fa7-b710-d67815f717b4&name=BIDSWITCH&gdpr=0&gdpr_consent=

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Server

34.213.32.158 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-213-32-158.us-west-2.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:40 GMT
via: kong/2.8.3
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 8
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

Redirect headers

Location: //visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=7fd779db-678d-4fa7-b710-d67815f717b4&name=BIDSWITCH&gdpr=0&gdpr_consent=
Date: Fri, 01 Dec 2023 16:56:40 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET e4e1f5fe20753b6b614cda48b7e3c9f7.gif
cs.admanmedia.com/ 0
0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://tracker.direct.e-volution.ai/sync?id=5&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D737576%26c%3D%7BPLL_USER_ID%7D
https://cm.mgid.com/m?cdsp=737576&c=292cea2f-c48e-92f0-5a83-4fd0f05a1615

43 B
511 B

61ms
61ms

Image
image/gif

2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=737576&c=292cea2f-c48e-92f0-5a83-4fd0f05a1615

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Server

2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82ecdd62af39288c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=737576&c=292cea2f-c48e-92f0-5a83-4fd0f05a1615
content-length: 88
content-type: text/plain; charset=utf-8

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://cs.krushmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D827026%26c%3D%5BUID%5D
https://cm.mgid.com/m?cdsp=827026&c=27173c8f-722c-4302-975b-498cc0be6530

43 B
526 B

62ms
62ms

Image
image/gif

2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=827026&c=27173c8f-722c-4302-975b-498cc0be6530

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Server

2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82ecdd62cf98288c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

Pragma: no-cache
Date: Fri, 01 Dec 2023 16:56:40 GMT
Server: nginx
Location: https://cm.mgid.com/m?cdsp=827026&c=27173c8f-722c-4302-975b-498cc0be6530
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

204
No Content

3bffc195cb0e6517abb8844d59beb2f4.gif
sync.e-volution.ai/
Redirect Chain

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=nb1DYQ9OFGU8&gdpr=0&gdpr_consent=&ccpa_consent=
https://ad.360yield.com/server_match?partner_id=1734&gdpr=0&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA_CONSENT]&r=https%3A%2F%2Fsync.e-volution.ai%2F3bffc195cb0e6517abb8844d59beb2f4.gif%3Fpuid%3D...
https://sync.e-volution.ai/3bffc195cb0e6517abb8844d59beb2f4.gif?puid=7c973c29-d059-4ceb-ac60-8cd52e8c052b

0
103 B

140ms
140ms

Image
text/plain

109.206.161.21
SERVEREL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-volution.ai/3bffc195cb0e6517abb8844d59beb2f4.gif?puid=7c973c29-d059-4ceb-ac60-8cd52e8c052b
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: HTTP/1.1
Server: 109.206.161.21 , United States, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 109.206.161.21.serverel.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 01 Dec 2023 16:56:40 GMT
Server: nginx

Redirect headers

location: https://sync.e-volution.ai/3bffc195cb0e6517abb8844d59beb2f4.gif?puid=7c973c29-d059-4ceb-ac60-8cd52e8c052b
access-control-allow-origin: *
date: Fri, 01 Dec 2023 16:56:40 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET

35410
prebid.a-mo.net/cchain/6/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F35410%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3Dfeb88240-3187-44bd-892a-e540794e010d%26bidder...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F35410%253Fgpp%253D%2526gdpr_consent%253D%2526gdpr%253D0%2526gpp_sid%253D%2526us_privacy%253D%2526A%2...
https://prebid.a-mo.net/cchain/0/35410?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=feb88240-3187-44bd-892a-e540794e010d&bidder=appnexus&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid...
https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F35410%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%...
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F35410%3Fus_privacy%3D1---%26gpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3Dfeb882...
https://prebid.a-mo.net/cchain/2/35410?us_privacy=1---&gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=feb88240-3187-44bd-892a-e540794e010d&bidder=index_rtb&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A...
https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F35410%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3Dfeb88240-3187-44...
https://prebid.a-mo.net/cchain/3/35410?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=feb88240-3187-44bd-892a-e540794e010d&bidder=sovrn&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=Hv...
https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F35410%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3Dfeb88240-3187...
https://rtb.openx.net/sync/prebid?gdpr=0&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F35410%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3Dfeb88240-3187-44bd-892a-e54079...
https://prebid.a-mo.net/cchain/5/35410?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=feb88240-3187-44bd-892a-e540794e010d&bidder=openx&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=92...
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-m...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECfV3hKcDxuJiHzZmi4Nmk0&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:692D71AA20FD40C1BF09D437986BD216
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F6%2F35410%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3Dfeb882...
https://prebid.a-mo.net/cchain/6/35410?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=feb88240-3187-44bd-892a-e540794e010d&bidder=pubmatic&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid...

0
0

GET
DATA 200
OK truncated
/ Frame 42C2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9af20e2829926d065f28c916c28927f967ad4b3d7f443bd8aad25d7eede2b322

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 42C2 0
388 B 90ms
89ms Image
text/html 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CC-R-RRBqZZTrO4iYrr4PwcKB8A7S4Nfgbo-ktpOTCsCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTIxMDIzNjU2NDc2Njg2ODjIAQmoAwHIAwKqBPkBT9A1tMwvO80C2eRoOeyIoLrUQTJPBYKI7e2k4D0YaR_Jn6maao0jmDfSPPC82Xie4Oq6uHCuYT1V6mhInTJMcAW6evE5OD512YignEis7p1ZIwml4ijDqfvHQMJB7Z2aHN3wqHN4jOL86PNHXhntOpD0n6VNnd9rMkhj1numNFCuHzEg6L9ETF4fpT4UbizNVJJeKd7Haj8LKz3QUpS3svBHV2UAQrFj-gZLiTSNuS59GXuV49CQctRAyS5cLIrGi2xC2GQT22MKm3NIJ0WxvA-GOYkZhj8XCq24zFcRzBkdrA1F8LJ58xgyj0yevwXA6EfSRWkgUXw6gAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPvrvrba7oIDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTIxMDIzNjU2NDc2Njg2ODgYAA&sigh=7dycCc7qad8&uach_m=%5BUACH%5D&cid=CAQSTwDICaaNq41YaS2PSElBZoQDlMqxB2TEl3bpLMZ4gPldR1y3NaZurkTXtSLnbEFPFuj0gkxpq8Sd2d0gNxSNO0HyJT7RwVl_Ut-iwku4HCsYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2102365647668688&output=html&h=600&slotname=6534705562&adk=119056837&adf=436554144&pi=t.ma~as.6534705562&w=260&fwrn=4&fwrnh=100&lmt=1701449797&rafmt=1&format=260x600&url=https%3A%2F%2Fhallo.terselubung.id%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701449797435&bpp=2&bdt=568&idt=446&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4376537079376&frm=20&pv=1&ga_vid=1894680808.1701449798&ga_sid=1701449798&ga_hid=1278904854&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079715%2C44795922%2C31078301%2C31079889%2C44806141%2C44807764%2C44808148%2C44808285%2C44809071&oid=2&pvsid=3450781561121088&tmod=245653491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=452
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 01 Dec 2023 16:56:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Dec 2023 16:56:39 GMT

GET
H2 200 it
nym1-ib.adnxs.com/ Frame 42C2 0
531 B 71ms
70ms Image
text/html 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fhallo.terselubung.id&e=wqT_3QKcB-icAwAAAwDWAAUBCMagqKsGELemutbHyZ-DLRgAKjYJR2VivFvPjj8RSC8C-439jT8ZexSuR-F6hD8hSA0SACkRJAAxERuoMKTu4wM4tQFAtV5I4wNQuomKtgFYwLE9YABon6RUeACAAQGKAQNVU0SSAQEG8FKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBEDEtdGVyc2VsdWJ1bmcuaWTYAvAG4AKiqDHqAhxodHRwczovL2hhbGxvLnRlch0oXIADAIgDAZADAJgDCaADAaoDmAMKwgJodAky8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NGVjZGVhMmYtZDgxYS00ODc5LWFkMzQtYjhmNjkyMzE3ODk4JmJpZElkPTImYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJWFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4ANI5tALhydHlwZT1udXJsJnRhZ0lkPTc5Mjc1ODgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_BJX2VyZGhyZmdZcmlyeVkxJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMzI0NDQxOTQ0ODUwOTk5Mzc4MyIJMzgxODQ2NzE0KgQhX_CVOiRVMmh2Y0hCcGJtZEJaQ014TkRBM056YzRNemsxTnpRNE9UTXfAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFm8L0_pzxjrQnwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ9w2AUA4AUB8AX60AX6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFoEAAYAOAGAfIGAggAgAcBiAcAoAcByAcA0gcNFWMBJAjaBwYBXLQYAOAHAOoHAggA8AfcjMgEiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=7a159509b311893cf215963dfb21b3efd0f40b4a&pp=ZWoQRQAO9ZQBy4wIAABhQUjq_DCvWn-XePSYwg&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHHD9RRBqZZTrO4iYrr4PwcKB8A7S4Nfgbo-ktpOTCsCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTIxMDIzNjU2NDc2Njg2ODjIAQmoAwHIAwKqBPwBT9A1tMwvO80C2eRoOeyIoLrUQTJPBYKI7e2k4D0YaR_Jn6maao0jmDfSPPC82Xie4Oq6uHCuYT1V6mhInTJMcAW6evE5OD512YignEis7p1ZIwml4ijDqfvHQMJB7Z2aHN3wqHN4jOL86PNHXhntOpD0n6VNnd9rMkhj1numNFCuHzEg6L9ETF4fpT4UbizNVJJeKd7Haj8LKz3QUpS3svBHV2UAQrFj-gZLiTSNuS59GXuV49CQctRAyS5cLIrGi2xC2GQT22MKm3NIJ0WxvA-GOcsbp63VrlfVWK1leYdEKLtB07j9-jYqVu4Y5oF8aG3-XamhsxGuVt-_gAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPvrvrba7oID-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_24RL9QpaywmMDaxczLDtYKiIvN4w%26client%3Dca-pub-2102365647668688%26adurl%3D&cbvp=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:39 GMT
an-x-request-uuid: 9e9cd700-9992-4983-b90c-abe8073bf3bd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.67; 38.132.118.67; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
nym1-ib.adnxs.com/ Frame 42C2 0
555 B 63ms
62ms Ping
text/html 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fhallo.terselubung.id&e=wqT_3QKcB-icAwAAAwDWAAUBCMagqKsGELemutbHyZ-DLRgAKjYJR2VivFvPjj8RSC8C-439jT8ZexSuR-F6hD8hSA0SACkRJAAxERuoMKTu4wM4tQFAtV5I4wNQuomKtgFYwLE9YABon6RUeACAAQGKAQNVU0SSAQEG8FKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBEDEtdGVyc2VsdWJ1bmcuaWTYAvAG4AKiqDHqAhxodHRwczovL2hhbGxvLnRlch0oXIADAIgDAZADAJgDCaADAaoDmAMKwgJodAky8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NGVjZGVhMmYtZDgxYS00ODc5LWFkMzQtYjhmNjkyMzE3ODk4JmJpZElkPTImYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJWFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4ANI5tALhydHlwZT1udXJsJnRhZ0lkPTc5Mjc1ODgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_BJX2VyZGhyZmdZcmlyeVkxJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMzI0NDQxOTQ0ODUwOTk5Mzc4MyIJMzgxODQ2NzE0KgQhX_CVOiRVMmh2Y0hCcGJtZEJaQ014TkRBM056YzRNemsxTnpRNE9UTXfAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFm8L0_pzxjrQnwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ9w2AUA4AUB8AX60AX6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFoEAAYAOAGAfIGAggAgAcBiAcAoAcByAcA0gcNFWMBJAjaBwYBXLQYAOAHAOoHAggA8AfcjMgEiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=7a159509b311893cf215963dfb21b3efd0f40b4a&type=nv&nvt=5&jm=1003&px=50&py=0&bw=160&bh=160&sid=4135771901836869294&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7927588&sw=1600&sh=1200&pw=260&ph=600&ww=260&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:39 GMT
an-x-request-uuid: 7ef19560-d12a-42e5-80ae-84585d0345e1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.67; 38.132.118.67; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame 09DE 0
0 160ms
159ms Document
text/html 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cdn.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82ecdd603d1b8dc1-MIA
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 16:56:39 GMT
server: cloudflare
vary: Accept-Encoding Origin

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3A62 46 KB
13 KB 57ms
56ms Script
text/html 23.222.193.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.193.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-222-193-103.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 639ed9fa05fb0d30c4d3d58bd68e5fb2fd805db4be42cb6c15d9d5c00cf7fd3e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 16:56:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Nov 2023 22:58:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21648
Connection: keep-alive
Content-Length: 13236
Expires: Fri, 01 Dec 2023 22:57:27 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 3A62 7 B
778 B 287ms
57ms XHR
application/json 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 966e54b6201ecd300c4db0efc0f5781a
Expires: 0

GET
H3

200

m
cm.mgid.com/ Frame 3A62
Redirect Chain

https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=mgid&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&khaos=LPMVA43O-1D-DVYE
https://cm.mgid.com/m?cdsp=43070&c=LPMVA43O-1D-DVYE&gdpr=0

43 B
556 B

63ms
62ms

Image
image/gif

2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=43070&c=LPMVA43O-1D-DVYE&gdpr=0

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Server

2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 82ecdd66ff8a288c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.mgid.com/m?cdsp=43070&c=LPMVA43O-1D-DVYE&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: dbbc2dbf689859fb5870b364473d5441
Expires: 0

GET
H3

200

c.gif
www.bing.com/aes/ Frame 42C2
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=52f3832c-3bec-4520-a74e-09df43c3b058&bidId=2&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=4ecdea2f-d81a-4879-ad3...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=6751c1b35d8b44dd9448c37ada25e3cf&tids=2&med=10

0
18 B

88ms
88ms

Image
text/plain

2600:1408:c400:c::17cd:6887
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=6751c1b35d8b44dd9448c37ada25e3cf&tids=2&med=10
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H3
Server: 2600:1408:c400:c::17cd:6887 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D350535F1C1342289D3746F122938176 Ref B: ASHEDGE1307 Ref C: 2023-12-01T16:56:40Z
x-cdn-traceid: 0.87dcda17.1701449800.b601988
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 01 Dec 2023 16:56:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7E522EC08EAD4DE2A26564202F3B793B Ref B: ASHEDGE1514 Ref C: 2023-12-01T16:56:40Z
x-cdn-traceid: 0.87dcda17.1701449800.b601846
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=6751c1b35d8b44dd9448c37ada25e3cf&tids=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 142
quic-version: 0x00000001

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3A62
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0
https://s.amazon-adsystem.com/ecm3?id=LPMVA43O-1D-DVYE&ex=d-rubiconproject.com&status=ok&gdpr=0

43 B
720 B

192ms
157ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LPMVA43O-1D-DVYE&ex=d-rubiconproject.com&status=ok&gdpr=0

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Dec 2023 16:56:40 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EAWB9SNXGH3P7AZ6CC2A
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LPMVA43O-1D-DVYE&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ffef7c53154b04a892ce1f9531c32cb1
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 3A62
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
https://pr-bh.ybp.yahoo.com/sync/rubicon/ImNB5_hnZJIZ5XzU-okW1Mn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-x8m9XoxE2oLnERo8tG5qkkGAVAQNleRW3skEGA--~A

42 B
844 B

215ms
54ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-x8m9XoxE2oLnERo8tG5qkkGAVAQNleRW3skEGA--~A
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 8bab65602db075726861004da5629947
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 01 Dec 2023 16:56:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-x8m9XoxE2oLnERo8tG5qkkGAVAQNleRW3skEGA--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3A62
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ItQntsiPTaCKFg5cLU6tKw&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ItQntsiPTaCKFg5cLU6tKw&gdpr=0

43 B
479 B

142ms
141ms

Image
image/gif

67.220.228.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ItQntsiPTaCKFg5cLU6tKw&gdpr=0

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

HTTP/1.1

Server

67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Dec 2023 16:56:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Y0DS4K0RSZSBCEBACP6C
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ItQntsiPTaCKFg5cLU6tKw&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5e07703167439847c6c49a939083c0fd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 3A62
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPMVA43O-1D-DVYE&gdpr=0

0
143 B

80ms
80ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPMVA43O-1D-DVYE&gdpr=0
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:39 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: B38D634D91854315B1D9496288EC5CBB Ref B: MIA301000107011 Ref C: 2023-12-01T16:56:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLdab2//SGZEtdDLnhAA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPMVA43O-1D-DVYE&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1df09169f58a071f2a391dff1b3307b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A62
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzgwZWM5NDhjNzBkOTExN2I0MjhhYTVhNTg5NjgzMThjMTIyZDQ0Mw&gdpr=0

170 B
188 B

66ms
65ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzgwZWM5NDhjNzBkOTExN2I0MjhhYTVhNTg5NjgzMThjMTIyZDQ0Mw&gdpr=0

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzgwZWM5NDhjNzBkOTExN2I0MjhhYTVhNTg5NjgzMThjMTIyZDQ0Mw&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78008fe701b681dce86a72fc23cacc40
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 3A62
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEDrCAQDolHPGAABw9o2jSo&google_cver=1

42 B
844 B

308ms
154ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEDrCAQDolHPGAABw9o2jSo&google_cver=1
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e1bddfc34a927e97bda010c0d8a62b62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEDrCAQDolHPGAABw9o2jSo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 3A62
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://match.adsrvr.org/track/cmb/rubicon?gdpr=0
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=341f2b48-d090-40ef-9f31-633f83142a23&gdpr=0&gdpr_consent=&expires=30

42 B
844 B

225ms
56ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=341f2b48-d090-40ef-9f31-633f83142a23&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 20e8391fc78a9019eb67dba4b22f0ac2
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=341f2b48-d090-40ef-9f31-633f83142a23&gdpr=0&gdpr_consent=&expires=30
date: Fri, 01 Dec 2023 16:56:40 GMT
server: Kestrel
content-length: 289

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3A62
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=SF3tdscJQS21R8iZjKzvIw&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=SF3tdscJQS21R8iZjKzvIw&gdpr=0

43 B
479 B

59ms
59ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=SF3tdscJQS21R8iZjKzvIw&gdpr=0

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Dec 2023 16:56:40 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: E80XHXM7H6VMB0KXSNH2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=SF3tdscJQS21R8iZjKzvIw&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a0d1cefc91c6f8b22fd2adf3abe06a61
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A62
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBNVkE0M08tMUQtRFZZRQ==&gdpr=0
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEKgJfRiM5-KNcNQiHdkCnq0&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNVkE0M08tMUQtRFZZRQ==&google_push=&gdpr=0

170 B
188 B

63ms
63ms

Image
image/png

172.253.62.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNVkE0M08tMUQtRFZZRQ==&google_push=&gdpr=0

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Server

172.253.62.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNVkE0M08tMUQtRFZZRQ==&google_push=&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e1bddfc34a927e97bda010c0d8a62b62
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 3A62
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACAwk7K1CEAABI_TdS3Zw&expires=30&gdpr=0

42 B
844 B

243ms
54ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACAwk7K1CEAABI_TdS3Zw&expires=30&gdpr=0
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 0b388c490ecfef74be7d13328a4f3ac3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACAwk7K1CEAABI_TdS3Zw&expires=30&gdpr=0
Date: Fri, 01 Dec 2023 16:56:40 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame 3A62
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPMVA43O-1D-DVYE&gdpr=0

43 B
1 KB

64ms
63ms

Image
image/gif

68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPMVA43O-1D-DVYE&gdpr=0

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Server

68.67.160.186 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:40 GMT
an-x-request-uuid: 0d9b95f2-01a1-4c2d-aef5-94f91391618b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.67; 38.132.118.67; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPMVA43O-1D-DVYE&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 19c1ac3b9706c83a73951eba4d239689
Expires: 0

GET
H2

403

ProfilesEngineServlet
syncv4.intentiq.com/profiles_engine/ Frame 3A62
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPMVA43O-1D-DVYE&gdpr=0
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPMVA43O-1D-DVYE
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPMVA43O-1D-DVYE&ripv6=2001:550:1d05:1::11

0
0

220ms
70ms

Image
text/html

54.192.51.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPMVA43O-1D-DVYE&ripv6=2001:550:1d05:1::11
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Server: 54.192.51.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-51-109.yul62.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Redirect headers

date: Fri, 01 Dec 2023 16:56:41 GMT
via: 1.1 49a31eb192d176b36bdbd7d7f218656a.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: YUL62-C2
x-cache: Miss from cloudfront
location: https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPMVA43O-1D-DVYE&ripv6=2001:550:1d05:1::11
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: Iem2KiQbbypeKYDN7WP_hIdNPkVt7VwPEDL8yDVn-pGCKT0m93Ik7g==

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 3A62
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0
https://ce.lijit.com/merge?pid=80&3pid=LPMVA43O-1D-DVYE&gdpr=0

43 B
664 B

221ms
77ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LPMVA43O-1D-DVYE&gdpr=0
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Dec 2023 16:56:41 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=80&3pid=LPMVA43O-1D-DVYE&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e71ccbe96f42d70fa40603ada4c96b28
Expires: 0

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 3A62
Redirect Chain

https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPMVA43O-1D-DVYE&gdpr=0
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LPMVA43O-1D-DVYE&gdpr=0

95 B
428 B

64ms
64ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LPMVA43O-1D-DVYE&gdpr=0

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Fri, 01 Dec 2023 16:56:40 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LPMVA43O-1D-DVYE&gdpr=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

cksync
hb.yahoo.net/ Frame 3A62
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr=0
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPMVA43O-1D-DVYE&redir=true&gdpr=0
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPMVA43O-1D-DVYE&gdpr=0&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS12V3dST3daRTJ1RU95elc4cUF5c0pUNjR6SjRYR1hzbX5B&gdpr=0&ovsid=LPMVA43O-1D-DVYE&dpid=58160

53 B
647 B

299ms
101ms

Image
image/gif

23.55.243.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS12V3dST3daRTJ1RU95elc4cUF5c0pUNjR6SjRYR1hzbX5B&gdpr=0&ovsid=LPMVA43O-1D-DVYE&dpid=58160

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Server

23.55.243.218 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-55-243-218.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Fri, 01 Dec 2023 16:56:41 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Fri, 01 Dec 2023 16:56:41 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS12V3dST3daRTJ1RU95elc4cUF5c0pUNjR6SjRYR1hzbX5B&gdpr=0&ovsid=LPMVA43O-1D-DVYE&dpid=58160
date: Fri, 01 Dec 2023 16:56:41 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 3A62
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPMVA43O-1D-DVYE&gdpr=0

68 B
280 B

162ms
51ms

Image
image/png

34.225.212.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPMVA43O-1D-DVYE&gdpr=0
Requested by: Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/
Protocol: H2
Server: 34.225.212.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-212-107.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:41 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPMVA43O-1D-DVYE&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f84b118a3f01dd6ffa744f6af941f4e8
Expires: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 42C2 42 B
174 B 175ms
174ms Fetch
image/gif 2607:f8b0:4004:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-tX3uubLlYV_Y3RNQWRaP4udagmdT_eCVBuN_vTTd3vKT22-X4JFntOWchJzkC3nRHtEfDroSRt1A7yu4kCTwD-Q84HXdr8JFP6eWeMhxYFgOPwNjKURh&sig=Cg0ArKJSzCi_nGbdep0AEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=119056837&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701449799136&rpt=429&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 c
c.mgid.com/ 43 B
229 B 173ms
173ms Image
image/gif 2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/c?v=257|210|8|PkV1T6X5A38PArPXndxmSVjPpPASWWR5180bvvtH0JHefUm8pX_rnS1_5SUMI1pKsu8F_BlGGmodEE9gaimN3Q**&fw=1&f=1&cid=1523443&cbuster=1701449800606299383259&pageImp=1&pvid=18c264f9159a0a4c382&pv=3&h2=uhtLXf3QoU3zh6VX8sSo-SRJbz7sxNRMSMwevDm0hHU*&rid=98636da0-906a-11ee-9a98-c84bd684f2a6&tt=Direct&iv=11&completion=1,4&muidn=nb1DYQ9OFGU8

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-mg-request-uuid: 4d03e689-8325-4ea3-8022-217ac1bd7f84
server: cloudflare
content-type: image/gif
cf-ray: 82ecdd65ed75288c-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 1x1.gif
a.mgid.com/ 43 B
201 B 169ms
159ms Image
image/gif 2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.mgid.com/1x1.gif?id=135309&type=c&tg=aa26f537f8ab5657f6c2acec581474c3&gdpr=0&gdpr_consent=&us_privacy=&mgbuster=03412

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:56:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 82ecdd65fcaa21df-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

POST
H2 200 vevent
nym1-ib.adnxs.com/ Frame 42C2 0
669 B 159ms
159ms Ping
text/html 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fhallo.terselubung.id&e=wqT_3QKcB-icAwAAAwDWAAUBCMagqKsGELemutbHyZ-DLRgAKjYJR2VivFvPjj8RSC8C-439jT8ZexSuR-F6hD8hSA0SACkRJAAxERuoMKTu4wM4tQFAtV5I4wNQuomKtgFYwLE9YABon6RUeACAAQGKAQNVU0SSAQEG8FKYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBEDEtdGVyc2VsdWJ1bmcuaWTYAvAG4AKiqDHqAhxodHRwczovL2hhbGxvLnRlch0oXIADAIgDAZADAJgDCaADAaoDmAMKwgJodAky8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NGVjZGVhMmYtZDgxYS00ODc5LWFkMzQtYjhmNjkyMzE3ODk4JmJpZElkPTImYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJWFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4ANI5tALhydHlwZT1udXJsJnRhZ0lkPTc5Mjc1ODgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_BJX2VyZGhyZmdZcmlyeVkxJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMzI0NDQxOTQ0ODUwOTk5Mzc4MyIJMzgxODQ2NzE0KgQhX_CVOiRVMmh2Y0hCcGJtZEJaQ014TkRBM056YzRNemsxTnpRNE9UTXfAA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFm8L0_pzxjrQnwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ9w2AUA4AUB8AX60AX6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFoEAAYAOAGAfIGAggAgAcBiAcAoAcByAcA0gcNFWMBJAjaBwYBXLQYAOAHAOoHAggA8AfcjMgEiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=7a159509b311893cf215963dfb21b3efd0f40b4a&type=pv&jm=1003&px=50&py=0&bw=160&bh=160&sf=1&sid=4135771901836869294&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7927588&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:40 GMT
an-x-request-uuid: ee0cf8d0-0038-4759-ae10-ecdbaa99f7fc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.67; 38.132.118.67; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
280 B 442ms
140ms Fetch
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

95645b244bad6f1faffec1919e02eb9c4cb7b17a10a64ecf63d58537620d9420

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: https://hallo.terselubung.id
date: Fri, 01 Dec 2023 16:56:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 v3 Show response
id5-sync.com/gm/ 691 B
1 KB 440ms
145ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

0708ff3d6df86ffe24e47f9312b8d774b75a0b8c3676c6565b859c58fb4deb54

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hallo.terselubung.id/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hallo.terselubung.id
date: Fri, 01 Dec 2023 16:56:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2

200

9.gif
id5-sync.com/c/231/203/0/
Redirect Chain

https://id5-sync.com/i/231/8.gif?id5id=ID5*hj9baQxS3_3_qdGOtfHWxP7_oqIUhdVrSHwGR7UeF01x80xH6nbkQB3bKbYtdXSdcfSUBKdsmG1uvyfD0G5u8A&o=api&gdpr_consent=undefined&gdpr=false
https://ib.adnxs.com/getuid?https://id5-sync.com/c/231/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/231/2/7/2.gif?puid=2420001899979848974&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=341f2b48-d090-40ef-9f31-633f83142a23&ttl=%%TTL%%
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F108%2F5%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
https://id5-sync.com/c/231/108/5/4.gif?puid=6ea8670b-9af2-4ae1-9f9e-457b4a27ec30&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
https://id5-sync.com/k/155.gif?puid=AACAwk7K1CEAABI_TdS3Zw&id5AccountNum=155&numCascadesAllowed=9
https://ce.lijit.com/merge?pid=27&3pid=341f2b48-d090-40ef-9f31-633f83142a23&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F1245%2F3%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%...
https://id5-sync.com/c/231/1245/3/6.gif?puid=Hv84hLZHaa1rwto9QQe6ZX9R&gdpr=0&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-a19b61y99hins4VS_7TPGfHAqfOLt2CvcmRMUhB1Rg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F231%2F124%2F2%2F7.gif%3Fpuid%3D...
https://id5-sync.com/cq/231/124/2/7.gif?puid=7c973c29-d059-4ceb-ac60-8cd52e8c052b&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F429%2F1%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://id5-sync.com/c/231/429/1/8.gif?puid=27BC1097-8D73-437B-A152-F22A8660FC44&gdpr=0&gdpr_consent=
https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F231%2F203%2F0%2F9.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/231/203/0/9.gif?puid=a772c64a-07e8-40b6-83af-a6e87b94440f&gdpr=0&gdpr_consent=

43 B
1 KB

145ms
144ms

Image
image/gif

162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/231/203/0/9.gif?puid=a772c64a-07e8-40b6-83af-a6e87b94440f&gdpr=0&gdpr_consent=

Requested by

Host: hallo.terselubung.id
URL: https://hallo.terselubung.id/

Protocol

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hallo.terselubung.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Fri, 01 Dec 2023 16:56:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 16:56:42 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://id5-sync.com/c/231/203/0/9.gif?puid=a772c64a-07e8-40b6-83af-a6e87b94440f&gdpr=0&gdpr_consent=
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 995680
content-length: 0
expires: Fri, 01 Dec 2023 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?gdpr=0&gdpr_consent=&ccpa=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D675043%26c%3D%5BUID%5D

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/6/35410?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=feb88240-3187-44bd-892a-e540794e010d&bidder=pubmatic&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=27BC1097-8D73-437B-A152-F22A8660FC44

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

95 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-20 16:37:31	Name: __cf_bm Value: TYY1kxwbPxcqZNtTDm_QzBRKwsUCHbMAXk1cMf0YFAU-1701449797-0-AQPGSyZv8BEzY7Wpy5SSWQk4O0VUrQ/25/LpsAgIONZncT8INwfxNCFeb+ChtrzRRH0x5UxEHP3kNpR5dykgsNM=
.mgid.com/	1970-01-21 01:23:05	Name: muidn Value: nb1DYQ9OFGU8
.bing.com/	1970-01-21 01:59:05	Name: MUID Value: 3C36ED975D5162F82477FE4D5C4363A0
hallo.terselubung.id/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1523443%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221701449799369%22%7D%7D
.rlcdn.com/	1970-01-21 01:23:05	Name: rlas3 Value: 4o1Ej5EUqbmzNZvNQhmAlEfgI4XRGwf8rDyzlSJdE84=
.terselubung.id/	1970-01-21 01:59:05	Name: __gads Value: ID=98ec742cdbc25d5d:T=1701449797:RT=1701449797:S=ALNI_MYbFuaUoHu8mlcVjhOCIVHPSza-rg
.terselubung.id/	1970-01-21 01:59:05	Name: __gpi Value: UID=00000da50710882a:T=1701449797:RT=1701449797:S=ALNI_MaSdk9IuPPXUUb6lQE8IsnatqOLRw
.rlcdn.com/	1970-01-20 18:03:53	Name: pxrc Value: CMegqKsGEgUI6AcQABIFCOhHEAA=
.360yield.com/	1970-01-20 18:47:05	Name: tuuid Value: 7c973c29-d059-4ceb-ac60-8cd52e8c052b
.360yield.com/	1970-01-20 18:47:05	Name: tuuid_lu Value: 1701449799
.doubleclick.net/	1970-01-21 02:13:29	Name: IDE Value: AHWqTUktFtqr1JUyNl6jCsq-FRuzvEaLPL0ofbXib_W3maHed2pTbfotEK_xQm3P5zE
.pubmatic.com/	1970-01-20 16:38:56	Name: KTPCACOOKIE Value: YES
.pippio.com/	1970-01-21 01:23:05	Name: did Value: c1fWuoWoW27Mwsu1
.pippio.com/	1970-01-21 01:23:05	Name: didts Value: 1701449799
.pippio.com/	1970-01-20 18:03:53	Name: nnls Value:
.pippio.com/	1970-01-20 18:03:53	Name: pxrc Value: CMegqKsGEgYIgr0rEAA=
.mfadsrvr.com/	1970-01-21 02:13:29	Name: tuuid Value: 322eb0c1-401b-43b0-ae5c-052d5dbea91d
.mfadsrvr.com/	1970-01-21 02:13:29	Name: c Value: 1701449799
.mfadsrvr.com/	1970-01-21 02:13:29	Name: tuuid_lu Value: 1701449799
.rtbsystem.com/	1970-01-21 01:23:05	Name: ut-0 Value: 3454e078-d840-5a10-9cdd-5eadba6be3ba
.rtbsystem.com/	1970-01-21 01:23:05	Name: ut-28 Value: 6694419004565
.rtbsystem.com/	1970-01-21 01:23:05	Name: ut-15 Value: D10108E6590C9906E211A4939CE357E7D870132E533223E0456EE834E00B626D
.adx.opera.com/	1970-01-21 01:23:05	Name: UID Value: OPU5533727cc2d042af80af2e7fa74ba5f4
.pubmatic.com/	1970-01-21 01:23:05	Name: KADUSERCOOKIE Value: 27BC1097-8D73-437B-A152-F22A8660FC44
.creativecdn.com/	1970-01-21 01:23:05	Name: u Value: crx0MASzdci5SBE9zbtP
.creativecdn.com/	1970-01-21 01:23:05	Name: g Value: crx0MASzdci5SBE9zbtP_1701449799821
.creativecdn.com/	1970-01-21 01:23:05	Name: ts Value: 1701449799
hallo.terselubung.id/	1970-01-20 17:20:41	Name: _pbjs_userid_consent_data Value: 3524755945110770
.mfadsrvr.com/	1970-01-21 02:13:29	Name: ssh Value: !mgid,1701449799
.linkedin.com/	1970-01-20 18:47:05	Name: li_sugr Value: c4698b18-faab-43d2-a3fd-e1b2caf9d10d
.linkedin.com/	1970-01-21 01:23:05	Name: bcookie Value: "v=2&3896d51a-fb52-4097-8f86-45fdbfdc9493"
.linkedin.com/	1970-01-20 16:38:56	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3138:u=1:x=1:i=1701449799:t=1701536199:v=2:sig=AQFSppNN2UTqCQ--XTmxhYismn1LWLyN"
.lijit.com/	1970-01-21 01:23:05	Name: ljt_reader Value: Hv84hLZHaa1rwto9QQe6ZX9R
.bidswitch.net/	1970-01-21 01:23:05	Name: tuuid Value: 7fd779db-678d-4fa7-b710-d67815f717b4
.bidswitch.net/	1970-01-21 01:23:05	Name: c Value: 1701449800
.bidswitch.net/	1970-01-21 01:23:05	Name: tuuid_lu Value: 1701449800
.eyeota.net/	1970-01-21 01:24:32	Name: mako_uid Value: 18c264f9958-12fb0000010a5579
.eyeota.net/	1970-01-20 16:37:30	Name: SERVERID Value: 21881~DM
.e-volution.ai/	1970-01-20 17:20:41	Name: lluid Value: 292cea2f-c48e-92f0-5a83-4fd0f05a1615
.krushmedia.com/	1970-01-20 16:57:39	Name: krm_usr Value: 27173c8f-722c-4302-975b-498cc0be6530
.krushmedia.com/	1970-01-20 16:57:39	Name: krm_r Value: 574
.prebid.a-mo.net/	1970-01-20 16:38:56	Name: _sv3_0 Value: 1
.a-mo.net/	1970-01-21 01:23:05	Name: amuid2 Value: feb88240-3187-44bd-892a-e540794e010d
.prebid.a-mo.net/	1970-01-21 01:23:05	Name: sd_amuid2 Value: feb88240-3187-44bd-892a-e540794e010d
.rubiconproject.com/	1970-01-21 01:23:05	Name: khaos Value: LPMVA43O-1D-DVYE
.adnxs.com/	1970-01-20 18:47:05	Name: uuid2 Value: 2420001899979848974
.e-volution.ai/	1970-01-20 16:57:39	Name: v_usr Value: df2ee335-1599-4b24-ba67-1c82d5890f10
.e-volution.ai/	1970-01-20 16:57:39	Name: v_red Value: 4
.omnitagjs.com/	1970-01-20 17:20:41	Name: ayl_visitor Value: f775e58b10806ef8a695bd98cbadf7fb
.prebid.a-mo.net/	1970-01-20 16:38:56	Name: _sv3_2 Value: 1
.adsrvr.org/	1970-01-21 01:24:32	Name: TDID Value: 341f2b48-d090-40ef-9f31-633f83142a23
.casalemedia.com/	1970-01-21 01:23:05	Name: CMID Value: ZWoQSMgdQyY5-k5tdjVvHQAA
.casalemedia.com/	1970-01-20 18:47:05	Name: CMPS Value: 2911
.casalemedia.com/	1970-01-20 18:47:05	Name: CMPRO Value: 2911
pixel.rubiconproject.com/	1970-01-20 18:47:05	Name: receive-cookie-deprecation Value: 1
.yahoo.com/	1970-01-21 01:23:27	Name: A3 Value: d=AQABBEgQamUCEMiJOjipw4z2vPVwgy0Et-gFEgEBAQFha2VzZQAAAAAA_eMAAA&S=AQAAAu11dzy6qmfc1wuDVha3u_Y
.amazon-adsystem.com/	1970-01-21 02:13:29	Name: ad-privacy Value: 0
.bidr.io/	1970-01-21 02:05:59	Name: bito Value: AACAwk7K1CEAABI_TdS3Zw
.bidr.io/	1970-01-21 02:05:59	Name: bitoIsSecure Value: ok
pixel-us-west.rubiconproject.com/	1970-01-20 18:47:05	Name: receive-cookie-deprecation Value: 1
.prebid.a-mo.net/	1970-01-20 16:38:56	Name: _sv3_3 Value: 1
cm.mgid.com/	1970-01-20 17:20:41	Name: mg_sync Value: {"265689":1701449799,"287839":1701449799,"363887":1701449799,"43070":1701449800,"433146":1701449799,"501037":1701449800,"516418":1701449799,"556372":1701449799,"709070":1701449800,"709071":1701449799,"712807":1701449800,"720798":1701449799}
.adnxs.com/	1970-01-20 18:47:05	Name: anj Value: dTM7k!M4/YCxrEQF']wIg2C%sn1^w2!]tbP6j2F-.aDabByFnKcfLtZglJEbCj@]sk0Qzw@XkM)x%#8qF1`*b^9p(Jke$
.adnxs.com/	1970-01-20 18:47:05	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxQTVZBNDNPLTFELURWWUUiLCJleHBpcmVzIjoiMjAyNC0wMi0yOVQxNjo1Njo0MFoifX0sImJpcnRoZGF5IjoiMjAyMy0xMi0wMVQxNjo1Njo0MFoifQ==
.prebid.a-mo.net/	1970-01-20 16:38:56	Name: _sv3_13 Value: 1
.tapad.com/	1970-01-20 18:03:53	Name: TapAd_TS Value: 1701449800983
.tapad.com/	1970-01-20 18:03:53	Name: TapAd_DID Value: 6ea8670b-9af2-4ae1-9f9e-457b4a27ec30
.primis.tech/	1970-01-20 17:13:29	Name: csuuid Value: 656a104909c54
.tapad.com/	1970-01-20 18:03:53	Name: TapAd_3WAY_SYNCS Value:
.openx.net/	1970-01-21 01:23:05	Name: i Value: 782481c2-9853-4155-944b-728feb136cfe%7C1701449801
.sharethrough.com/	1970-01-20 17:20:41	Name: stx_user_id Value: 55dc3f71-5131-43b3-bf88-c7ba7de0c7e7
.analytics.yahoo.com/	1970-01-21 01:23:05	Name: IDSYNC Value: "18vk~2fd4:19e0~2fd4"
.lijit.com/	1970-01-21 01:23:05	Name: _ljtrtb_80 Value: LPMVA43O-1D-DVYE
.prebid.a-mo.net/	1970-01-20 16:38:56	Name: _sv3_4 Value: 1
.amazon-adsystem.com/	1970-01-20 21:44:13	Name: ad-id Value: A3D_OUiR5UP8ir_d0cUkuAg
.rubiconproject.com/	1970-01-21 01:23:05	Name: audit Value: 1\|A6M+rMAU0BZCTUvn0xjJyvPhUtmheoAYGJYGmUQ6TaSbz16xSA9sXdOuzrtid5hmx1eKmInydR4iZ07GJqnMnrT0MEv0F07OHm0QlslGhrY=
.pubmatic.com/	1970-01-20 16:38:56	Name: pi Value: 158355:3
.hb.yahoo.net/	1970-01-20 20:56:41	Name: visitor-id Value: 3444514011523541000V10
.hb.yahoo.net/	1970-01-21 01:23:05	Name: data-mag Value: LPMVA43O-1D-DVYE~~63
.pubmatic.com/	1970-01-20 18:47:05	Name: KRTBCOOKIE_80 Value: 22987-CAESECfV3hKcDxuJiHzZmi4Nmk0&KRTB&23025-CAESECfV3hKcDxuJiHzZmi4Nmk0&KRTB&23386-CAESECfV3hKcDxuJiHzZmi4Nmk0
.pubmatic.com/	1970-01-20 17:20:41	Name: PugT Value: 1701449801
.pubmatic.com/	1970-01-20 18:47:05	Name: SyncRTB3 Value: 1702598400%3A220_21_13
.id5-sync.com/	1970-01-20 18:47:05	Name: id5 Value: 2cbbda0a-1b51-7bd7-8c19-ccd1e085a26b#1701449801429#2
.simpli.fi/	1970-01-21 01:24:32	Name: suid Value: 692D71AA20FD40C1BF09D437986BD216
.pubmatic.com/	1970-01-20 17:20:41	Name: KRTBCOOKIE_148 Value: 19421-uid:692D71AA20FD40C1BF09D437986BD216&KRTB&23486-uid:692D71AA20FD40C1BF09D437986BD216&KRTB&23489-uid:692D71AA20FD40C1BF09D437986BD216&KRTB&23539-uid:692D71AA20FD40C1BF09D437986BD216
.pubmatic.com/	1970-01-20 18:47:05	Name: chkChromeAb67Sec Value: 5
.adsrvr.org/	1970-01-21 01:24:32	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCMy_3NqQprk8EAUYASABKAIyCwi26ZeUp6a5PBAFOAFaBzhoOXUxMWhgAg..
.pubmatic.com/	1970-01-20 17:20:41	Name: SPugT Value: 1701449801
.prebid.a-mo.net/	1970-01-20 16:38:56	Name: _sv3_8 Value: 1
.lijit.com/	1970-01-21 01:23:05	Name: ljtrtb Value: eJyrVrIwULJS8gnwDXM0MfbXNXTRdQmLdFWqBQBP2QZg
.lijit.com/	1970-01-21 01:23:05	Name: _ljtrtb_27 Value: 341f2b48-d090-40ef-9f31-633f83142a23
.360yield.com/	1970-01-20 18:47:05	Name: um Value: !79,4XuF3KOXXwh0EzF8FYEAESUn0JaNe0BfrCJPz94SR4B.m-cClTKR.deiAWxJXgd5mP4KdLG7rIzZpygX,1709225802
.360yield.com/	1970-01-20 18:47:05	Name: umeh Value: !79,0,1763657802,-1
.criteo.com/	1970-01-21 01:59:05	Name: uid Value: a772c64a-07e8-40b6-83af-a6e87b94440f
.id5-sync.com/	1970-01-20 18:47:05	Name: 3pi Value: 2#1701449801785#-1211685490#2420001899979848974\|264#1701449801986#-1918425961#341f2b48-d090-40ef-9f31-633f83142a23\|155#1701449802393#-1317568360#AACAwk7K1CEAABI_TdS3Zw\|203#1701449803828#1958056235#a772c64a-07e8-40b6-83af-a6e87b94440f\|108#1701449802192#320538526\|124#1701449802926#1543018320\|1245#1701449802615#1041668876\|429#1701449803280#-919871896#27BC1097-8D73-437B-A152-F22A8660FC44

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t.adx.opera.com/pub/sync?pub6103523253312&gdpr=0&consent=&us_privacy= Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPMVA43O-1D-DVYE&ripv6=2001:550:1d05:1::11 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://prebid.a-mo.net/cchain/6/35410?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=feb88240-3187-44bd-892a-e540794e010d&bidder=pubmatic&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=27BC1097-8D73-437B-A152-F22A8660FC44 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.pubmatic.com
adsdk.microsoft.com
ap.lijit.com
c.mgid.com
cdn.adnxs.com
cdn.connectad.io
cdn.id5-sync.com
cdn.mgid.com
ce.lijit.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.mgid.com
cm.rtbsystem.com
creativecdn.com
cs.admanmedia.com
cs.krushmedia.com
dis.eu.criteo.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hallo.terselubung.id
hb.yahoo.net
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
jsc.mgid.com
lb.eu-1-id5-sync.com
live.primis.tech
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
nym1-ib.adnxs.com
onetag-sys.com
pagead2.googlesyndication.com
pippio.com
pixel-us-west.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
ps.eyeota.net
px.ads.linkedin.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
s.amazon-adsystem.com
secure-assets.rubiconproject.com
servicer.mgid.com
ssc-cms.33across.com
sync-eu.connectad.io
sync.e-volution.ai
sync.intentiq.com
syncv4.intentiq.com
t.adx.opera.com
token.rubiconproject.com
tpc.googlesyndication.com
tracker.direct.e-volution.ai
ups.analytics.yahoo.com
visitor.omnitagjs.com
www.bing.com
www.googletagservices.com
x.bidswitch.net
cs.admanmedia.com
prebid.a-mo.net
104.36.113.107
104.36.113.110
107.178.254.65
109.206.161.21
147.135.71.152
151.101.129.108
162.19.138.120
172.253.62.154
178.250.7.11
18.207.77.150
185.184.8.90
23.222.193.103
23.41.168.202
23.55.243.218
23.73.244.44
2600:1408:c400:c::17cd:6887
2600:1f18:4e9:5a01:bdec:8761:d93e:b6e9
2600:9000:201e:5c00:1a:5235:f980:93a1
2600:9000:215f:7a00:1b:6b7d:2300:93a1
2606:4700:10::6816:3456
2606:4700:10::ac43:8ae
2606:4700:1::6813:834c
2606:4700:1::6813:844c
2606:4700:3037::6815:1f8b
2606:4700:3037::6815:444a
2606:4700::6813:9822
2607:f8b0:4004:c06::9a
2607:f8b0:4004:c07::84
2607:f8b0:4004:c07::9d
2607:f8b0:4004:c08::9b
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c19::5e
2620:1ec:21::14
2620:1ec:46::38
34.111.113.62
34.200.65.202
34.213.32.158
34.225.212.107
34.233.17.13
35.211.178.172
35.212.212.222
35.244.154.8
51.222.39.184
52.223.40.198
52.46.130.91
54.156.123.241
54.192.51.109
54.224.36.11
63.251.86.49
63.251.86.50
67.202.105.24
67.220.228.200
68.67.160.186
69.173.151.100
8.2.110.134
8.28.7.81
8.28.7.84
8.39.36.141
82.145.213.8
06a9b01b015f9eb466efe24dc546a7f1a0163682e51f4419261c4e0dbffc697e
0708ff3d6df86ffe24e47f9312b8d774b75a0b8c3676c6565b859c58fb4deb54
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0df963c9efbf64868ab3312f0ba278b13bf97b69c9b9eae2f9399b922ad07525
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
2d232e960083273781aa206a79b87801a165be4c1f380b456c9052f8546e18f6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3e846df0722586596b65f53041a5ed657477b65c5613661c8edee191a8a66a49
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eb9e05d67554e734b093a0490d0d050f4f427280aaa2a20e25d5ba50f0133da
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407571bf914f7fc37d433bb2331723d08982d94ad9568cba2d1b8bde13005a10
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6055f3148ddc7f73338abc085b9d8bf26841e12955affeab752e528e355e95d3
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
639ed9fa05fb0d30c4d3d58bd68e5fb2fd805db4be42cb6c15d9d5c00cf7fd3e
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
7416a2902c603be8fd0a27e49e926ba4681534017b24785bbebb75488bd9c8e6
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2
8c086e2e4eb60b0a54f5120a162bb6aa409e5f42d08be11871cee6134606a323
94034a75027b217a0f3fdfb41f799a60ae88425a7b0e69bf5d9c4c8ce73ff1b7
95645b244bad6f1faffec1919e02eb9c4cb7b17a10a64ecf63d58537620d9420
9af20e2829926d065f28c916c28927f967ad4b3d7f443bd8aad25d7eede2b322
9d3dea9ff019cdcc54eda72e8ecf7d404f6ef6c538477e354c3928e62408eda0
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a
a715c661f106fa77ad59146fa901c9a52bbc515e64f8ca8ca6ec7b26078f75d4
a83d4017262ebc64c732acf5aeac5d6393362bfd655b53aa8469a1082b9aea77
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b54c606593230660358db37e22ffba85f6a17b9c8619677ecaa6e1e12702f21f
ba6c8cac4d8d7e28dcb24eb09c61a0c06d7908198cf17f62de01720e3de5d6c9
bcf6b9b28cec8958f9d3f3ee39070e85ffd46d670f1f0baa7cd21aa24c188a00
bee21190895d4bc1b457c1687bd56d603c1b2377651cc18afe2e48631aaf7b68
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
deaf971a839013e15b3917c3256b6e19f036bc569b72312da9526adcecf5d5e0
dfc3699dd839ca3a7dc1e8aa7e774359fdc311bda16f675d3ea57aba4383b037
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51211d4f8de1139d08ac3fe5879f68e27ab158e315fdf86906512bd167da0fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f853a569440edd97d7101b365b7ba3d56618a1466530456dcda26c94f7e857
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f62eeaded6a442e8a7e493f36e0c64b7d1ca56bd592aee23dde9c5452a2a71ba
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7d18858df4aafb06fa1bfc4ad543dd3afc73b5fab06c2cba6e96bd5a0dd08ea

hallo.terselubung.id Open in urlscan Pro 2606:4700:3037::6815:1f8b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

109 Requests

64 %HTTPS

32 %IPv6

44 Domains

71 Subdomains

37 IPs

8 Countries

849 kBTransfer

2381 kBSize

95 Cookies

0 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hallo.terselubung.id Open in urlscan Pro
2606:4700:3037::6815:1f8b Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

64 %
HTTPS

32 %
IPv6

44
Domains

71
Subdomains

37
IPs

8
Countries

849 kB
Transfer

2381 kB
Size

95
Cookies

109 HTTP transactions
2 data transactions