www.haibunda.com Open in urlscan Pro
2606:4700::6812:1c8e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.haibunda.com/
Submission: On December 11 via manual (December 11th 2023, 5:37:47 am UTC) from ID — Scanned from DE

Summary HTTP 396 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 76 IPs in 9 countries across 46 domains to perform 396 HTTP transactions. The main IP is 2606:4700::6812:1c8e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.haibunda.com. The Cisco Umbrella rank of the primary domain is 370288.
TLS certificate: Issued by Thawte TLS RSA CA G1 on August 2nd 2023. Valid for: a year.

This is the only time www.haibunda.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700::68... 2606:4700::6812:1c8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
88	103.49.221.172 103.49.221.172	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
2	2606:4700:303... 2606:4700:3037::6815:25c1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
3	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
37	203.190.242.102 203.190.242.102	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2600:9000:264... 2600:9000:2646:5c00:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
2	23.55.163.57 23.55.163.57	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
7	18.210.2.56 18.210.2.56	14618 (AMAZON-AES) (AMAZON-AES)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:6a00:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
38	104.126.37.128 104.126.37.128	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:200... 2a04:4e42:200::714	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
2 4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.220.142.223 54.220.142.223	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
6 8	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3 7	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	63.35.106.187 63.35.106.187	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:225e:1800:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:261... 2600:9000:2611:d200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2600:1f13:800... 2600:1f13:800:7780:e000:f538:bd2d:cf42	16509 (AMAZON-02) (AMAZON-02)
7	203.190.242.244 203.190.242.244	24211 (DETIK-AS-...) (DETIK-AS-ID PT. Detik Ini JUga)
1	34.149.209.250 34.149.209.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:211... 2600:9000:211e:4800:f:a31d:75c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	163.181.56.215 163.181.56.215	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	34.227.121.59 34.227.121.59	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
4	78.46.23.46 78.46.23.46	24940 (HETZNER-AS) (HETZNER-AS)
5	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1 4	144.76.238.55 144.76.238.55	24940 (HETZNER-AS) (HETZNER-AS)
2	52.76.29.240 52.76.29.240	16509 (AMAZON-02) (AMAZON-02)
3	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	2.23.68.89 2.23.68.89	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:12::8	15169 (GOOGLE) (GOOGLE)
1	3.11.198.160 3.11.198.160	16509 (AMAZON-02) (AMAZON-02)
1 2	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	18.65.39.98 18.65.39.98	16509 (AMAZON-02) (AMAZON-02)
1	18.239.50.47 18.239.50.47	16509 (AMAZON-02) (AMAZON-02)
2	34.117.205.94 34.117.205.94	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.107.217.180 34.107.217.180	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	3.10.29.13 3.10.29.13	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	34.117.38.128 34.117.38.128	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:808::200a	() ()
1	103.49.221.99 103.49.221.99	() ()
1	2a00:1450:400... 2a00:1450:4001:806::2002	() ()
396	76

13 2606:4700::6812:1c8e (United States)

ASN13335 (CLOUDFLARENET, US)

www.haibunda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

88 103.49.221.172 (Depok, Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s221-cast-172-221-49-103.detik.com

cdn.haibunda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.detik.net.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnstatic.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:25c1 (United States)

ASN13335 (CLOUDFLARENET, US)

applets.ebxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn.insurads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 203.190.242.102 (Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s2-102-242.190.203.detik.com

akcdn.detik.net.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2646:5c00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.55.163.57 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-163-57.deploy.static.akamaitechnologies.com

lf16-data.bytepluscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.210.2.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-2-56.compute-1.amazonaws.com

services.insurads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:6a00:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 104.126.37.128 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-128.deploy.static.akamaitechnologies.com

mcs.tobsnssdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
toblog.tobsnssdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.142.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-142-223.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.211.116 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.35.106.187 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-106-187.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:1800:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2611:d200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f13:800:7780:e000:f538:bd2d:cf42 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 203.190.242.244 (Indonesia)

ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID)
PTR: s2-244-242.190.203.detik.com

newrevive.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.209.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.209.149.34.bc.googleusercontent.com

kayumanis.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:4800:f:a31d:75c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.optad360.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.56.215 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

connect.detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.227.121.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-121-59.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.23.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.238.55 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de

hal900021.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.76.29.240 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-29-240.ap-southeast-1.compute.amazonaws.com

editorial.femaledaily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.68.89 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-68-89.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:12::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5lzne6.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.198.160 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-198-160.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.39.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-98.ams1.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.50.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-47.ams58.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.205.94 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 94.205.117.34.bc.googleusercontent.com

recg.haibunda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.217.180 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.217.107.34.bc.googleusercontent.com

collent.haibunda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.10.29.13 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-29-13.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.38.128 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 128.38.117.34.bc.googleusercontent.com

stat.haibunda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (None, )

ASN- ()

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.49.221.99 (None, )

ASN- ()

vod.haibunda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (None, )

ASN- ()

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	detik.net.id cdn.detik.net.id — Cisco Umbrella Rank: 34412 akcdn.detik.net.id — Cisco Umbrella Rank: 38856	2 MB
64	haibunda.com www.haibunda.com — Cisco Umbrella Rank: 370288 cdn.haibunda.com — Cisco Umbrella Rank: 544888 recg.haibunda.com — Cisco Umbrella Rank: 876724 collent.haibunda.com — Cisco Umbrella Rank: 911385 stat.haibunda.com — Cisco Umbrella Rank: 671143 vod.haibunda.com	917 KB
43	googlesyndication.com a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	320 KB
38	tobsnssdk.com mcs.tobsnssdk.com — Cisco Umbrella Rank: 47603 toblog.tobsnssdk.com — Cisco Umbrella Rank: 21314	16 KB
32	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 ad.doubleclick.net — Cisco Umbrella Rank: 139 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 270869 pubads.g.doubleclick.net	273 KB
17	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 300 gcdn.2mdn.net — Cisco Umbrella Rank: 1193 r3---sn-4g5lzne6.c.2mdn.net — Cisco Umbrella Rank: 963659	2 MB
14	detik.com cdnstatic.detik.com — Cisco Umbrella Rank: 56844 newrevive.detik.com — Cisco Umbrella Rank: 59631 kayumanis.detik.com — Cisco Umbrella Rank: 101886 connect.detik.com — Cisco Umbrella Rank: 55551	154 KB
13	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 900 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	103 KB
10	insurads.com cdn.insurads.com — Cisco Umbrella Rank: 22930 services.insurads.com — Cisco Umbrella Rank: 18100	54 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 37721 hal900021.redintelligence.net — Cisco Umbrella Rank: 251894	44 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	5 KB
7	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 93	2 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	586 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	5 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	104 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	301 B
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com	369 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	179 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	42 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	159 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 24395 api.webgains.io — Cisco Umbrella Rank: 59842	19 KB
3	medialead.de pv.medialead.de — Cisco Umbrella Rank: 47317	1013 B
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643	660 B
3	google.de www.google.de — Cisco Umbrella Rank: 6765	579 B
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1767 mab.chartbeat.com — Cisco Umbrella Rank: 2658	25 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	9 KB
2	femaledaily.com editorial.femaledaily.com — Cisco Umbrella Rank: 97558	661 KB
2	optad360.io get.optad360.io — Cisco Umbrella Rank: 39286	226 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	128 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	34 KB
2	bytepluscdn.com lf16-data.bytepluscdn.com — Cisco Umbrella Rank: 72478	52 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	14 KB
2	ebxcdn.com applets.ebxcdn.com — Cisco Umbrella Rank: 10870	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138	2 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264	437 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 49821	2 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 13930	702 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 128498	923 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1455	201 B
1	optad360.net cdn.optad360.net — Cisco Umbrella Rank: 61231	3 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789	3 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
396	46

	Domain	Requested by
45	cdn.haibunda.com	www.haibunda.com cdn.haibunda.com
38	cdn.detik.net.id	www.haibunda.com cdn.detik.net.id www.googletagmanager.com
37	akcdn.detik.net.id	www.haibunda.com cdn.detik.net.id
34	mcs.tobsnssdk.com	lf16-data.bytepluscdn.com
25	pagead2.googlesyndication.com	a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com www.haibunda.com securepubads.g.doubleclick.net imasdk.googleapis.com
15	tpc.googlesyndication.com	a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com www.haibunda.com tpc.googlesyndication.com s0.2mdn.net googleads.g.doubleclick.net securepubads.g.doubleclick.net
14	s0.2mdn.net	www.haibunda.com s0.2mdn.net imasdk.googleapis.com
13	www.haibunda.com	cdn.haibunda.com static.cloudflareinsights.com newrevive.detik.com
10	securepubads.g.doubleclick.net	www.haibunda.com securepubads.g.doubleclick.net
9	dt.adsafeprotected.com	a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com www.haibunda.com
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	newrevive.detik.com	www.haibunda.com newrevive.detik.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	services.insurads.com	cdn.insurads.com www.haibunda.com
7	www.googletagmanager.com	www.haibunda.com www.googletagmanager.com cdn.detik.net.id adv.office-partner.de
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	googleads.g.doubleclick.net	1 redirects a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com pagead2.googlesyndication.com www.haibunda.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	cdnstatic.detik.com	www.haibunda.com
4	hal900021.redintelligence.net	1 redirects a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com hal900021.redintelligence.net
4	hal9000.redintelligence.net	a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com hal900021.redintelligence.net
4	toblog.tobsnssdk.com	lf16-data.bytepluscdn.com
4	www.facebook.com	www.haibunda.com
4	www.google.com	2 redirects www.haibunda.com tpc.googlesyndication.com
4	connect.facebook.net	www.haibunda.com connect.facebook.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	pv.medialead.de	hal900021.redintelligence.net
3	fonts.gstatic.com	fonts.googleapis.com
3	a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google.de	www.haibunda.com
3	cdn.jsdelivr.net	www.haibunda.com securepubads.g.doubleclick.net get.optad360.io
3	cdn.insurads.com	www.haibunda.com services.insurads.com
2	imasdk.googleapis.com	cdn.detik.net.id imasdk.googleapis.com
2	api.webgains.io	analytics.webgains.io
2	collent.haibunda.com	cdn.detik.net.id
2	recg.haibunda.com	cdn.haibunda.com
2	8019191.fls.doubleclick.net	1 redirects a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
2	r3---sn-4g5lzne6.c.2mdn.net	www.haibunda.com
2	editorial.femaledaily.com	www.haibunda.com
2	static.adsafeprotected.com	a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
2	get.optad360.io	www.haibunda.com get.optad360.io
2	googleads4.g.doubleclick.net	www.haibunda.com
2	fw.adsafeprotected.com	1 redirects www.haibunda.com
2	www.googletagservices.com	a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects www.haibunda.com
2	fonts.googleapis.com	cdn.detik.net.id hal900021.redintelligence.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	lf16-data.bytepluscdn.com	www.googletagmanager.com
2	static.chartbeat.com	www.haibunda.com www.googletagmanager.com
2	static.cloudflareinsights.com	www.haibunda.com
2	applets.ebxcdn.com	www.haibunda.com applets.ebxcdn.com
1	pubads.g.doubleclick.net	imasdk.googleapis.com
1	vod.haibunda.com	cdn.detik.net.id
1	stat.haibunda.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.track.production.webgains.team	a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	adservice.google.com	8019191.fls.doubleclick.net
1	track.webgains.com	a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
1	gcdn.2mdn.net	1 redirects
1	www.awin1.com	hal900021.redintelligence.net
1	adv.office-partner.de	hal900021.redintelligence.net
1	ad.doubleclick.net	a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
1	ping.chartbeat.net	www.haibunda.com
1	connect.detik.com	cdn.detik.net.id
1	cdn.optad360.net	www.haibunda.com
1	kayumanis.detik.com	cdn.detik.net.id
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	www.haibunda.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	mab.chartbeat.com	static.chartbeat.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	www.gstatic.com	www.haibunda.com
396	81

This site contains links to these domains. Also see Links.

Domain
connect.detik.com
newrevive.detik.com
insertlive.com
beautynesia.id
editorial.femaledaily.com
cxomedia.id
wolipop.detik.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.tiktok.com
www.berbuatbaik.id
pasangmata.detik.com
adsmart.detik.com
forum.detik.com
event.detik.com
poin.detikshop.com
www.transsnowworld.com
www.transstudiobandung.com
www.detik.com
www.cnnindonesia.com
www.cnbcindonesia.com
www.insertlive.com
www.beautynesia.id
www.femaledaily.com
www.cxomedia.id

Subject Issuer	Validity	Valid
*.haibunda.com Thawte TLS RSA CA G1	`2023-08-02` - `2024-08-07`	a year	crt.sh
*.detik.net.id Thawte RSA CA 2018	`2023-02-21` - `2024-02-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-23` - `2024-03-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.insurads.com Go Daddy Secure Certificate Authority - G2	`2023-05-01` - `2024-06-01`	a year	crt.sh
*.detik.com Thawte RSA CA 2018	`2022-11-21` - `2023-12-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-19` - `2023-12-18`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.bytepluscdn.com RapidSSL TLS ECC CA G1	`2023-05-29` - `2024-06-28`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.tobsnssdk.com RapidSSL ECC CA 2018	`2023-02-21` - `2024-03-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2023-09-17` - `2024-10-15`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.optad360.net Amazon RSA 2048 M02	`2023-06-26` - `2024-07-24`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
editorial.femaledaily.com R3	`2023-11-15` - `2024-02-13`	3 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
adv.office-partner.de R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-11-14` - `2024-01-23`	2 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 29 frames:

Primary Page: https://www.haibunda.com/
Frame ID: 8EA7BC361D4EF7360DF66164B3830E2F
Requests: 189 HTTP requests in this frame

Frame: https://cdn.detik.net.id/berbuatbaik-id/channel-box-embed-13.html
Frame ID: 93C8BD527485C24A9D0C708E026D723D
Requests: 10 HTTP requests in this frame

Frame: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 773F14CE7CD7BE9B261A300BD202E304
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.haibunda.com
Frame ID: 9FCD5E13EDF212A4AD2A1CE508FC1837
Requests: 2 HTTP requests in this frame

Frame: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E8FE2A51E3AD0ECE957DD6E4286D2611
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIKjsPsBMAE&v=APEucNXCurJfhyrUIoIN63_ZdSFjiYSq3iJ3HFDviArv2pnPR1JPiB2ZBGGQ4wB2Th6lqjocyllCCTbh9AhdDmImSRtYlbd5ZUFuluiEJvYSEKZ-pbhRyRP9978GpQnB0pK9s4s68mxt6ZBlajbRvrhqikX4ycgu47rNR2mQ8q9B67XzhI6OJuU
Frame ID: F83848747BE20176A36877486E392A4F
Requests: 5 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: F601EE1E7CE5EAECFFF0A640BBC6B3A2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E5A02AF89A621DF8A34A0CAF686B87B0
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250
Frame ID: B5E46B25FCB0BDA3E148039926B2E234
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvW71EEk6siWuOSQ4J93ntGyGi6EEYDZhTGO4CFGmOrr1Gxl-xJ4AvSCm9Qg_BaTq6_xvDTl2Lf8GwsarEFjBPuBQxGeHxXfY1mpYL0PvpUwrUCvf3hkgKqnRmvFRc1cLqYpgVwO91mwskDrRPynTQ8uTFfWS-jdrzbUqns2a8VGBU3OaqV8wkptgKF-U4M4MrXSYc211OvPN-WnMVlDp8e8hdEbH3bJlK5AH92kDRRrSoMAjau63UsySZPUYIw3LO9l9lHvpMeRyFkpe4RQfLIDmrqbOn14L-5-fsvQwxry1MDN0NeMzt9Hs-fUJzNP-HB9l84U7lqhIH_0cwoZgOi42C42tJrw_rnTO017_4rcxAnv4AhHKMqc-fl-9REQmvHlShs8wY&sai=AMfl-YTfaNQINs5IEjrowbmFw0VwHINRzuyrYU10by7ITvIlsQy1Tr_5n1FMxtcV6xa8qdI8hasOjEvMwnhy1CS5t2rEOqA0ZiGZvNfXkmoceL3vf-uGqDJesQPT7nootHF8PEisrHRw-7J7pcG4ir9rodC_CW1BvKy30ajCmQ&sig=Cg0ArKJSzE1SdRLfyRICEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 496184D00128D379E177B7B9625F3A77
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C12433D85B2775BA6B81EA1865B53DED
Requests: 1 HTTP requests in this frame

Frame: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A08B23490E34DB3837C326C0F33F708B
Requests: 22 HTTP requests in this frame

Frame: https://connect.detik.com/token/me.html?autoLogin=1&clientId=10166
Frame ID: 88A8ED028E48E972961AF35D6185A69F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWgn1tAEwi_P5OgrtMmLdrgAJerVRITJJa3X2I8cZn3YFmXOTe_xZgRuNhYo8WNSiOHr1uf-CjUfe4fEgZB6NLLOlwZ5VOSodI2kgvLxkri3ctksBxvr5PbD8sOd2Do5WC24tgR_6oi1les-55uM-POJ97kTNF0PkF8D1v5EekaCtpbEoU
Frame ID: 1251D25A9940C5E14DABC0763CC6755B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 30D7F5AC27985D068781777AD0C21840
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7455F6B8D7D8EFB36BE02FE2E834AF3E
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 905D8A18CCB4425B26DACE7929D428FE
Requests: 12 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=2414&requests=[{%22eaUp%22:%22/4905536/HaiBunda_desktop/billboard%22,%22eoId%22:508818616,%22advId%22:820121176,%22w%22:970,%22h%22:250,%22eId%22:%22main_haibunda_desktop_billboard_0%22},{%22eaUp%22:%22/4905536/HaiBunda_desktop/medium_rectangle2%22,%22eoId%22:508818616,%22advId%22:820121176,%22w%22:300,%22h%22:250,%22eId%22:%22main_haibunda_desktop_medium_rectangle2_0%22}]&h=https%3A%2F%2Fwww.haibunda.com%2F&ts=1702273057830
Frame ID: 2E746E68AC73CB7D3008DA62F8E685CB
Requests: 1 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=47675300013898004444554012535021&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: CEF7C117C384EB38747F92ACCB6AA87D
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 2842CD00FEEA5F0B43BF69E526521C8F
Requests: 3 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMj-z6fVhoMDFW9TkQUdH_QB3Q;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=230432437040.42426
Frame ID: 526E5651D4D027AD14D87C091BF80AAA
Requests: 2 HTTP requests in this frame

Frame: https://hal900021.redintelligence.net/request_content.php?s=47675300013898004444554012535021&a=9c376a87
Frame ID: D3508205EEEA00F28C37CD9F257DB335
Requests: 8 HTTP requests in this frame

Frame: https://services.insurads.com/ad?auid=910278&appId=2414&s=2830&dm=1&is=0&csz=%5B%5D&sz=%5B%5D&ct=%7B%7D&h=https%3A%2F%2Fwww.haibunda.com%2F&sid=A4DB29AF5192A2DB&v=1.14.21b&ts=1702273058344
Frame ID: C498810CB4DAED23ADDB77FA2570D7E5
Requests: 1 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=2414&requests=[{%22eaUp%22:%22/4905536/HaiBunda_desktop/bottomframe%22,%22eoId%22:508818616,%22advId%22:820121176,%22w%22:728,%22h%22:90,%22eId%22:%22main_haibunda_desktop_bottomframe_0%22}]&h=https%3A%2F%2Fwww.haibunda.com%2F&ts=1702273059623
Frame ID: A3F2B435DF1733D29AD08255A76BF1AB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1937211D35C4CD8D756C2727043538A6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E34EB9D96E777A79FE63DA72622CFD9A
Requests: 2 HTTP requests in this frame

Frame: https://www.haibunda.com/embed/video/322813?smartautoplay=true
Frame ID: C1434A40B4D5EB131CCBA3B1A631C478
Requests: 51 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.608.2_id.html
Frame ID: BBD6D87A2D0D03F66815A7EF2FF40083
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2A1FD866BB39B974FDF1172D8671543C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Informasi Terkini Kehamilan, Parenting, dan Mom Life - Haibunda.com

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

396
Requests

95 %
HTTPS

51 %
IPv6

46
Domains

81
Subdomains

76
IPs

9
Countries

8715 kB
Transfer

19890 kB
Size

40
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://connect.detik.com/accounts/register?clientId=10166&redirectUrl=https%3A%2F%2Fwww.haibunda.com%2Fauthorize&backURL=https%3A%2F%2Fwww.haibunda.com%2F
Title: DAFTAR

Search URL Search Domain Scan URL

URL: https://connect.detik.com/oauth/authorize?clientId=10166&redirectUrl=https%3A%2F%2Fwww.haibunda.com%2Fauthorize%3Fu%3Dhttps%3A%2F%2Fwww.haibunda.com%2F&backURL=https%3A%2F%2Fwww.haibunda.com%2F
Title: MASUK

Search URL Search Domain Scan URL

URL: https://connect.detik.com/oauth/signout?redirectUrl=https%3A%2F%2Fwww.haibunda.com%2F
Title: KELUAR

Search URL Search Domain Scan URL

URL: https://newrevive.detik.com/delivery/ck.php?oaparams=2__bannerid=217253__zoneid=1514__cb=5da8df45f5__oadest=https%3A%2F%2Fwww.haibunda.com%2Fparenting%2F20231205175859-64-322813%2Fanya-prameswari-peraih-puluhan-medali-olimpiade-matematika-sains-di-kancah-internasional

Search URL Search Domain Scan URL

URL: https://insertlive.com/lifestyle/20231207141505-210-325841/jangan-salah-ini-cara-charge-ponsel-yang-benar
Title: Jangan Salah, Ini Cara Charge Ponsel yang Benar

Search URL Search Domain Scan URL

URL: https://beautynesia.id/life/3-taman-nasional-tercantik-di-dunia-salah-satunya-di-indonesia/b-283655
Title: 3 Taman Nasional Tercantik di Dunia, Salah Satunya di Indonesia!

Search URL Search Domain Scan URL

URL: https://editorial.femaledaily.com/blog/2023/12/11/rounn-x-jovi-adhiguna-koleksi-tas-kulit-eksklusif-yang-wajib-kamu-miliki/
Title: ROUNN x Jovi Adhiguna: Koleksi Tas Kulit Eksklusif yang Wajib Kamu Miliki!

Search URL Search Domain Scan URL

URL: https://cxomedia.id/wellnes/20231209105047-18-179800/dear-me-beauty-x-aaliyah-massaid-rilis-kilauan-spesial-untuk-lazada-fest-1212-pop-up-festival
Title: Dear Me Beauty X Aaliyah Massaid Rilis Kilauan Spesial untuk Lazada Fest 12.12 Pop-Up Festival

Search URL Search Domain Scan URL

URL: https://wolipop.detik.com/entertainment-news/d-7083067/golden-disc-awards-2024-umumkan-line-up-kedua-ada-le-sserafim-hingga-txt
Title: Golden Disc Awards 2024 Umumkan Line Up Kedua, Ada LE SSERAFIM Hingga TXT

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HaiBundacom/

Search URL Search Domain Scan URL

URL: https://twitter.com/haibundacom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/haibundacom/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/HaiBundacom

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@haibunda

Search URL Search Domain Scan URL

URL: https://www.berbuatbaik.id/?utm_source=haibunda&utm_medium=footer&utm_campaign=berbuatbaikid
Title: berbuatbaik.id

Search URL Search Domain Scan URL

URL: https://pasangmata.detik.com/
Title: Pasang Mata

Search URL Search Domain Scan URL

URL: https://adsmart.detik.com/
Title: Adsmart

Search URL Search Domain Scan URL

URL: https://forum.detik.com/
Title: Forum

Search URL Search Domain Scan URL

URL: https://event.detik.com/
Title: detikEvent

Search URL Search Domain Scan URL

URL: https://poin.detikshop.com/
Title: detikPoint

Search URL Search Domain Scan URL

URL: https://www.transsnowworld.com/
Title: Trans Snow World

Search URL Search Domain Scan URL

URL: https://www.transstudiobandung.com/
Title: Trans Studio

Search URL Search Domain Scan URL

URL: https://www.detik.com/
Title: detikcom

Search URL Search Domain Scan URL

URL: https://www.cnnindonesia.com/
Title: CNN Indonesia

Search URL Search Domain Scan URL

URL: https://www.cnbcindonesia.com/
Title: CNBC Indonesia

Search URL Search Domain Scan URL

URL: https://www.insertlive.com/
Title: InsertLive

Search URL Search Domain Scan URL

URL: https://www.beautynesia.id/
Title: Beautynesia

Search URL Search Domain Scan URL

URL: https://www.femaledaily.com/
Title: Female Daily

Search URL Search Domain Scan URL

URL: https://www.cxomedia.id/
Title: CXO Media

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.haibunda.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.haibunda.com%2F&rid=esp&cc=1

Request Chain 106

https://gum.criteo.com/sid/json?origin=publishertagids&domain=haibunda.com&sn=ChromeSyncframe&so=0&topUrl=www.haibunda.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=F2piUHxlT01ldEdvNFNvcWxQTGQvUWVSeTAxMzJCNk5aWG1GcXpKT1FQa2RhSkI4NzJObzlpRFNHUUFnbi9xNEdhNXFZU1Z5UmkrNzJyS2hyeXBOQzVYNktiK3pIbjYyeDZDMWpsUHFoYVZaTElEbWJCVElzMjcxWTFybjU0ODFzSGc1YVBiNUhZeGdYbnJnZ01RSE5lQWg3WUIyS0t5dVBsajdWcW9HVHFOcGZlckJQeXppMWpkTEVrWFNzVGRaeVZuR3NxejFtSUg5cmN6YTFSeG9kMWNVM0JWWHpJakM3amdHbXltRkJWS1dpSjlsVThRTm1UWGozay93d2g4VWd4STJwbXhiYmErL3V6VytSR3YvcnhsenAwRmdxR3g3TnlDcHVWdWNzTWQ5NXlQND18&cppv=2

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnzIwJCcOCha_RwqMqzYnA&google_cver=1

Request Chain 117

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXagIMQyfDFZP2f4ba9OYQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnzIwJCcOCha_RwqMqzYnA&google_cver=1

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDqz4X3gNoJm2EgUFtNjKW8&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDqz4X3gNoJm2EgUFtNjKW8%26google_cver%3D1

Request Chain 119

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg5MjY1Mzg5NjU2NzkyNjU4Mg%3D%3D

Request Chain 155

https://fw.adsafeprotected.com/rfw/st/1742739/75943806/4.js?ias_dspID=3&ias_campId=1014501235&ias_pubId=pub-0428516164225172&ias_chanId=1&ias_placementId=20574793325&bidurl=https://www.haibunda.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iIPsK9TnRLhdzjAyQxNM3x&adContainerId=brand_safety_IaB2ZYFmnZSO7A-DzrCYBA&cbFunctionName=goog_wrapCb_IaB2ZYFmnZSO7A-DzrCYBA&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.haibunda.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.haibunda.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fa14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:96ec8880-4ac8-2d9d-13a0-ac4551ccf40f,c:wt2Ugg,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765b799994-d5vj9,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tY6EgIY+11%7C12%7C13%7C14*.1742739-75943806%7C141%7C142%7C143%7C15,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:12,oid:6457f6d8-97e7-11ee-9d39-02b2413ef5f0,v:19.8.464,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_IaB2ZYFmnZSO7A-DzrCYBA&cbFunctionName=goog_wrapCb_IaB2ZYFmnZSO7A-DzrCYBA&true_pb=

Request Chain 199

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnzIwJCcOCha_RwqMqzYnA&google_cver=1

Request Chain 200

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXagIMQyfDFZP2f4ba9OYQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnzIwJCcOCha_RwqMqzYnA&google_cver=1

Request Chain 201

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDqz4X3gNoJm2EgUFtNjKW8&google_cver=1

Request Chain 202

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg5MjY1Mzg5NjU2NzkyNjU4Mg%3D%3D

Request Chain 231

https://hal900021.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=9ca5700e09&subid=&uid=d46426254a302c07&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAzYaIaB2Zem1DKKtjuwP-dCQsAGm5b2gaa2VnKfJD_AuEAEg4P_mHGCVgoCAtAfIAQmpAmItiH_3DrI-qAMByAObBKoEnAJP0DPFbionL6xDb8Ki_yDuOzd2DQ4S1xg-Ha--ym7p_ehyQhMFvdiih6nTQutn5KeZZc7zl3jViM2kaC6zHEmILqApP2yZWlFAlTQgsid6got2Iho69rkqrJI5PsyUCmv5g_TwvTMt7sjPK9X5UfdJzsnN5ouP6i38aDtXfEVTe3Uo_EK1kQ8XdFaPr9AncWOsd88olw2VP3hABi-rxZ0JoD0pXJkKnhlC-Zo7NXjQkVrZJkm799noaH47CF0oLzlgnm20dfCaYhEVFDu6OmiscSD8Mgzv8Ga9X3qtKd0_PXTN8J5Mk3dMzRUCTBgpseSJsFbdoL_2mIa0b5cHWgxRn7T3vxCQlx-hq6S1QR6m0822oXUiXKrbLJB148AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliz9OOm1YaDA4AKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAqoNAkRF4g0TCJeo5KbVhoMDFaKWgwcdeSgEFrATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNKoTdintvcbNWEPDneI7DoNLDuQG4bBJAL42lEilEeZZbKpEV0tQ7hO0BQwOyqk8H0FdmlglUGODbt_7wKwM1Yt1cZheNOtPmG2sYAQ%26sig%3DAOD64_1nQo4qvcthS0Mgh1qtHWNZ1qNzKg%26client%3Dca-pub-0428516164225172%26dbm_c%3DAKAmf-AO8opH1zSM8l6qw2S6KvdFg4648RiSNcrlv80qWJm33DDz3e5PDpdEr_jQOIAOeXOTIyY4-z-Bjw-1YuwzNVuToqSYC_6mFltpWO2YQp6txTs8xGa0RlvruIOZQV57weSLi9Pwp3CHBWnGFcSyfTdvAdAFtnTFA-rJJnwT4Fnokvr3dw8%26cry%3D1%26dbm_d%3DAKAmf-BlV89_0tD9rO8x7bKu9_qhKBE1gM3rU-qMrREnXUmcu4CxccH6WvBzfeXoWkNzEqD1PpfYkp067YPecFzPv37E30YMeu-gXnNsejUbPR-PSUO7pl3UEar_TC5q6YpL4KwihYxfHbhQn5tIJ5vw4lHSlRm0AbKD73s_6lQ4SzMrMt92r90QZqwUl2ORZXUge6EcyN6R1KDeiYYidSlkYls5towwuyA5FHbV0LTNA0-oX98MaBlkJNDmcMUsiR3D3c9eMbWUyL24xmRse85m5hUidBJnCzyNvFEp-CpMXE1otUEoE-Cwc_k5mQdAZ9VCQag56vPuLnIC_n1W9_Y9eBOMiRWN4KAdUG7YrambTIf8iX1gZNb6LBccY4pNbS6IfK-HISprKvMi9FcSordqedh_PW8KShXVVLqN4ZflxVDspZrxjkyvlcmhQn9SmUjbhbGIcIkWYMEpvVHM4II38a6vZAJRoDZPuOu0wm4w8kaLCXfFQoSFK2gy0NSzzI9afejAz9jImVpID44GhbWUpUxegpOEDiTjWRMB169qFRgrvQ6MbI8%26adurl%3D&documentReferer=https%3A%2F%2Fwww.haibunda.com%2F&ancestorOrigins=https%3A%2F%2Fwww.haibunda.com&random=9184241977634&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900021.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=9ca5700e09&subid=&uid=d46426254a302c07&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAzYaIaB2Zem1DKKtjuwP-dCQsAGm5b2gaa2VnKfJD_AuEAEg4P_mHGCVgoCAtAfIAQmpAmItiH_3DrI-qAMByAObBKoEnAJP0DPFbionL6xDb8Ki_yDuOzd2DQ4S1xg-Ha--ym7p_ehyQhMFvdiih6nTQutn5KeZZc7zl3jViM2kaC6zHEmILqApP2yZWlFAlTQgsid6got2Iho69rkqrJI5PsyUCmv5g_TwvTMt7sjPK9X5UfdJzsnN5ouP6i38aDtXfEVTe3Uo_EK1kQ8XdFaPr9AncWOsd88olw2VP3hABi-rxZ0JoD0pXJkKnhlC-Zo7NXjQkVrZJkm799noaH47CF0oLzlgnm20dfCaYhEVFDu6OmiscSD8Mgzv8Ga9X3qtKd0_PXTN8J5Mk3dMzRUCTBgpseSJsFbdoL_2mIa0b5cHWgxRn7T3vxCQlx-hq6S1QR6m0822oXUiXKrbLJB148AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliz9OOm1YaDA4AKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAqoNAkRF4g0TCJeo5KbVhoMDFaKWgwcdeSgEFrATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNKoTdintvcbNWEPDneI7DoNLDuQG4bBJAL42lEilEeZZbKpEV0tQ7hO0BQwOyqk8H0FdmlglUGODbt_7wKwM1Yt1cZheNOtPmG2sYAQ%26sig%3DAOD64_1nQo4qvcthS0Mgh1qtHWNZ1qNzKg%26client%3Dca-pub-0428516164225172%26dbm_c%3DAKAmf-AO8opH1zSM8l6qw2S6KvdFg4648RiSNcrlv80qWJm33DDz3e5PDpdEr_jQOIAOeXOTIyY4-z-Bjw-1YuwzNVuToqSYC_6mFltpWO2YQp6txTs8xGa0RlvruIOZQV57weSLi9Pwp3CHBWnGFcSyfTdvAdAFtnTFA-rJJnwT4Fnokvr3dw8%26cry%3D1%26dbm_d%3DAKAmf-BlV89_0tD9rO8x7bKu9_qhKBE1gM3rU-qMrREnXUmcu4CxccH6WvBzfeXoWkNzEqD1PpfYkp067YPecFzPv37E30YMeu-gXnNsejUbPR-PSUO7pl3UEar_TC5q6YpL4KwihYxfHbhQn5tIJ5vw4lHSlRm0AbKD73s_6lQ4SzMrMt92r90QZqwUl2ORZXUge6EcyN6R1KDeiYYidSlkYls5towwuyA5FHbV0LTNA0-oX98MaBlkJNDmcMUsiR3D3c9eMbWUyL24xmRse85m5hUidBJnCzyNvFEp-CpMXE1otUEoE-Cwc_k5mQdAZ9VCQag56vPuLnIC_n1W9_Y9eBOMiRWN4KAdUG7YrambTIf8iX1gZNb6LBccY4pNbS6IfK-HISprKvMi9FcSordqedh_PW8KShXVVLqN4ZflxVDspZrxjkyvlcmhQn9SmUjbhbGIcIkWYMEpvVHM4II38a6vZAJRoDZPuOu0wm4w8kaLCXfFQoSFK2gy0NSzzI9afejAz9jImVpID44GhbWUpUxegpOEDiTjWRMB169qFRgrvQ6MbI8%26adurl%3D&documentReferer=https%3A%2F%2Fwww.haibunda.com%2F&ancestorOrigins=https%3A%2F%2Fwww.haibunda.com&random=9184241977634&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 232

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 252

https://gcdn.2mdn.net/videoplayback/id/712f6f4d3ec85bb4/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733809057/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/51C1097B5FEAE4419F6AF1A773CDF3233C8A3603.B1AD893BB375F3232F15E35DBB549F78B2DF5FFB/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5lzne6.c.2mdn.net/videoplayback/id/712f6f4d3ec85bb4/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733809057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0E2F08356841C1D3D83E91CB581076002A855D9C.6BEF6D4EECD66C55CC9477B23D1A1B7A36C5F6F0/key/cms1/cms_redirect/yes/mh/pc/mip/2a00:c98:2030:a004:1::14/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1702272470/mv/u/mvi/3/pl/60/file/file.mp4

Request Chain 255

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=230432437040.42426 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CMj-z6fVhoMDFW9TkQUdH_QB3Q;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=230432437040.42426

Request Chain 362

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11300199237/?random=1730035362&cv=11&fst=1702273063363&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77092987&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.haibunda.com%2F&ref=https%3A%2F%2Fwww.haibunda.com%2F&label=bBlMCLjfgdMYEMW2rYwq&hn=www.googleadservices.com&frm=1&tiba=Anya%20Prameswari%2C%20Peraih%20Puluhan%20Medali%20Olimpiade%20Matematika%20%26%20Sains%20di%20Kancah%20Internasional&value=0&auid=571431742.1702273056&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=J6B2ZfSJHJa978EPkL-rgAo&sscte=1&crd=&eitems=ChAIgODVqwYQ0czoksHOsKgaEh0AKMHu3mL-1Y726-i7FU8LNE_da_jIJX2yttQTZg&pscrd=EkxDaEFJZ09EVnF3WVFsYWFnMU1UTzBNVU9FaVVBZ3NPcUM3R0tLY1FxWVcxTFdtakg2SENmRUtheU1Bc0FkNTVWM093YUFXeXUyVm5NGldDaEFJZ09EVnF3WVF5T3pBeXJEcTZOSTNFaTBBYmR5MWdmb0pFZm5fZk9QbGZXYlJTeEJXR1gzdGkwcHp4TGNERVpUTkR4Q2tRQXpIVFFwYXpsbnplTkEiEwi0uYiq1YaDAxWW3jsCHZDfCqA HTTP 302
https://www.google.com/pagead/1p-conversion/11300199237/?random=1730035362&cv=11&fst=1702273063363&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77092987&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.haibunda.com%2F&ref=https%3A%2F%2Fwww.haibunda.com%2F&label=bBlMCLjfgdMYEMW2rYwq&hn=www.googleadservices.com&frm=1&tiba=Anya%20Prameswari%2C%20Peraih%20Puluhan%20Medali%20Olimpiade%20Matematika%20%26%20Sains%20di%20Kancah%20Internasional&value=0&auid=571431742.1702273056&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ09EVnF3WVFsYWFnMU1UTzBNVU9FaVVBZ3NPcUM3R0tLY1FxWVcxTFdtakg2SENmRUtheU1Bc0FkNTVWM093YUFXeXUyVm5NGldDaEFJZ09EVnF3WVF5T3pBeXJEcTZOSTNFaTBBYmR5MWdmb0pFZm5fZk9QbGZXYlJTeEJXR1gzdGkwcHp4TGNERVpUTkR4Q2tRQXpIVFFwYXpsbnplTkEiEwi0uYiq1YaDAxWW3jsCHZDfCqA&is_vtc=1&ocp_id=J6B2ZfSJHJa978EPkL-rgAo&cid=CAQSKQDICaaNS_YBcHzb0tPIMt1CNSfwah-gIgsK6g-jDC3d9ryTEe_5XFyx&eitems=ChAIgODVqwYQ0czoksHOsKgaEh0AKMHu3vByuJHjGXPoKcZObi7HqtAzS-3mmuSeuA&random=1776620343 HTTP 302
https://www.google.de/pagead/1p-conversion/11300199237/?random=1730035362&cv=11&fst=1702273063363&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77092987&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.haibunda.com%2F&ref=https%3A%2F%2Fwww.haibunda.com%2F&label=bBlMCLjfgdMYEMW2rYwq&hn=www.googleadservices.com&frm=1&tiba=Anya%20Prameswari%2C%20Peraih%20Puluhan%20Medali%20Olimpiade%20Matematika%20%26%20Sains%20di%20Kancah%20Internasional&value=0&auid=571431742.1702273056&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ09EVnF3WVFsYWFnMU1UTzBNVU9FaVVBZ3NPcUM3R0tLY1FxWVcxTFdtakg2SENmRUtheU1Bc0FkNTVWM093YUFXeXUyVm5NGldDaEFJZ09EVnF3WVF5T3pBeXJEcTZOSTNFaTBBYmR5MWdmb0pFZm5fZk9QbGZXYlJTeEJXR1gzdGkwcHp4TGNERVpUTkR4Q2tRQXpIVFFwYXpsbnplTkEiEwi0uYiq1YaDAxWW3jsCHZDfCqA&is_vtc=1&ocp_id=J6B2ZfSJHJa978EPkL-rgAo&cid=CAQSKQDICaaNS_YBcHzb0tPIMt1CNSfwah-gIgsK6g-jDC3d9ryTEe_5XFyx&eitems=ChAIgODVqwYQ0czoksHOsKgaEh0AKMHu3vByuJHjGXPoKcZObi7HqtAzS-3mmuSeuA&random=1776620343&ipr=y

396 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.haibunda.com/ 210 KB
26 KB 503ms
467ms Document
text/html 2606:4700::6812:1c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30172fc770b2624d5a2a75f0367804ac23ad348ae43b9590585be3f8b50a3111

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 833b605fdc0071bb-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 11 Dec 2023 05:37:35 GMT
s: fe-publish1
server: cloudflare
strict-transport-security: "max-age=31536000; includeSubDomains" always
x-cached: EXPIRED
x-content-type-options: nosniff
x-xss-protection: '1;mode=block'

GET
H2 200 style.css
cdn.haibunda.com/css/ 87 KB
20 KB 562ms
184ms Stylesheet
text/css 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/css/style.css?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

13e2687882065f87ebe1c4671c63e321a6c5145f8f693ced2812e5bf71e3c09c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:35 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Tue, 28 Nov 2023 07:04:36 GMT
server: st1
content-encoding: gzip
etag: W/"65659104-15bb0"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fonts.css
cdn.haibunda.com/css/ 6 KB
908 B 562ms
184ms Stylesheet
text/css 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/css/fonts.css?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

8761a8589ecc3689d3b8d70efab8bfe58d337c3d575d75aa91c92eaaeccbdd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:35 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2023 07:34:29 GMT
server: st1
content-encoding: gzip
etag: W/"652ce785-16ba"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
cdn.detik.net.id/libs/detik-vertical/js/ 87 KB
31 KB 550ms
181ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/detik-vertical/js/jquery-3.6.0.min.js?v=haibunda.4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:35 GMT
middle-cache: MISS
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 07:01:24 GMT
server: st1
content-encoding: gzip
etag: W/"60bdc444-15d9d"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ebx.js Show response
applets.ebxcdn.com/ 464 B
991 B 93ms
37ms Script
application/javascript 2606:4700:3037::6815:25c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applets.ebxcdn.com/ebx.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:25c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac326f6781dff803f38b680f6a65d2a2d7d24849de123ed05630dae5407f4be2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
content-encoding: br
x-amzn-remapped-content-length: 464
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3
x-amzn-requestid: b0073ef7-9335-485d-8f99-109e53118787
x-amz-apigw-id: Pw30oHfAjoEEaAg=
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed Aug 30 13:25:09 GMT 2023
server: cloudflare
x-amzn-trace-id: Root=1-6576a01d-729a56ba273305896447a95c;Sampled=0;lineage=7936cbcf:0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAgqQjDwUVST0RPbnJ21GR6HMXe0%2F10KZQ2cAVdGfYZiGg9tSDLRcw2bN8Hm35NNDRqYM8caEpzM%2BEq5nXiUNWg7Gsj7mi6qP36wsQj%2BluY6HZ8RpDOkT60BUPK5CFg0w82GpLXLGs4Bt3bkXvj0AO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=7200
cf-ray: 833b60699937bbf5-FRA

GET
H2 200 detik.ads.css
cdn.detik.net.id/commerce/desktop/css/ 9 KB
3 KB 549ms
181ms Stylesheet
text/css 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/commerce/desktop/css/detik.ads.css

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

889ed0f48c04d82f2bd820be3891c084083bd88f253a8e4018227e8c7d81f21b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:35 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 02 Nov 2022 10:06:05 GMT
server: st1
content-encoding: gzip
etag: W/"6362410d-255c"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dtk_commerce.js Show response
cdn.detik.net.id/commerce/commerce/ 1 KB
921 B 549ms
181ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/commerce/commerce/dtk_commerce.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

3b64444ca542f3bd5be8aba927bbf319f8924845d2cf99c053a9a0bc93771302

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:35 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 02 Nov 2022 10:03:16 GMT
server: st1
content-encoding: gzip
etag: W/"63624064-53e"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
30 KB 152ms
96ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a650d3922ecaa39dc316c8fc225409d9568918866bb7d37054caf775b538c9e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29716
x-xss-protection: 0
server: cafe
etag: 381 / 19702 / 31080020 / config-hash: 18041799505519846586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 05:37:36 GMT

GET
H2 200 S9H7OMZB.js Show response
cdn.insurads.com/bootstrap/ 7 KB
3 KB 134ms
38ms Script
application/x-javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.insurads.com/bootstrap/S9H7OMZB.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: a07ca75e85cde4d1afb84980d870cc0d9ca8e93e4a26d65a58c31821ecc01a34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
content-encoding: gzip
cdn-edgestorageid: 1081
x-amz-request-id: BM8G1N4FB6ZKDY8P
cdn-cachedat: 07/07/2023 01:55:09
cdn-pullzone: 55316
x-amz-id-2: ldjuY4rkSSHM+339/gA+rDxAR8yjbL5OUf6N4kdorPQx+4Qp6oxCzzPVDQKuHKI1esGJU76YHFw=
last-modified: Mon, 06 Jun 2022 13:59:02 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "fc7461ca5b7bf5ec58f085056c4dd5ea"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cdn-cache: HIT
cdn-uid: 56a941db-1de6-4dd7-bd60-f93546463707
cache-control: max-age=86400, s-maxage=604800
cdn-requestid: 5962550c8c59ce3e15988a65fa34a39a
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 user.png
cdn.haibunda.com/images/ 2 KB
2 KB 553ms
185ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/user.png?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

d45b32cf6bd6e88742ffe7e217493a27513dfb56613b6dc7f69855fb4364267b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:35 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Mon, 19 Jun 2023 07:06:55 GMT
server: st1
content-encoding: gzip
etag: W/"648ffe8f-649"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detikconnect_auto_login.js Show response
cdn.detik.net.id/libs/dc/v1/ 993 B
798 B 198ms
197ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/dc/v1/detikconnect_auto_login.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

147abcd981f7939f14184e96ef62d2d08885057b34e1aaea210bebb2dcfc02ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 14 Oct 2021 03:31:38 GMT
server: st1
content-encoding: gzip
etag: W/"6167a49a-3e1"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pushnotif.js Show response
cdn.haibunda.com/js/ 2 KB
995 B 552ms
185ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/pushnotif.js?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

75c564b11819eb6c2df664507cdea1ad5bfdfde6ac23a67581da88dd4de66835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:35 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Tue, 08 Aug 2023 08:31:06 GMT
server: st1
content-encoding: gzip
etag: W/"64d1fd4a-636"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 billdesktop-scrollpage.css
cdnstatic.detik.com/live/_rmbassets/bill-scrollpage/ 1 KB
709 B 658ms
193ms Stylesheet
text/css 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnstatic.detik.com/live/_rmbassets/bill-scrollpage/billdesktop-scrollpage.css

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

eea3668c05671273723d5e06b6e6661aee47d89a54b732347bd9ed70b7fa0bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
middle-cache: HIT
last-modified: Mon, 29 May 2023 08:21:07 GMT
server: st1
etag: W/"64746073-43d"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
barrier_2: HIT
access-control-allow-origin: *
barrier_1: Static
barrier_3: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_Insertlive.png
cdn.haibunda.com/images/logo/ 8 KB
7 KB 240ms
240ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/logo/logo_Insertlive.png?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

892cbed999e182e677a982593b4a2b1054156fb5730cad5f14e26467119e062d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Mon, 23 Mar 2020 04:03:08 GMT
server: st1
content-encoding: gzip
etag: W/"5e7834fc-1eb2"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_Beautynesia.png
cdn.haibunda.com/images/logo/ 5 KB
5 KB 211ms
211ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/logo/logo_Beautynesia.png?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

41f256772529dd56ce2f8bdd006e6a2cec7736283344f1e4dd677bb0ccc9e01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
content-encoding: gzip
etag: W/"64896ff7-1435"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_FemaleDaily.png
cdn.haibunda.com/images/logo/ 8 KB
7 KB 185ms
185ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/logo/logo_FemaleDaily.png?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

bbd58a1c832602875a0b34aba97d954d24dfa30ff69f95559ef675047b48a190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Mon, 23 Mar 2020 04:03:08 GMT
server: st1
content-encoding: gzip
etag: W/"5e7834fc-2051"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-cxo.png
cdn.haibunda.com/images/logo/ 2 KB
2 KB 214ms
210ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/logo/logo-cxo.png?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

89095ca11eae7b644fac81b99bdef7f8b08ceff77a67bee52c295cb46ef3abfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
content-encoding: gzip
etag: W/"64896ff7-893"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_Wolipop.png
cdn.haibunda.com/images/logo/ 16 KB
16 KB 213ms
212ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/logo/logo_Wolipop.png?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

3c2d3bf051e5ceab46b67776c86b075de1e755aa34ec5a08fc7fc70e6a93e9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Tue, 24 Mar 2020 09:04:12 GMT
server: st1
content-encoding: gzip
etag: W/"5e79cd0c-3f44"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_MommiesDaily.png
cdn.haibunda.com/images/logo/ 5 KB
6 KB 213ms
212ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/logo/logo_MommiesDaily.png?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

09c4a499c263c79321dd444b925b53a876bf544ebd877ada013587d1099fdd26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
content-encoding: gzip
etag: W/"64896ff7-14e9"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scrollpage.css
cdnstatic.detik.com/live/_rmbassets/mr1-scrollpage/ 885 B
705 B 195ms
192ms Stylesheet
text/css 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnstatic.detik.com/live/_rmbassets/mr1-scrollpage/scrollpage.css

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

80f1fbeb1e95f186e1ef324d132860cc499bec297a2ef4b673c73478f21692b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
middle-cache: MISS
last-modified: Mon, 18 Jul 2022 06:43:06 GMT
server: st1
etag: W/"62d500fa-375"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
barrier_2: MISS
access-control-allow-origin: *
barrier_1: Static
barrier_3: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 scrollpage.css
cdnstatic.detik.com/live/_rmbassets/mr2-scrollpage/ 884 B
701 B 195ms
192ms Stylesheet
text/css 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnstatic.detik.com/live/_rmbassets/mr2-scrollpage/scrollpage.css

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

5f16cbd61c5063eee06064df8697819fbb972df80a1f022fdf59954c6b1f533e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
middle-cache: HIT
last-modified: Wed, 08 Dec 2021 10:11:08 GMT
server: st1
etag: W/"61b084bc-374"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
barrier_2: HIT
access-control-allow-origin: *
barrier_1: Static
barrier_3: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 iframeResizer.min.js Show response
cdn.jsdelivr.net/npm/iframe-resizer@4.3.6/js/ 14 KB
6 KB 58ms
30ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/iframe-resizer@4.3.6/js/iframeResizer.min.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3a17dbeb1279ddd9aa45595a39b0dc40ada6fa4fc2f4e3c7cf3e460e3410c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 873585
x-jsd-version: 4.3.6
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230025-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"3756-n/xfAKniRUkopLUGT/90IElxHMY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiafaJQYnwvBPdyY6tZ3N%2B47qVLZPLV7%2BxRUSryGwUCuuW%2BnQvTxj0N1TqVEthPKpU%2B5JNijgccSlQPhlz54fOgPCiX9CV4uIzbgySNWgjb9%2BRSeC%2BSYEJ2xHG%2FBUc%2FClPNg7W78BTtn6UNkZmc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 833b6069686135f1-FRA

GET
H2 200 haibunda-wp-js.min.js Show response
cdn.haibunda.com/js/ 118 KB
34 KB 214ms
211ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/haibunda-wp-js.min.js?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

2202fa796324f006c0b5b3ec0416e66573ef71ae3c2a4d0d18fa898e84f7231a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Mon, 25 Oct 2021 07:52:00 GMT
server: st1
content-encoding: gzip
etag: W/"61766220-1d7a8"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imgLiquid-min.js Show response
cdn.haibunda.com/js/ 5 KB
2 KB 214ms
211ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/imgLiquid-min.js?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

8ad3e1be1b9cb15ea3c9379f994f99e8c97af5a04f894299e1999ed2582ad62e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:27 GMT
server: st1
content-encoding: gzip
etag: W/"5db2a88f-13f7"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 custom.js Show response
cdn.haibunda.com/js/ 1 KB
811 B 214ms
211ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/custom.js?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

7b5812cff4887b15fb1c6356a442a44106ae4f6d0b3453f83d110a7bc8ed1819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: MISS
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
content-encoding: gzip
etag: W/"64896ff7-534"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/3.6.6/ 294 KB
97 KB 91ms
35ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/3.6.6/firebase.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ca252b1ec28d3fc04078a3a87894fea0cb9d5ee81f0bbc5a66ff8c5ecaab333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98890
x-xss-protection: 0
last-modified: Wed, 18 Jan 2017 00:39:02 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 20:42:15 GMT

GET
H2 200 firebase.js Show response
cdn.haibunda.com/js/ 6 KB
2 KB 213ms
212ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/firebase.js?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

625bc84e4cb23db18926786e7b43681dc875397800cf02ebac341bf2e44ae671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: MISS
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 04:01:54 GMT
server: st1
content-encoding: gzip
etag: W/"64bdf7b2-188a"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detik-vertical.js Show response
cdn.haibunda.com/js/ 3 MB
520 KB 214ms
211ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/detik-vertical.js?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

49a540e3ef91f246b1226bd70950b9c6b121b9bad40d7ab4292c7a9b9e697d5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Tue, 28 Nov 2023 07:04:36 GMT
server: st1
content-encoding: gzip
etag: W/"65659104-2890ea"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 refresh.js Show response
cdn.detik.net.id/libs/detik-vertical/js/ 1 KB
712 B 199ms
196ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/detik-vertical/js/refresh.js?v=haibunda.4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

c6b125c8dc7b6c653f8b83247885e3ebb9f92ffe94a32efa224302737eb0174d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:26 GMT
server: st1
content-encoding: gzip
etag: W/"5db2a88e-430"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detikLiveUserCounterResponse.js Show response
cdn.detik.net.id/libs/livecounter/ 38 KB
10 KB 199ms
197ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/livecounter/detikLiveUserCounterResponse.js?v=2023121112

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

af0280c8646154adb38a8e059fd0c5cfb21b954eb38031fcba65240da35061ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Thu, 09 Dec 2021 04:00:43 GMT
server: st1
content-encoding: gzip
etag: W/"61b17f6b-96d5"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slick.min.js Show response
cdn.haibunda.com/js/ 42 KB
11 KB 213ms
211ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/slick.min.js?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Tue, 13 Sep 2022 08:20:47 GMT
server: st1
content-encoding: gzip
etag: W/"63203d5f-a76e"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 callback-revive.js Show response
cdnstatic.detik.com/live/_rmbassets/ 168 B
516 B 194ms
192ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnstatic.detik.com/live/_rmbassets/callback-revive.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

f25cf1a788fd845ec9fd9612d636207ad7db744aa99624c76fb6c8ecd379e92f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
middle-cache: HIT
barrier_2: HIT
barrier_1: Static
barrier_3: HIT
content-length: 168
last-modified: Wed, 28 Apr 2021 07:59:13 GMT
server: st1
etag: "608915d1-a8"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 98ms
71ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.haibunda.com/
Origin: https://www.haibunda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 833b60696b2430cc-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 297 KB
96 KB 109ms
54ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

243169a0b5779c2430fe4e12cbe2ac7ad4aedd22addace394e57a5d1f78bd28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97914
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Dec 2023 05:37:36 GMT

GET
H2 200 dm-sans-v11-latin-regular.woff2
cdn.haibunda.com/fonts/ 18 KB
18 KB 603ms
199ms Font
application/octet-stream 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/dm-sans-v11-latin-regular.woff2

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/fonts.css?v=4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/fonts.css?v=4.5.9
Origin: https://www.haibunda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-46b0"
cache-status: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 18096
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dm-sans-v11-latin-700.woff2
cdn.haibunda.com/fonts/ 18 KB
18 KB 603ms
199ms Font
application/octet-stream 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/dm-sans-v11-latin-700.woff2

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/fonts.css?v=4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/fonts.css?v=4.5.9
Origin: https://www.haibunda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-4724"
cache-status: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 18212
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 972fa1b1-24cb-47a5-acbe-cbc6be2ae3e6.png
akcdn.detik.net.id/community/media/visual/2019/07/23/ 8 KB
9 KB 621ms
189ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/community/media/visual/2019/07/23/972fa1b1-24cb-47a5-acbe-cbc6be2ae3e6.png?d=1

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

95ea4f9b70f2ca3ad7bab58bc9dc7ef03450b206e493bd6da1a9878d7e0b9f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: MISS
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 23 Jul 2019 04:36:48 GMT
server: st8
etag: W/"5d368ee0-211e"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-hb.webp
cdn.haibunda.com/images/ 2 KB
3 KB 408ms
407ms Image
image/webp 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/logo-hb.webp?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

ecf5938e74b5b2a3aa509c3e71a53fc0b44bb1a32f8d2a9af145d26ff027e470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-946"
cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2374
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 scripts.js Show response
applets.ebxcdn.com/applets/www.haibunda.com/ 2 KB
2 KB 58ms
27ms XHR
text/javascript 2606:4700:3037::6815:25c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://applets.ebxcdn.com/applets/www.haibunda.com/scripts.js
Requested by: Host: applets.ebxcdn.com
URL: https://applets.ebxcdn.com/ebx.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:25c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32d9252c1f88d4e358a09f37a32d37dd14a1d8e1da2984d9a1a90c28c6960843

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6
x-amzn-requestid: 2f542bb6-538a-4d65-8111-e776c0c28d62
x-amz-apigw-id: Pw30OF-AjoEElmA=
content-length: 1581
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 11:23:33 GMT
server: cloudflare
etag: 7mCS9GEyrfSHGv22Qn72+Q==
x-amzn-trace-id: Root=1-6576a01a-38b4d9ee622ed0011f196833;Sampled=0;lineage=388d0713:0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=duBOdHNWlxKN8M8EJ8LZj7y7JTJ7aRc%2FqkX1CseeNa3EsDyU6YrL41vrVnQqAqz%2B0sQ5B4oxAVM1qKzygEJlsVfrNf3rUkf8GkPZ4EuxKNPNjkrihXeKM%2BTrVxJaMaSlK%2FjfwQ77UNCXH4hSDUIQBgU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=300, no-transform
accept-ranges: bytes
cf-ray: 833b606a0c2918e1-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
84 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LW7SH9Y4G8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

65f27c76f5123caea75ae9ae1621b275caabcaba213ff41a6e9678e24acb8298

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85480
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 05:37:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 108ms
33ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 11 Dec 2023 03:48:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6557
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 11 Dec 2023 05:48:19 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 98ms
27ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 11 Dec 2023 05:37:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Vx3kzdX7gtYBJGS6OrH7mQWc4fimiDHMai0ysW7mIC9NPOPrT0Mop5pf81bMt8lkJ6tCu6iO9Nc7n0FZrztTbg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 131ms
35ms Script
application/x-javascript 2600:9000:2646:5c00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:5c00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:49:00 GMT
content-encoding: gzip
via: 1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 01:59:58 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 31716
etag: W/"6555779e-94a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: b1sAkdm7dJxL-tYArplpE2ue3RvP0tnvvQFlNERafFvOw8o-S6Exgw==
expires: Mon, 11 Dec 2023 20:49:00 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 126ms
30ms Script
application/x-javascript 2600:9000:2646:5c00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:5c00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 22:00:47 GMT
content-encoding: gzip
via: 1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 02:00:31 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 27409
etag: W/"655577bf-5df1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Yz8DunelhuezGfb5_2kNPoOcWumPIvurPuOkZtfVcjN4b8POvC1hYw==
expires: Mon, 11 Dec 2023 22:00:47 GMT

GET
H2 200 collect-rangers-v5.0.0.js Show response
lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/ 93 KB
26 KB 136ms
26ms Script
application/javascript 23.55.163.57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.163.57 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-163-57.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: 42b448c8c5f67a9c48b021dfd6676e0c1aa3146b1513d18cad8ba2ad7be9df8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-akamai-request-id: 1a16906b
date: Mon, 11 Dec 2023 05:37:36 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: 0NGYZsGPAC/sdgY7Low4DQ==
x-cache: TCP_HIT from a23-55-162-57.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=8
content-length: 25562
x-tos-request-id: 3bb401069f055a5d65069f05-aba03d8
x-tos-response-time: Sun, 17 Sep 2023 06:39:02 GMT
last-modified: Thu, 23 Feb 2023 05:54:55 GMT
server: TLB
x-tt-logid: 20230918133434ABC25F0A1BCC82E12067
etag: "d0d19866c18f002fec76063b2e8c380d"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
x-request-ip: fdbd:dc51:4000:294:a::141
cache-control: max-age=956515
access-control-allow-credentials: false
x-response-cinfo: fdbd:dc51:4000:294:a::141
x-tt-trace-host: 0101fdb82af2250f101e544b911120f0b24a0ff6f78f80669531083873d5778b48a4ec96cc4ebdb4212a26783822874f9ab5f98d2cff53238f41cd6758ae936b725eea53829d7bc1c70ffc47d04f911a0eaedbe689b3ab4c1e170dbb84659091053c77a0b73a35b716b14512514879b3206ec602a7354e3fafe13a73ba3997a8ae
accept-ranges: bytes
x-response-cache: edge_hit
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/ 431 KB
135 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:48:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20975
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138171
x-xss-protection: 0
server: cafe
etag: 7807444821274263820
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 09 Dec 2024 23:48:01 GMT

GET
H2 200 channel-box-embed-13.html Show response
cdn.detik.net.id/berbuatbaik-id/ Frame 93C8 4 KB
2 KB 203ms
203ms Document
text/html 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/berbuatbaik-id/channel-box-embed-13.html

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

85a9869a96e93e6ab2df4e9f1eab7bf897ac15193a9bf54dfcbe239619c9fcaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.haibunda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-status: HIT
content-encoding: gzip
content-type: text/html
date: Mon, 11 Dec 2023 05:37:36 GMT
etag: W/"65769dd9-e21"
last-modified: Mon, 11 Dec 2023 05:27:53 GMT
middle-cache: HIT
server: st1
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1;mode=block

GET
H2 200 swiper-bundle.min.js Show response
cdn.haibunda.com/js/ 145 KB
40 KB 383ms
200ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/js/swiper-bundle.min.js?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

54cbab9227fd1905a544309be2fad4fb0b43fb698b16f9b1d83c2e416f5450bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.haibunda.com/
Origin: https://www.haibunda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
content-encoding: gzip
etag: W/"64896ff7-24380"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 raleway-v28-latin-700.woff2
cdn.haibunda.com/fonts/ 21 KB
21 KB 371ms
200ms Font
application/octet-stream 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/raleway-v28-latin-700.woff2

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/fonts.css?v=4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

80f4e592fb822c98ea06e6553fbb20d8c6161644a39de94baaa9c448c6aba20a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/fonts.css?v=4.5.9
Origin: https://www.haibunda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-53c0"
cache-status: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 21440
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 montserrat-v25-latin-600.woff2
cdn.haibunda.com/fonts/ 12 KB
13 KB 370ms
200ms Font
application/octet-stream 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/montserrat-v25-latin-600.woff2

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/fonts.css?v=4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/fonts.css?v=4.5.9
Origin: https://www.haibunda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-319c"
cache-status: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 12700
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dm-sans-v11-latin-500.woff2
cdn.haibunda.com/fonts/ 18 KB
18 KB 367ms
200ms Font
application/octet-stream 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/dm-sans-v11-latin-500.woff2

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/fonts.css?v=4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

e6997f451bbf8012dea5fb3b9f2e974a2f86861364126915097d81096392c800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/fonts.css?v=4.5.9
Origin: https://www.haibunda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-4740"
cache-status: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 18240
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shio-naga_34.jpeg
akcdn.detik.net.id/visual/2023/11/06/ 124 KB
122 KB 384ms
189ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/11/06/shio-naga_34.jpeg?w=750&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

b983d5376ac2f5b7cb2ffbf9640ffe96d4a73d175d5116651f9c5cb00cdad711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st4
server: st8
etag: W/"affa1b79754b5371a3529c7b24f3eb16141f9661"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ilustrasi-ayah-dan-anak_34.jpeg
akcdn.detik.net.id/visual/2023/11/29/ 117 KB
118 KB 383ms
189ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/11/29/ilustrasi-ayah-dan-anak_34.jpeg?w=750&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

faa9e3a73fbbde0ef5e5e330b6fe619fd136a5c8dc677dc9d8c8b98c66efa330

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st4
server: st8
etag: W/"baff1bce314a155e5bef0286475cfda55c82cc88"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rachel-amanda-1_34.jpeg
akcdn.detik.net.id/visual/2023/12/08/ 202 KB
202 KB 384ms
190ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/12/08/rachel-amanda-1_34.jpeg?w=750&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

f0f5a84e4039b50c9c4053ebd8991aec14d5cdcec168bfaa2f27d4d5fcbd1255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st12
server: st8
etag: W/"51ce25c4c770320862d71db206177841844ba14b"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-foto.webp
cdn.haibunda.com/images/ 498 B
791 B 341ms
339ms Image
image/webp 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/icon-foto.webp?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

3d490bc201c366e2121b60ba924dc4535142aaea0b8d87c4c1b53df4aeaca5f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: MISS
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-1f2"
cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 498
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 highlight11.webp
cdn.haibunda.com/images/ 5 KB
5 KB 341ms
339ms Image
image/webp 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/highlight11.webp?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

24b0a3453e05cc95d9da378b01565b5d1f592b01104bcb45bb99ca015f233f52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-1398"
cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5016
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 highlight22.webp
cdn.haibunda.com/images/ 4 KB
5 KB 342ms
339ms Image
image/webp 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/highlight22.webp?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

27b6e7880d8ec59b516645f3f8984d2365e85e827a95fc032c63d34ce31b1ef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-11f8"
cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4600
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 highlight33.webp
cdn.haibunda.com/images/ 6 KB
6 KB 342ms
339ms Image
image/webp 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/highlight33.webp?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

3fd1c4933aefeb81416d2ce45a7ea8f032a5fd637ef04eadc1a8c89adc7d2d06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-17fa"
cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 6138
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 highlight44.webp
cdn.haibunda.com/images/ 4 KB
4 KB 342ms
340ms Image
image/webp 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/highlight44.webp?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

963e58beab597778b19955449f5bbb26ccc583603477243dc3f31504d646bafb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-107e"
cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4222
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 highlight55.webp
cdn.haibunda.com/images/ 5 KB
6 KB 342ms
340ms Image
image/webp 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/highlight55.webp?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

0f5ece39e94279c1f438c935eb4003eeebb18b805a2f2806fe055e4cf29f8ad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-15ae"
cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5550
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 highlight66.webp
cdn.haibunda.com/images/ 3 KB
4 KB 342ms
340ms Image
image/webp 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/highlight66.webp?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

387378d2f231edbd6785e3f202b24462b68838ebee494bdb23d5c713be9a5923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-d98"
cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3480
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 highlight77.webp
cdn.haibunda.com/images/ 2 KB
3 KB 342ms
340ms Image
image/webp 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/highlight77.webp?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

e0fc243e9972387fa20dd5e96d09d80caad5e113434d4a01c61f8b0030cf09ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-994"
cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2452
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 highlight88.webp
cdn.haibunda.com/images/ 5 KB
5 KB 342ms
341ms Image
image/webp 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/highlight88.webp?v=4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

8baf641907db0884113fac6a39941e595322dbca8da51411bf8a17d489577c25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-1450"
cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5200
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adiba-khanza-dan-egy-maulana-1_169.png
akcdn.detik.net.id/visual/2023/12/11/ 53 KB
53 KB 852ms
659ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/12/11/adiba-khanza-dan-egy-maulana-1_169.png?w=1490&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

fc11dd076da3f54de838ecc446e03acd286599095a7b4e880af2a34a6caf69a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st14
server: st8
etag: W/"8b977524aede6166cddba2d169affa2665156257"
cache-status: MISS
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 transmart-full-day-sale-kasih-diskon-gede-gedean-buat-produk-buah_43.jpeg
akcdn.detik.net.id/visual/2023/10/29/ 60 KB
60 KB 383ms
190ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/10/29/transmart-full-day-sale-kasih-diskon-gede-gedean-buat-produk-buah_43.jpeg?w=430&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

878c37b1d5044029b15db9b77c5e96be34385d5f832a6ae9c539a842b4c786e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st10
server: st8
etag: W/"b015e728f7e796a81a9c7448c8c394feacbe3857"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shio-naga_43.jpeg
akcdn.detik.net.id/visual/2023/11/06/ 36 KB
36 KB 656ms
656ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/11/06/shio-naga_43.jpeg?w=430&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

ebeb832ec1665102de92372c87d679759182e0d45bc533f704d56bec6865eb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st13
server: st8
etag: W/"626ff93bdb2b713f601a2481b5f22cb9160466cf"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ilustrasi-muslim-salat_43.jpeg
akcdn.detik.net.id/visual/2023/12/08/ 23 KB
23 KB 656ms
656ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/12/08/ilustrasi-muslim-salat_43.jpeg?w=430&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

1dcce424db633ec2784ab9d60a1e5c0e92eae95abf270a6a77e17046c2bad2f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: MISS
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st5
server: st8
etag: W/"369016551a3ecd13f3c716004421c5fefe727154"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 montserrat-v25-latin-regular.woff2
cdn.haibunda.com/fonts/ 12 KB
13 KB 354ms
200ms Font
application/octet-stream 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.haibunda.com/fonts/montserrat-v25-latin-regular.woff2

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/css/fonts.css?v=4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.haibunda.com/css/fonts.css?v=4.5.9
Origin: https://www.haibunda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-31a4"
cache-status: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 12708
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
246 B 111ms
35ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LW7SH9Y4G8&gtm=45je3bt0v884803178z877092987&_p=1702273056194&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1929531125.1702273056&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702273056&sct=1&seg=0&dl=https%3A%2F%2Fwww.haibunda.com%2F&dt=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&en=page_view&_fv=1&_nsi=1&_ss=1&ep.allowLinker=true&ep.cookieDomain=auto&ep.kanalId=47&ep.keyword=kehamilan%2C%20menyusui%2C%20parenting%2C%20nama%20bayi%2C%20mom%27s%20life%2C%20motherhood%2C%20cerita%20bunda%2C%20resep%2C%20tips%20%2C%20video%2C%20referensi%20produk%2C%20rekomendasi%20tempat&ep.contentType=wp&ep.platform=desktop&ep.originalTitle=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&ep.namaKanal=Haibunda&tfd=1821
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LW7SH9Y4G8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 106ms
35ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LW7SH9Y4G8&cid=1929531125.1702273056&gtm=45je3bt0v884803178z877092987&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LW7SH9Y4G8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 109ms
39ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LW7SH9Y4G8&cid=1929531125.1702273056&gtm=45je3bt0v884803178z877092987&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=744487546

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init Show response
services.insurads.com/ 2 KB
1 KB 712ms
100ms Script
application/javascript 18.210.2.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/init?appId=S9H7OMZB&h=https%3A%2F%2Fwww.haibunda.com%2F&tcfc=1&t=1702273056491
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/S9H7OMZB.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.210.2.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-2-56.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 123e563660832a5d32f4df8cab340a9534a6717f263942e021219a916260ec99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript;charset=UTF-8
x-nocache: true
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 36ms
35ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=660709581&t=pageview&_s=1&dl=https%3A%2F%2Fwww.haibunda.com%2F&ul=en-us&de=UTF-8&dt=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=200063874&gjid=1224260808&cid=1929531125.1702273056&tid=UA-891770-244&_gid=1710171754.1702273057&_r=1&_slc=1&gtm=45He3bt0n81WGBMBG8v77092987&cd1=47&cd6=kehamilan%2C%20menyusui%2C%20parenting%2C%20nama%20bayi%2C%20mom%27s%20life%2C%20motherhood%2C%20cerita%20bunda%2C%20resep%2C%20tips%20%2C%20video%2C%20referensi%20produk%2C%20rekomendasi%20tempat&cd16=wp&cd17=desktop&cd19=1.732&cd48=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=500584218

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 113ms
29ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:28:48 GMT
content-encoding: gzip
age: 2189328
x-guploader-uploadid: ABPtcPorK7SdOx9D0-XbxZI-ucFoefeNDDoBI41rnJAKBKLzpPyd_Ilsabixqvym6_79HuCGK2OQIo2s49jtCyg8m0eHLqvG-9Ou
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 14 Nov 2024 21:28:48 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 116ms
55ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-aa2f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Dec 2023 05:37:36 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
34 KB 86ms
33ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: A1NQNZWYYD8RDPVZ
age: 1012
etag: W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 833b606bcf8830d6-FRA
x-amz-id-2: uPJIzcgfcqFH+YgEf4wMWt8G4wxOM1qewTig3jxzXzhPxlApJLSAQY3FLpXys8LRgrAOVdUehKfW9g51wad6xg==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 82ms
23ms Script
text/javascript 2600:9000:2250:6a00:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:6a00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Sun, 10 Dec 2023 06:24:16 GMT
Via: 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 83601
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: _V8btYiYKVh4htUKYreRxDhAlnnVXiIA0wG9eIIbCyaFAXXoiCQMAw==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
804 B 31ms
30ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 41848
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4byRHxPHdPWr6rBvGybC891Sj8L4QvuGBNvK%2BVlKvJ%2BfIBq%2FsswdsLMOgCu317z26taD6Q507o3FFc0hlm2kc0S2wJ81NDtfxHS5sZTyNSsF2H%2Bd7q9ntqHpycioBZcdrskLE8BWZLaK1n54xo4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 833b606b79af35f1-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 91ms
22ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 04:16:06 GMT
content-encoding: gzip
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 4891
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: c0-uAGMyBHS4P9iYOP4elSWFOXZbRUnX2gNsiWPs5mZso3oABpPZtA==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 110ms
26ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: f51a3f2017469f4c58c61814b456bfe2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 695 B
383 B 68ms
68ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4319395245116756&correlator=2402536134404472&eid=31080078%2C31079233%2C31080020%2C31079525&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fif&iu_parts=4905536%2CHaiBunda_desktop%2Cballon_ads&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&didk=607409652&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702273056536&lmt=1702273056&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&psz=1600x9410&msz=1600x0&fws=0&ohw=0&ga_vid=1929531125.1702273056&ga_sid=1702273057&ga_hid=660709581&ga_fc=true&dlt=1702273055155&idt=1358&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat%26Keyword_tag%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&adks=3381077581&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a85dde05c7944389d658145eb29ff453e1b75f046fc7929d5c5f1e9057c42a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 353
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 263ms
263ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4319395245116756&correlator=2402536134404472&eid=31080078%2C31079233%2C31080020%2C31079525&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fif&iu_parts=4905536%2CHaiBunda_desktop%2Cbottomframe&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C728x90&ifi=2&didk=1113165784&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702273056541&lmt=1702273056&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=640&ohw=0&ga_vid=1929531125.1702273056&ga_sid=1702273057&ga_hid=660709581&ga_fc=true&dlt=1702273055155&idt=1358&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat%26Keyword_tag%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&adks=528661791&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e76d2faaefde354bf999b737a43e9627bd1312daded2bd329dd1edef398eb39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10382
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 551 B
298 B 72ms
71ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4319395245116756&correlator=2402536134404472&eid=31080078%2C31079233%2C31080020%2C31079525&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fif&iu_parts=4905536%2CHaiBunda_desktop%2Cnewstag&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&didk=3469118559&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702273056543&lmt=1702273056&adxs=1121&adys=98&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&psz=0x0&msz=0x0&fws=0&ohw=0&ga_vid=1929531125.1702273056&ga_sid=1702273057&ga_hid=660709581&ga_fc=true&dlt=1702273055155&idt=1358&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat%26Keyword_tag%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&adks=1164505163&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1dcf927c0e7e3c645c3835ea2bc4164fe76b80b1f509ee58ee30c736fa02d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 268
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
12 KB 1249ms
1249ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4319395245116756&correlator=2402536134404472&eid=31080078%2C31079233%2C31080020%2C31079525&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fif&iu_parts=4905536%2CHaiBunda_desktop%2Cbillboard&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&ifi=4&didk=773507927&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702273056544&lmt=1702273056&adxs=315&adys=174&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&psz=970x-1&msz=970x-1&fws=512&ohw=0&ga_vid=1929531125.1702273056&ga_sid=1702273057&ga_hid=660709581&ga_fc=true&dlt=1702273055155&idt=1358&prev_scp=pos%3Dbillboard&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat%26Keyword_tag%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&adks=657542039&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18125a81c865f393739c975d9bf4e10cf43ba6c90111e5e2712ea920900121bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12332
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 668ms
667ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4319395245116756&correlator=2402536134404472&eid=31080078%2C31079233%2C31080020%2C31079525&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fif&iu_parts=4905536%2CHaiBunda_desktop%2Cmedium_rectangle1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x500&ifi=5&didk=1968349719&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702273056545&lmt=1702273056&adxs=1039&adys=2602&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&psz=300x-1&msz=300x-1&fws=512&ohw=0&ga_vid=1929531125.1702273056&ga_sid=1702273057&ga_hid=660709581&ga_fc=true&dlt=1702273055155&idt=1358&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat%26Keyword_tag%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&adks=1377007868&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bf6fd0bbc99a050aa915152a3ece84bfead60c932e3416a3f9b2899f67ba6e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12632
x-xss-protection: 0
google-lineitem-id: 6367439002
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138443759012
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 896ms
895ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4319395245116756&correlator=2402536134404472&eid=31080078%2C31079233%2C31080020%2C31079525&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fif&iu_parts=4905536%2CHaiBunda_desktop%2Cmedium_rectangle2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=6&didk=381992420&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702273056547&lmt=1702273056&adxs=1039&adys=3263&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&psz=300x-1&msz=300x-1&fws=512&ohw=0&ga_vid=1929531125.1702273056&ga_sid=1702273057&ga_hid=660709581&ga_fc=true&dlt=1702273055155&idt=1358&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat%26Keyword_tag%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&adks=2988087650&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8fd3e69d29bfaad07b5b7a0da28711326d2851e53a7744da030fc2e2521cab3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11388
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 773F 6 KB
3 KB 147ms
31ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 05:37:36 GMT
expires: Tue, 10 Dec 2024 05:37:36 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 35ms
35ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-891770-244&cid=1929531125.1702273056&jid=200063874&gjid=1224260808&_gid=1710171754.1702273057&_u=YADAAUAAAAAAACAAI~&z=1969500780

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 11 Dec 2023 05:37:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 304159643041671 Show response
connect.facebook.net/signals/config/ 135 KB
36 KB 82ms
81ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/304159643041671?v=2.9.138&r=stable&domain=www.haibunda.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d6cd0567de90117a36966d71f4cd44e4a23b7cf717e18dd4bfdd3bfef394407d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 11 Dec 2023 05:37:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: JhvR5Cbsk8t7DekI6L+S6hIfZCYQyTytGB8dOCC869JsJDXVT5DTV2XEm+bseDgFlLhz/xpUlzi1FBkcQOjZvA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 webid
mcs.tobsnssdk.com/ Frame 0
0 226ms
168ms Preflight 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/webid
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haibunda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Mon, 11 Dec 2023 05:37:36 GMT
expires: Mon, 11 Dec 2023 05:37:36 GMT
pragma: no-cache
server: TLB
server-timing: cdn-cache; desc=MISS, edge; dur=153, origin; dur=6 inner; dur=2
upstream-caught: 1702273056763879
x-akamai-request-id: bd23220b.4785bd3f
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-cache-remote: TCP_MISS from a23-193-104-216.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-origin-response-time: 6,23.193.104.216
x-parent-response-time: 157,104.126.37.124
x-tt-logid: 202312110537359709829D48DEC807AAF3
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea005d3f9fe50253a23474beafc4021ad56c936d65b42bdc8de095344c267009c631905fbd499bb34c8e574b4ce70955cb5f50c6974b2b1d69e0ed520caf123293bb458f9c73fc1674600f513225f8a657561a489b23f9ae6699759ca1aea95dacd8
x-tt-trace-id: 00-2312110537359709829D48DEC807AAF3-4C63F49B42438A29-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H2 200 webid Show response
mcs.tobsnssdk.com/ 38 B
955 B 193ms
193ms XHR
application/json 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/webid
Requested by: Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: d7f8499000f0bc1d83a98757bf2b85689e8a2277b1f2d20500ec4aa2d96853f1

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: bd23264d.4785bff3
date: Mon, 11 Dec 2023 05:37:37 GMT
upstream-caught: 1702273056931360
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312110537359709829D48DEC807AB3B-4C63F49B42438B5D-00
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 183,104.126.37.124
server-timing: cdn-cache; desc=MISS, edge; dur=154, origin; dur=30, inner; dur=24
content-length: 38
pragma: no-cache
server: TLB
x-tt-logid: 202312110537359709829D48DEC807AB3B
x-cache-remote: TCP_MISS from a23-193-104-216.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-max-age: 1800
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 30,23.193.104.216
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea005d3f9fe50253a23474beafc4021ad56c936d65b42bdc8de095344c267009c631905fbd499bb34c8e574b4ce70955cb5f50c6974b2b1d69e0ed520caf123293bb458f9c73fc1674600f513225f8a657561a489b23f9ae6699759ca1aea95dacd8
expires: Mon, 11 Dec 2023 05:37:37 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 155 B
480 B 182ms
116ms XHR
application/json 2a04:4e42:200::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=haibunda.com&domain=haibunda.com&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 521b85d1f469b065e20cf6f4cef8ba702fa2995fccefbc845626fdfbb76cbe83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 11 Dec 2023 05:37:36 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 121
x-served-by: cache-fra-eddf8230028-FRA
x-timer: S1702273057.687884,VS0,VE109
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sat, 09 Dec 2023 05:37:36 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 93C8 4 KB
1003 B 84ms
22ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600&display=swap

Requested by

Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/berbuatbaik-id/channel-box-embed-13.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a0a7bbb6080642db26b792d41d2cb6bf7123ecee3247e2fbcde39e5498851f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.detik.net.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 05:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 04:07:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 05:37:36 GMT

GET
H2 200 style.css
cdn.detik.net.id/berbuatbaik-id/cb/css/ Frame 93C8 44 KB
9 KB 180ms
179ms Stylesheet
text/css 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/berbuatbaik-id/cb/css/style.css?time=20231101

Requested by

Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/berbuatbaik-id/channel-box-embed-13.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

ad04c06e7bfd1056c2f5870ba16c2f2c24ec1f2b28d57d887fcdb26db9093865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.detik.net.id/berbuatbaik-id/channel-box-embed-13.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 01 Nov 2023 07:29:46 GMT
server: st1
content-encoding: gzip
etag: W/"6541fe6a-afae"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1;mode=block

GET
H2 200 gtm-channelbox.min.js Show response
cdn.detik.net.id/berbuatbaik-id/cb/js/ Frame 93C8 176 B
437 B 180ms
179ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/berbuatbaik-id/cb/js/gtm-channelbox.min.js

Requested by

Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/berbuatbaik-id/channel-box-embed-13.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

5b44d673c9f04283b7424a61005b34394ba22ef7f397c42a5758941ac4714a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.detik.net.id/berbuatbaik-id/channel-box-embed-13.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 16 Aug 2023 04:41:14 GMT
server: st1
etag: "64dc536a-b0"
cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 176
x-xss-protection: 1;mode=block

GET
H2 200 thumbnail_peliknyaperjuangananak3tahunderitaautoimungerdkronishinggabocorjantung_1700037005.webp
akcdn.detik.net.id/ct-arsa/ Frame 93C8 5 KB
5 KB 205ms
190ms Image
image/webp 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/ct-arsa/thumbnail_peliknyaperjuangananak3tahunderitaautoimungerdkronishinggabocorjantung_1700037005.webp

Requested by

Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/berbuatbaik-id/channel-box-embed-13.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

4a9b77851826caeb54c0bed97fc20fab4c1c697bbc210adb08aa47ca82f1c295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.detik.net.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st4
server: st8
etag: "cf965acabc6e249296251b1ba566de7fd26500ed"
cache-status: HIT
content-type: image/webp; charset="utf-8"
cache-control: max-age=315360000
content-length: 5064
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 thumbnail_tubuhkecilamartegardiderakelainanjantungusushinggalambung_1700804060.webp
akcdn.detik.net.id/ct-arsa/ Frame 93C8 4 KB
4 KB 205ms
190ms Image
image/webp 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/ct-arsa/thumbnail_tubuhkecilamartegardiderakelainanjantungusushinggalambung_1700804060.webp

Requested by

Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/berbuatbaik-id/channel-box-embed-13.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

d8cb32ad4280e70dcd9168e2ea3a7b3c1cf2f5955959b69f9648aae9485ba576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.detik.net.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
middle-cache: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st9
server: st8
etag: "4dfdee7340ea8e3a5ddbad986805b1f563c789e7"
cache-status: HIT
content-type: image/webp; charset="utf-8"
cache-control: max-age=315360000
content-length: 3702
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-berbuatbaik.png
cdn.detik.net.id/berbuatbaik-id/cb/img/ Frame 93C8 14 KB
15 KB 179ms
179ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.detik.net.id/berbuatbaik-id/cb/img/logo-berbuatbaik.png

Requested by

Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/berbuatbaik-id/channel-box-embed-13.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

b05831cefcbe7bd3df947cb7d1b88b0c1604bcb04227b23b77b2396ac986f267

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.detik.net.id/berbuatbaik-id/channel-box-embed-13.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Mon, 30 Oct 2023 10:04:56 GMT
server: st1
content-encoding: gzip
etag: W/"653f7fc8-3973"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block

GET
H2 200 iframeResizer.contentWindow.min.js Show response
cdn.detik.net.id/berbuatbaik-id/cb/ Frame 93C8 13 KB
5 KB 179ms
179ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/berbuatbaik-id/cb/iframeResizer.contentWindow.min.js

Requested by

Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/berbuatbaik-id/channel-box-embed-13.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

115f4854ff657ac1c116497f31f64731ccf9c7e9b7ef89226bd4dd06ae00a982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.detik.net.id/berbuatbaik-id/channel-box-embed-13.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 08:44:13 GMT
server: st1
content-encoding: gzip
etag: W/"64c37fdd-3476"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
232 B 49ms
8ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.haibunda.com
date: Mon, 11 Dec 2023 05:37:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 73ms
25ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-891770-244&cid=1929531125.1702273056&jid=200063874&_u=YADAAUAAAAAAACAAI~&z=2102177409

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 33ms
33ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-891770-244&cid=1929531125.1702273056&jid=200063874&_u=YADAAUAAAAAAACAAI~&z=2102177409

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.haibunda.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.haibunda.com%2F&rid=esp&cc=1

85 B
193 B

113ms
113ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.haibunda.com%2F&rid=esp&cc=1
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 36ab4f5165cb8011c0d41590d2f97a714b1a0672ffb9c05307c1186e3ae126c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-JuR5kJtjR9/hnW8BCgf0OC0rQ3Y"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 11 Dec 2023 05:37:36 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.haibunda.com
location: /esp?url=https%3A%2F%2Fwww.haibunda.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9FCD 15 KB
6 KB 44ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.haibunda.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.haibunda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 05:37:36 GMT
server: Kestrel
server-processing-duration-in-ticks: 247486
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
336 B 107ms
31ms XHR
application/json 54.220.142.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.142.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-142-223.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ae204700d844b5119226f09d1573017f6838a59f632fc8d2db64c6cd95494208

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:36 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache
x-server: 10.45.16.177
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 32ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=304159643041671&ev=PageView&dl=https%3A%2F%2Fwww.haibunda.com%2F&rl=&if=false&ts=1702273056715&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702273056715.804147843&ler=empty&it=1702273056616&coo=false&rqm=GET

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 11 Dec 2023 05:37:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 32ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=304159643041671&ev=ViewContent&dl=https%3A%2F%2Fwww.haibunda.com%2F&rl=&if=false&ts=1702273056716&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1702273056715.804147843&ler=empty&it=1702273056616&coo=false&rqm=GET

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 11 Dec 2023 05:37:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9FCD
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=haibunda.com&sn=ChromeSyncframe&so=0&topUrl=www.haibunda.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=F2piUHxlT01ldEdvNFNvcWxQTGQvUWVSeTAxMzJCNk5aWG1GcXpKT1FQa2RhSkI4NzJObzlpRFNHUUFnbi9xNEdhNXFZU1Z5UmkrNzJyS2hyeXBOQzVYNktiK3pIbjYyeDZDMWpsUHFoYVZaTElEbWJCVElzMjcxWTFybj...

428 B
656 B

15ms
14ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=F2piUHxlT01ldEdvNFNvcWxQTGQvUWVSeTAxMzJCNk5aWG1GcXpKT1FQa2RhSkI4NzJObzlpRFNHUUFnbi9xNEdhNXFZU1Z5UmkrNzJyS2hyeXBOQzVYNktiK3pIbjYyeDZDMWpsUHFoYVZaTElEbWJCVElzMjcxWTFybjU0ODFzSGc1YVBiNUhZeGdYbnJnZ01RSE5lQWg3WUIyS0t5dVBsajdWcW9HVHFOcGZlckJQeXppMWpkTEVrWFNzVGRaeVZuR3NxejFtSUg5cmN6YTFSeG9kMWNVM0JWWHpJakM3amdHbXltRkJWS1dpSjlsVThRTm1UWGozay93d2g4VWd4STJwbXhiYmErL3V6VytSR3YvcnhsenAwRmdxR3g3TnlDcHVWdWNzTWQ5NXlQND18&cppv=2

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8c22f613281c06566d5c3e4b4719907ddf71ba50fb8a0471ecfbe613708077d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:36 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1119724
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:36 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=F2piUHxlT01ldEdvNFNvcWxQTGQvUWVSeTAxMzJCNk5aWG1GcXpKT1FQa2RhSkI4NzJObzlpRFNHUUFnbi9xNEdhNXFZU1Z5UmkrNzJyS2hyeXBOQzVYNktiK3pIbjYyeDZDMWpsUHFoYVZaTElEbWJCVElzMjcxWTFybjU0ODFzSGc1YVBiNUhZeGdYbnJnZ01RSE5lQWg3WUIyS0t5dVBsajdWcW9HVHFOcGZlckJQeXppMWpkTEVrWFNzVGRaeVZuR3NxejFtSUg5cmN6YTFSeG9kMWNVM0JWWHpJakM3amdHbXltRkJWS1dpSjlsVThRTm1UWGozay93d2g4VWd4STJwbXhiYmErL3V6VytSR3YvcnhsenAwRmdxR3g3TnlDcHVWdWNzTWQ5NXlQND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 297749
content-length: 0
expires: 0

GET
H2 200 container.html Show response
a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E8FE 6 KB
3 KB 24ms
24ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 05:37:36 GMT
expires: Tue, 10 Dec 2024 05:37:36 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 93C8 235 KB
74 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WG2CB3N

Requested by

Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/berbuatbaik-id/channel-box-embed-13.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3143257f68ce1f7f3581f23e7b05f3d3969e238272b62d5526e9b33d4ebf49a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.detik.net.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75389
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Dec 2023 05:37:36 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 93C8 32 KB
33 KB 46ms
13ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cdn.detik.net.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:18:49 GMT
x-content-type-options: nosniff
age: 166727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 07:18:49 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F838 624 B
826 B 89ms
54ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIKjsPsBMAE&v=APEucNXCurJfhyrUIoIN63_ZdSFjiYSq3iJ3HFDviArv2pnPR1JPiB2ZBGGQ4wB2Th6lqjocyllCCTbh9AhdDmImSRtYlbd5ZUFuluiEJvYSEKZ-pbhRyRP9978GpQnB0pK9s4s68mxt6ZBlajbRvrhqikX4ycgu47rNR2mQ8q9B67XzhI6OJuU

Requested by

Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 05:37:36 GMT
expires: Mon, 11 Dec 2023 05:37:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E8FE 89 KB
31 KB 115ms
79ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 05:37:36 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E8FE 42 B
401 B 84ms
49ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CKfBNLM5tco2oYIClGaY1goRpi3uP32ok0XKyP-O_JJnUiPN6J-lJAKCaTcKf5vFRne9-v7IClX3SNQr-tZmpRH2jWG2BC4CTYq90GyxZ0pyvbtfo

Requested by

Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame E8FE 3 KB
1 KB 51ms
16ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:08:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44922
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 17:08:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame E8FE 20 KB
9 KB 49ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 20:42:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E8FE 202 KB
64 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 05:37:36 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F838
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnzIwJCcOCha_RwqMqzYnA&google_cver=1

43 B
766 B

20ms
20ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnzIwJCcOCha_RwqMqzYnA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIKjsPsBMAE&v=APEucNXCurJfhyrUIoIN63_ZdSFjiYSq3iJ3HFDviArv2pnPR1JPiB2ZBGGQ4wB2Th6lqjocyllCCTbh9AhdDmImSRtYlbd5ZUFuluiEJvYSEKZ-pbhRyRP9978GpQnB0pK9s4s68mxt6ZBlajbRvrhqikX4ycgu47rNR2mQ8q9B67XzhI6OJuU
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L99btcXCbfL9rnvcN6FwhOIuSK1Qz9oXaGrrGF4gz2A5bXZ3L2ip37sJtkPHanmCT%2BG8hSxx02KeMUnw1Up24RpIYzZs01OgGe2Gfg7e4K0vEE69bOcykXTtoWONvYGoaGb9cGS53Dwu%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 833b606e59612bb8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnzIwJCcOCha_RwqMqzYnA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F838
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXagIMQyfDFZP2f4ba9OYQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnzIwJCcOCha_RwqMqzYnA&google_cver=1

43 B
734 B

20ms
20ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnzIwJCcOCha_RwqMqzYnA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIKjsPsBMAE&v=APEucNXCurJfhyrUIoIN63_ZdSFjiYSq3iJ3HFDviArv2pnPR1JPiB2ZBGGQ4wB2Th6lqjocyllCCTbh9AhdDmImSRtYlbd5ZUFuluiEJvYSEKZ-pbhRyRP9978GpQnB0pK9s4s68mxt6ZBlajbRvrhqikX4ycgu47rNR2mQ8q9B67XzhI6OJuU
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gChxPUrmthdY1Zkt2ik8eJr1Mzw32zG%2FDDu7DsVXl0%2FWSgHBnWmAvYJVTxTwhNu7j0XBrUrfjmF4n43tCDCzn2ABmzfMDH5%2F7lGwuSsMiZjUJxluJldqNjy434wOh9uhUBs8IOztRLunSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 833b606e99a02bb8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnzIwJCcOCha_RwqMqzYnA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame F838
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDqz4X3gNoJm2EgUFtNjKW8&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDqz4X3gNoJm2EgUFtNjKW8%26google_cver%3D1

43 B
892 B

15ms
14ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDqz4X3gNoJm2EgUFtNjKW8%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIKjsPsBMAE&v=APEucNXCurJfhyrUIoIN63_ZdSFjiYSq3iJ3HFDviArv2pnPR1JPiB2ZBGGQ4wB2Th6lqjocyllCCTbh9AhdDmImSRtYlbd5ZUFuluiEJvYSEKZ-pbhRyRP9978GpQnB0pK9s4s68mxt6ZBlajbRvrhqikX4ycgu47rNR2mQ8q9B67XzhI6OJuU

Protocol

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
an-x-request-uuid: fe217d10-b217-4fab-8160-4337e6b0b1e8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 37.58.58.246; 37.58.58.246; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
an-x-request-uuid: f9973aaa-5e1b-434a-b11e-3a20b2ecb242
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDqz4X3gNoJm2EgUFtNjKW8%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.246; 37.58.58.246; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F838
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg5MjY1Mzg5NjU2NzkyNjU4Mg%3D%3D

170 B
188 B

23ms
23ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg5MjY1Mzg5NjU2NzkyNjU4Mg%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
an-x-request-uuid: 22a757df-d0cc-4872-9582-94d528b09844
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg5MjY1Mzg5NjU2NzkyNjU4Mg%3D%3D
x-proxy-origin: 37.58.58.246; 37.58.58.246; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame F601 0
167 B 58ms
18ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haibunda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Mon, 11 Dec 2023 05:37:37 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E8FE 0
58 B 50ms
50ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5910348782014&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E8FE 0
56 B 49ms
49ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5910348782014&version=m202309260101&ct=76&x=1&cor=18132638745087222000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E8FE 110 KB
42 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AJqebtQIMiOGrkCwsOOlb35zL6qUSAP7X2Z0rydJhu06Zqkgz3tGjIPxDm-lMqm1NYob0ivTRc2AByu4n42IUsBnVTn3ohOjeSP3OtWDSEb7sN8hTdI04M5POFz84lf4VXq8I9hAqRt6gfpNEPP2w-BynmBB-_L2F4WfawszKymI7Eo40&dbm_d=AKAmf-BEm9kM_DxyGMqxOC0pmbWvc_pxVmVd902ZNSTvQeUF1gl7Ft4i_j5nH1j78kQv724ioUY6c45sB-I1khKtjDX6cMCDKabPAuM1f29-rJwLhYfb50mZZc7SP3rx5q5zKx5Rj78JZDGIlqi_qWsU2odzEv4WcZpgC-QNRQ8X498uVbiwsLeClKX2jkK6Q4PSJmuIFqUT50v5Qi5lhwXELVYPMHJlA-OVsjOz50fJ8bYcKIOUghLBpYtad-T23nH6WeL2XNtcCg2HKnyVyWylN4adYi3kfPk1lJ9ioEeFLCZXPmn4-LEltrXTkL8iKOEovsZA2-gPLXvjAAgTZ5OtF8XltxFiAw9y6m9yWnezAZa_ib3G1zLmiyMEzq3RBOFCn-VNiWL_aRDtk-dE934oZj8OK0m1HJmT5ygSShpKD_fkqQIFB50xQjmrFUaQ1kK3RvbFspYbWTJFRZVeseKS7EYJiZksy_m9zYZsrdgHR1-JZMQD2NjmdOj_MoUyou5vwrbN1eLR7a7yhOp0Hc_o0GIpGN-LjTNwiuMbJCMWSlpJ5f5UJd6OBaowKTAsbOuaKmakJNGDLW5Heu8KXrjA17bUaD9cucUYWu5BtWCEVY7bWS6LdHKS1HCAUpeVCmgoKgcGtj59QNhIWWMZSdQeGNm5qnOTM-gFo0YGISK2PPfNKzdjT0tKsAzrQVXyaf8_5yOs28rGxrXHE6dsFlcAqmID4sdj4hX8ZGF1yU9oDZs-zv_9jcmCvzO_qAoO9qlFoipn9bRfzbY58vDlaXNSj-CveroN-E6JzJhBz2XUrItzYL_0rAI2iAG72ebtASB6LDKP1Dfq3K6evjsTyiGpYvWl_0GZvfL8NDRmmh3ZuyUoqBWSJBs2HHYFpsOp9YSTv-WXdcG5A8_DD7iwnmCogbwQwhWqXRe4QlKqIS5ToNwEsZTgKMmQ1CHjRZC0Z5hAiANKPrb3d0CVdl_ZsIvAB9fcsn3UY9i81jw3K0sZvxlr-yq8xT6YzLoWbZ8MEy-x6jKRvIc831j9Jwu7Kgpt6nwmNdJxKIoas1PbxZ1qbUGscJoF8gsXCewDAMXhXS-jXx5h1U7_dLvfL39q0fUPj56O2yvbs4epTJpvBo3zK92sInCrQyMDpIPnk54f1jOxqRuvgiyOGoVQu3vHUki1fEQgUycSw9o3kIJRG2zzSulbnoCd8Ttc_bWbIwbbNhkgkdb0iVEelfGnFlbKR4PyQBq4Ia2JN1EzWVqSbh6kNb8wJvqclJAoSwPTKyCHAA_bZ3juaa_6w3kpBbxV4ExEJOsilyN6B0FTudD_U3sw_066ZUWGehiNWLh2Agp8zb0i-76D50MVxXe_6a8itPZqjkTImlANcb_jlZvCHuybvNg9yO1WPuZgCLA9ajvmASHuh2zM-qAAYTKS7EK4nxVQ-bNMr4qKqqEWalvHRzkfTuxTQnu1Cs8Cz-LdPxhp02et1YKMyuJZr0aboS0IuaK2iiKvtGHu0_eEJGz-R1Aai4oCwGEdtVSv5pijziZuwWyTo9-FdIJNNUKuCmczQQn4L3J6djluULFW8aCk6kzirCSkYdXIv8hiYPyholguUu1hyiC9p7I0UksYLzVHDlsLkF81dJRIzkGUNfQlSx9x570lLABKuF7HdKGwLin7qvR0XXIXZCMHvCMAXXFeMEA0kmdF84v5BUiLyD-3vT_uFF43BGwWPgR9-npfi5d0_XN_nFirhYMKaRsxb7ShkVUSnlO1rSqEAi5XfqAXjhgWHDXv2Ch492NFrIRQ0-6rNjHR3dYZAjAqiFWILJVK0Mn0B0jm_LDVz_eiNjpxCwzIc9n4xm_vpN9DdfEZJzeYxKaJLydLUYbaSseqwgE_8j4X1nrzrAY7mD0cJMZ2G4Pv1KXqETtjnKY-N-wWAB4jBD_aX2uZaX2nWfDKuqfVL4zRmyaiHBSIj6m3EdEUjabWncLyHHp_qgC6yO6Bxb3R-l6pumX0QRrEYRW4PYabrudXPU17BgTDxfCen-ttmWmqfLU5g8IyHOGyEnfT7RYIpdl4qpzsCViRnN8QJRb-AnYclB9KhpIstjA34aEP2ZGvqbyMh_MB8PyiOSSZxVaiG1tEUO3966HOA5yKboArDMqphCvzv_Ps_SczblfnwD2_LRzVMtqKCwKvGNgve4EBPn011Hg6zQWrsLkHBpHCsEZ910j0awtFxN2Q1OJ3ZD_z2t-QoHORTRoEF_2TtFaxHXkO93V7Lsi0xmXKQ0pUm_SfzXDZxf2d-fi4Plw464BH_k-25OVo_yVrdN86jBtRXEXc86bY1Ykdg11-8mPu8ZNEixGiLBHa8m5MJPs0XnXq-uJX-r9n0HRoHe2u36aVC-PfKdoYjaIW-SLmrio6k8L8_mp7FMpLIXtghNGNYiQjW8b8ZVGno6osk0Si7usn_RgiiJdlrfhqAwI00o4g-GDQ3F_P3x1zqF7hGe5ha8cJouXl8zDDlsToA-zFLXQL7g09uCkdqm_DxgnkRWoD0Gk9SuGAAeeD2vSW1H-VfVBziPvzNQWzFshnj_K2zpZKHYwz1EX6F0Axxa0A5OloqwJ7GNZ-9mLQ56bV8tuBY9tVPbOjf9a5XOZFglLI2Kjmn7jbq5ep9GdC6JXl4Rm8OYXMud0a5RfrSqjFdeTJvxKghVGmPQ6IX_3PZx8G83g6VI0tTi-JSjhoRKNbF31fwygRVRaRpBmTWXjr6tUxBTpssfgGMblopv1gw7VEiG7EqVgDTwPQjc9CEJjAzBD8LtA8NfQILSNIfwdIIsPK-8RWKYzAu1Xx3o1Gxdyi3-S4_Tp50HsHFjWo8jYwpsJ6zqrjTQJtRTfGQGy-ll4E8JSXAIdtqwkXtTe__vSMj523vghBT5_XyYQgY-TYZfvly_8Ubra4oJ9ubd_5em0GQU2Inr2hpmYomMiUh2f4ed3IIvRtV0lTemsVxGHY7nGwDnjzSbLEzwebWqljo--RAcODbC9TEQ8hBWk77MoeEa1ZxJfDf5KGnKckuIiTZG4Jay5KpsmVZnaueVLGGMwjVQac4Qh1LEkNPUgHt4o6bPK0mcyFmkLQEp59Ky8QZE1lVBBV_1tK4kHY7P9d7hfjVwJ4Hi5ll5-NXJxAeqHJlGQ_g_nBhbjAyEiCDf3MFapBYE8yaii9UCU8KkZQ7yvPpxww8dk8NClB8SDphgx8X7rwPbqu0BdG3XfvPQwLFzexQs23VyydkRHyuxV2RD83lqOziMzLD7fBSj-cPCCrE15uI8t02JVsfrc_s2OHybKQIkOlKYIy3DXI1dOG75yT1-uh26lMr7wvbyEr637ImG0ndrAo-6SAEgludVLKywkTeSDOvxlhRc5Y-WBnWq4jQHJStn8i-vd-CsM6ALwXP6zPYdtwbbFb7budTVclQe91g4JOs2SR5IdYIbpAgDg8o68zkhqVdHqQQZehHSoAXrpOjl7g6vZ9uDpsv7sHopuFBQOpjRqrIiq23CghJWxhJudGENK7vki1udStLBMxD3-icr4L8eHR2-k52TGNjg9PjVfz5_rlfnJugIqKZpwThYr75beO1RoumN-vc1JGlu0Dwl4B2eHHykvk3GMveFG7qQZUO6Icllm27cqceilLTKW_Dau22ICopSmm8UbbnC8x05rogb-WzaK0Mig4p9CzuWE402TRWNUO_uAkgI5LnL5vcHyd0k3hhrGNa_XOXeqMOyx1a90lUnB6L7u6Yi-KrYPkXBUhnjyVyNcZX2HNtENJn9dJD0sORrWbzt8RynE9A1LaDzWGVAPDqKv2QSYIz7MXAOj6IoGUCN7vHNBd4sKdxmELbHAO1vHGgQfIzRZZTkfqrvlYT7WKefQMXUTpiABQuc8fw_S1L5mWzIWM2yZC0mGzRxYWpLtToxIhsd-VWbxOjxjrGSWKOe1siw6XppE-_-OqMdTGpbx2cTETxG0XxRUmj-JEEyyxsU6oEmamQRJqYOW0WIBFhL8zLFaT32Atef4YlShE_FiMZLUmCYZrFPJT8KlfnpX2HPFCYDMIZvOIaHV5O3eO-jBYOBmo5ukL2PBgjDbT7A&cid=CAQSTgDICaaNN8_Vmbq2OV7TEMIqX-EZJ0bpWreEyfBEI2wE9tE2BVb_DqaChhKs95uZN2_QX7u5vPkl411m9oHha2WieHg-3PEYp43lLU_1cBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.haibunda.com%2F&ds=l&xdt=1&iif=1&cor=18132638745087222000&adk=250412561&idt=128&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c12803520c7a797de6491d1f3630c4abca9996fe513fc26535a1643cb925184e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42804
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
toblog.tobsnssdk.com/service/2/abtest_config/ Frame 0
0 168ms
167ms Preflight 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://toblog.tobsnssdk.com/service/2/abtest_config/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haibunda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Mon, 11 Dec 2023 05:37:37 GMT
expires: Mon, 11 Dec 2023 05:37:37 GMT
pragma: no-cache
server: TLB
server-timing: inner; dur=5 cdn-cache; desc=MISS, edge; dur=0, origin; dur=160
x-akamai-request-id: 4785c2d7
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-origin-response-time: 160,104.126.37.124
x-tt-logid: 20231211053736DEDE7CED274632D92023
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134562122c7fe03a408df230670f3dcd326d24c75ff9a3cbe7467ae68912560e2af1a6fce18f1db2265d38ded0fdc7c1290da2f1929df04427f86d897d2293e8c3e4
x-tt-trace-id: 00-231211053736DEDE7CED274632D92023-6E520BDB3C5598C3-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

OPTIONS
H2 200 list
mcs.tobsnssdk.com/ Frame 0
0 162ms
162ms Preflight 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haibunda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Mon, 11 Dec 2023 05:37:37 GMT
expires: Mon, 11 Dec 2023 05:37:37 GMT
pragma: no-cache
server: TLB
server-timing: inner; dur=1 cdn-cache; desc=MISS, edge; dur=2, origin; dur=154
upstream-caught: 1702273057131376
x-akamai-request-id: 4785c2f8
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-origin-response-time: 155,104.126.37.124
x-tt-logid: 2023121105373689FB38478B6603E94CF8
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134536f1c6955a817d45ede27532755ae399ac171b363645f1c5302260358438947f57eb46d888a459f6b36343932c82c66b8e3a916d29dd74b74fc33cdd814bdb8b
x-tt-trace-id: 00-23121105373689FB38478B6603E94CF8-173E638292ACB7E7-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H2 200 / Show response
toblog.tobsnssdk.com/service/2/abtest_config/ 366 B
1 KB 177ms
177ms XHR
application/json 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://toblog.tobsnssdk.com/service/2/abtest_config/
Requested by: Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: d291ea326fd2d8b5f194ae98b2891b6aec54f066adddd6ab99ffaccde0bc0685

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: d33810ed.4785c4ff
date: Mon, 11 Dec 2023 05:37:37 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231211053736A10877EA6A66B404DF5F-65A55D733BD2B813-00
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 169,104.126.37.124
server-timing: cdn-cache; desc=MISS, edge; dur=153, origin; dur=16, inner; dur=11
content-length: 162
pragma: no-cache
server: TLB
x-tt-logid: 20231211053736A10877EA6A66B404DF5F
x-cache-remote: TCP_MISS from a23-193-104-215.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,23.193.104.215
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea005d3f9fe50253a23474beafc4021ad56c2cf14fa6d49d54f3316d2ac48994b45c0fd738891a7cf79bd4c02235d4d5f46dedb87382f31b79d2d80fd89da28a8d505688105156204ef893cce640cf5647995e6bd756e88e5e3772c1cb204884773e
expires: Mon, 11 Dec 2023 05:37:37 GMT

POST
H2 200 list Show response
mcs.tobsnssdk.com/ 7 B
776 B 167ms
167ms XHR
application/json 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Requested by: Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: 4785c50f
date: Mon, 11 Dec 2023 05:37:37 GMT
upstream-caught: 1702273057294675
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121105373689FB38478B6603E94D1A-173E638292ACB87F-00
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=0, origin; dur=160
content-length: 7
pragma: no-cache
server: TLB
x-tt-logid: 2023121105373689FB38478B6603E94D1A
access-control-max-age: 1800
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 160,104.126.37.124
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134536f1c6955a817d45ede27532755ae399ac171b363645f1c5302260358438947f121997c5666bd9f1eff27a93e8b1a0c65ce26de6a90052a613fd0eb540d265fe
expires: Mon, 11 Dec 2023 05:37:37 GMT

POST
H2 200 list Show response
mcs.tobsnssdk.com/ 7 B
777 B 192ms
191ms XHR
application/json 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Requested by: Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

X-MCS-AppKey: 566f58151b0ed37e
Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: 4785c555
date: Mon, 11 Dec 2023 05:37:37 GMT
upstream-caught: 1702273057325836
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231211053736AFF860857815D5E13C90-7DC572206476AC48-00
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=14, cdn-cache; desc=MISS, edge; dur=1, origin; dur=183
content-length: 7
pragma: no-cache
server: TLB
x-tt-logid: 20231211053736AFF860857815D5E13C90
access-control-max-age: 1800
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 183,104.126.37.124
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134536f1c6955a817d45ede27532755ae3998989e55f2d1da7ca4756471d901a6134ee02bd564bbee3103a7d710e191e9bbdbaa091cb8cc796f9c24f03914d597de8
expires: Mon, 11 Dec 2023 05:37:37 GMT

OPTIONS
H2 200 list
mcs.tobsnssdk.com/ Frame 0
0 174ms
174ms Preflight 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-mcs-appkey
Access-Control-Request-Method: POST
Origin: https://www.haibunda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-mcs-appkey
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Mon, 11 Dec 2023 05:37:37 GMT
expires: Mon, 11 Dec 2023 05:37:37 GMT
pragma: no-cache
server: TLB
server-timing: inner; dur=2 cdn-cache; desc=MISS, edge; dur=0, origin; dur=155
upstream-caught: 1702273057159093
x-akamai-request-id: 4785c358
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-origin-response-time: 155,104.126.37.124
x-tt-logid: 20231211053736AFF860857815D5E13C6B
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134536f1c6955a817d45ede27532755ae3998989e55f2d1da7ca4756471d901a6134fd22952f1d0fc3ebb6abc5f56572f6b7c47265b98e4deef07eb6c39f24a5ab70
x-tt-trace-id: 00-231211053736AFF860857815D5E13C6B-7DC572206476ABB4-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1742739/75943806/ Frame E8FE 255 KB
77 KB 130ms
40ms Script
application/javascript 63.35.106.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1742739/75943806/skeleton.js?ias_dspID=3&ias_campId=1014501235&ias_pubId=pub-0428516164225172&ias_chanId=1&ias_placementId=20574793325&bidurl=https://www.haibunda.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iIPsK9TnRLhdzjAyQxNM3x
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.106.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-106-187.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c7250395f87e5a28fc6401a6782a5a0a8211bb6efcc9722bd6821fa48d2cda98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame E8FE 172 KB
61 KB 48ms
14ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
Origin: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 11:58:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63542
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Dec 2023 11:58:35 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame E8FE 11 KB
4 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AJqebtQIMiOGrkCwsOOlb35zL6qUSAP7X2Z0rydJhu06Zqkgz3tGjIPxDm-lMqm1NYob0ivTRc2AByu4n42IUsBnVTn3ohOjeSP3OtWDSEb7sN8hTdI04M5POFz84lf4VXq8I9hAqRt6gfpNEPP2w-BynmBB-_L2F4WfawszKymI7Eo40&dbm_d=AKAmf-BEm9kM_DxyGMqxOC0pmbWvc_pxVmVd902ZNSTvQeUF1gl7Ft4i_j5nH1j78kQv724ioUY6c45sB-I1khKtjDX6cMCDKabPAuM1f29-rJwLhYfb50mZZc7SP3rx5q5zKx5Rj78JZDGIlqi_qWsU2odzEv4WcZpgC-QNRQ8X498uVbiwsLeClKX2jkK6Q4PSJmuIFqUT50v5Qi5lhwXELVYPMHJlA-OVsjOz50fJ8bYcKIOUghLBpYtad-T23nH6WeL2XNtcCg2HKnyVyWylN4adYi3kfPk1lJ9ioEeFLCZXPmn4-LEltrXTkL8iKOEovsZA2-gPLXvjAAgTZ5OtF8XltxFiAw9y6m9yWnezAZa_ib3G1zLmiyMEzq3RBOFCn-VNiWL_aRDtk-dE934oZj8OK0m1HJmT5ygSShpKD_fkqQIFB50xQjmrFUaQ1kK3RvbFspYbWTJFRZVeseKS7EYJiZksy_m9zYZsrdgHR1-JZMQD2NjmdOj_MoUyou5vwrbN1eLR7a7yhOp0Hc_o0GIpGN-LjTNwiuMbJCMWSlpJ5f5UJd6OBaowKTAsbOuaKmakJNGDLW5Heu8KXrjA17bUaD9cucUYWu5BtWCEVY7bWS6LdHKS1HCAUpeVCmgoKgcGtj59QNhIWWMZSdQeGNm5qnOTM-gFo0YGISK2PPfNKzdjT0tKsAzrQVXyaf8_5yOs28rGxrXHE6dsFlcAqmID4sdj4hX8ZGF1yU9oDZs-zv_9jcmCvzO_qAoO9qlFoipn9bRfzbY58vDlaXNSj-CveroN-E6JzJhBz2XUrItzYL_0rAI2iAG72ebtASB6LDKP1Dfq3K6evjsTyiGpYvWl_0GZvfL8NDRmmh3ZuyUoqBWSJBs2HHYFpsOp9YSTv-WXdcG5A8_DD7iwnmCogbwQwhWqXRe4QlKqIS5ToNwEsZTgKMmQ1CHjRZC0Z5hAiANKPrb3d0CVdl_ZsIvAB9fcsn3UY9i81jw3K0sZvxlr-yq8xT6YzLoWbZ8MEy-x6jKRvIc831j9Jwu7Kgpt6nwmNdJxKIoas1PbxZ1qbUGscJoF8gsXCewDAMXhXS-jXx5h1U7_dLvfL39q0fUPj56O2yvbs4epTJpvBo3zK92sInCrQyMDpIPnk54f1jOxqRuvgiyOGoVQu3vHUki1fEQgUycSw9o3kIJRG2zzSulbnoCd8Ttc_bWbIwbbNhkgkdb0iVEelfGnFlbKR4PyQBq4Ia2JN1EzWVqSbh6kNb8wJvqclJAoSwPTKyCHAA_bZ3juaa_6w3kpBbxV4ExEJOsilyN6B0FTudD_U3sw_066ZUWGehiNWLh2Agp8zb0i-76D50MVxXe_6a8itPZqjkTImlANcb_jlZvCHuybvNg9yO1WPuZgCLA9ajvmASHuh2zM-qAAYTKS7EK4nxVQ-bNMr4qKqqEWalvHRzkfTuxTQnu1Cs8Cz-LdPxhp02et1YKMyuJZr0aboS0IuaK2iiKvtGHu0_eEJGz-R1Aai4oCwGEdtVSv5pijziZuwWyTo9-FdIJNNUKuCmczQQn4L3J6djluULFW8aCk6kzirCSkYdXIv8hiYPyholguUu1hyiC9p7I0UksYLzVHDlsLkF81dJRIzkGUNfQlSx9x570lLABKuF7HdKGwLin7qvR0XXIXZCMHvCMAXXFeMEA0kmdF84v5BUiLyD-3vT_uFF43BGwWPgR9-npfi5d0_XN_nFirhYMKaRsxb7ShkVUSnlO1rSqEAi5XfqAXjhgWHDXv2Ch492NFrIRQ0-6rNjHR3dYZAjAqiFWILJVK0Mn0B0jm_LDVz_eiNjpxCwzIc9n4xm_vpN9DdfEZJzeYxKaJLydLUYbaSseqwgE_8j4X1nrzrAY7mD0cJMZ2G4Pv1KXqETtjnKY-N-wWAB4jBD_aX2uZaX2nWfDKuqfVL4zRmyaiHBSIj6m3EdEUjabWncLyHHp_qgC6yO6Bxb3R-l6pumX0QRrEYRW4PYabrudXPU17BgTDxfCen-ttmWmqfLU5g8IyHOGyEnfT7RYIpdl4qpzsCViRnN8QJRb-AnYclB9KhpIstjA34aEP2ZGvqbyMh_MB8PyiOSSZxVaiG1tEUO3966HOA5yKboArDMqphCvzv_Ps_SczblfnwD2_LRzVMtqKCwKvGNgve4EBPn011Hg6zQWrsLkHBpHCsEZ910j0awtFxN2Q1OJ3ZD_z2t-QoHORTRoEF_2TtFaxHXkO93V7Lsi0xmXKQ0pUm_SfzXDZxf2d-fi4Plw464BH_k-25OVo_yVrdN86jBtRXEXc86bY1Ykdg11-8mPu8ZNEixGiLBHa8m5MJPs0XnXq-uJX-r9n0HRoHe2u36aVC-PfKdoYjaIW-SLmrio6k8L8_mp7FMpLIXtghNGNYiQjW8b8ZVGno6osk0Si7usn_RgiiJdlrfhqAwI00o4g-GDQ3F_P3x1zqF7hGe5ha8cJouXl8zDDlsToA-zFLXQL7g09uCkdqm_DxgnkRWoD0Gk9SuGAAeeD2vSW1H-VfVBziPvzNQWzFshnj_K2zpZKHYwz1EX6F0Axxa0A5OloqwJ7GNZ-9mLQ56bV8tuBY9tVPbOjf9a5XOZFglLI2Kjmn7jbq5ep9GdC6JXl4Rm8OYXMud0a5RfrSqjFdeTJvxKghVGmPQ6IX_3PZx8G83g6VI0tTi-JSjhoRKNbF31fwygRVRaRpBmTWXjr6tUxBTpssfgGMblopv1gw7VEiG7EqVgDTwPQjc9CEJjAzBD8LtA8NfQILSNIfwdIIsPK-8RWKYzAu1Xx3o1Gxdyi3-S4_Tp50HsHFjWo8jYwpsJ6zqrjTQJtRTfGQGy-ll4E8JSXAIdtqwkXtTe__vSMj523vghBT5_XyYQgY-TYZfvly_8Ubra4oJ9ubd_5em0GQU2Inr2hpmYomMiUh2f4ed3IIvRtV0lTemsVxGHY7nGwDnjzSbLEzwebWqljo--RAcODbC9TEQ8hBWk77MoeEa1ZxJfDf5KGnKckuIiTZG4Jay5KpsmVZnaueVLGGMwjVQac4Qh1LEkNPUgHt4o6bPK0mcyFmkLQEp59Ky8QZE1lVBBV_1tK4kHY7P9d7hfjVwJ4Hi5ll5-NXJxAeqHJlGQ_g_nBhbjAyEiCDf3MFapBYE8yaii9UCU8KkZQ7yvPpxww8dk8NClB8SDphgx8X7rwPbqu0BdG3XfvPQwLFzexQs23VyydkRHyuxV2RD83lqOziMzLD7fBSj-cPCCrE15uI8t02JVsfrc_s2OHybKQIkOlKYIy3DXI1dOG75yT1-uh26lMr7wvbyEr637ImG0ndrAo-6SAEgludVLKywkTeSDOvxlhRc5Y-WBnWq4jQHJStn8i-vd-CsM6ALwXP6zPYdtwbbFb7budTVclQe91g4JOs2SR5IdYIbpAgDg8o68zkhqVdHqQQZehHSoAXrpOjl7g6vZ9uDpsv7sHopuFBQOpjRqrIiq23CghJWxhJudGENK7vki1udStLBMxD3-icr4L8eHR2-k52TGNjg9PjVfz5_rlfnJugIqKZpwThYr75beO1RoumN-vc1JGlu0Dwl4B2eHHykvk3GMveFG7qQZUO6Icllm27cqceilLTKW_Dau22ICopSmm8UbbnC8x05rogb-WzaK0Mig4p9CzuWE402TRWNUO_uAkgI5LnL5vcHyd0k3hhrGNa_XOXeqMOyx1a90lUnB6L7u6Yi-KrYPkXBUhnjyVyNcZX2HNtENJn9dJD0sORrWbzt8RynE9A1LaDzWGVAPDqKv2QSYIz7MXAOj6IoGUCN7vHNBd4sKdxmELbHAO1vHGgQfIzRZZTkfqrvlYT7WKefQMXUTpiABQuc8fw_S1L5mWzIWM2yZC0mGzRxYWpLtToxIhsd-VWbxOjxjrGSWKOe1siw6XppE-_-OqMdTGpbx2cTETxG0XxRUmj-JEEyyxsU6oEmamQRJqYOW0WIBFhL8zLFaT32Atef4YlShE_FiMZLUmCYZrFPJT8KlfnpX2HPFCYDMIZvOIaHV5O3eO-jBYOBmo5ukL2PBgjDbT7A&cid=CAQSTgDICaaNN8_Vmbq2OV7TEMIqX-EZJ0bpWreEyfBEI2wE9tE2BVb_DqaChhKs95uZN2_QX7u5vPkl411m9oHha2WieHg-3PEYp43lLU_1cBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.haibunda.com%2F&ds=l&xdt=1&iif=1&cor=18132638745087222000&adk=250412561&idt=128&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 20:42:23 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame E8FE 31 KB
12 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 11:19:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 11:19:18 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E8FE 41 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 214349
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:05:08 GMT

GET
DATA 200
OK truncated
/ Frame E8FE 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c99825de0ccd22fd57d3938b950361269d982a204a487087905db129256c3e20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 list Show response
mcs.tobsnssdk.com/ 7 B
776 B 170ms
170ms XHR
application/json 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Requested by: Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: 4785c5c7
date: Mon, 11 Dec 2023 05:37:37 GMT
upstream-caught: 1702273057357321
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231211053736100AC59B33F22FE60F8A-4E6C81DF674BD365-00
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=0, origin; dur=162
content-length: 7
pragma: no-cache
server: TLB
x-tt-logid: 20231211053736100AC59B33F22FE60F8A
access-control-max-age: 1800
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 162,104.126.37.124
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134562122c7fe03a408df230670f3dcd326d3b328521288a7c18a8fdaa6290982e7e6d21f485a5e168d4c3f090a54f6f75287fe02a7ef75dd5d3293bb7a419157133
expires: Mon, 11 Dec 2023 05:37:37 GMT

OPTIONS
H2 200 list
mcs.tobsnssdk.com/ Frame 0
0 166ms
165ms Preflight 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haibunda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Mon, 11 Dec 2023 05:37:37 GMT
expires: Mon, 11 Dec 2023 05:37:37 GMT
pragma: no-cache
server: TLB
server-timing: cdn-cache; desc=MISS, edge; dur=152, origin; dur=6 inner; dur=2
upstream-caught: 1702273057190549
x-akamai-request-id: d3380bf1.4785c3c3
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-cache-remote: TCP_MISS from a23-193-104-215.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-origin-response-time: 6,23.193.104.215
x-parent-response-time: 158,104.126.37.124
x-tt-logid: 20231211053736A874CD0073DA5C00582B
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea005d3f9fe50253a23474beafc4021ad56c2cf14fa6d49d54f3316d2ac48994b45c0fd738891a7cf79bd4c02235d4d5f46df5723862fd808c6ff2d1a7f0ca4524f73c7bd2a2db10bd7df3e21b72fda6547cb8025a130e6384f4b15f71c8de6f5acc
x-tt-trace-id: 00-231211053736A874CD0073DA5C00582B-7338A963546E8943-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E5A0 38 KB
13 KB 14ms
13ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 179509
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 03:45:48 GMT
expires: Sun, 08 Dec 2024 03:45:48 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame E5A0 39 KB
15 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Dec 2024 19:00:51 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13061726057864576226/ Frame B5E4 8 KB
2 KB 48ms
22ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5bed69914098073139a473972c831c73ac758564a3ee6a8fa6d7f0f0e2a7868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2525
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 05:37:37 GMT
expires: Tue, 10 Dec 2024 05:37:37 GMT
last-modified: Wed, 18 Oct 2023 09:56:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E8FE 0
0 99ms
59ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuupjSbtx74Gc-LvDDHPFdUYNkzl080_27XeMQSVKeZESNBoMUGq1BU5-lGHHlHy4HZD_uEVyOkt_YGvHYrKYIvrbdf_12Bk3AgQ1QpQ3Di9s1Z6ytJ0JR49z9BlWv7ii29m_pzy7VmqVCUfzCfbthj3SIRyCyCEDQUA4kcJyYLSxtLEtibsjqoy_DBFzSz7vzduxLJVQhUTgVOQs7fNROZ_Odh8CPDiAa4_DLZXnLtoVXSJv9616eimxJ8xoCsMIyahC2NNORpmjskSuGhwzFNVW4HYxthR_5trnPbqdf1SSd1owo9pBxuWqhzAaa_Loh34vW-IvGiRFeB6lxzHBFZeyP_HfIrQ4G7oxZmXWdLVdAfat1IPGc2f14grihUqCfx7TH5zpJ-KVLIvaIIjwd9cEFZLU9C730iYqd5hjlvD2h0Om3urTSUMth1bSMLIq1DOIdVh8yBbOYAcy1NbfgrD6RNBQY9a9rJiGTxiuyyC1iSkGK3XZEFW9PhmkOGPQh2lmoFYYKyqIIZ2bgmBwyi23A_YKSf9_FIsNgluwJF_5hnqYMzyY6fgjGiF1Bpf0mq68qhlrXl-tqF1Sw0gQZ1HBmIQbXUoZw69moVRnkwmRWFvGM9hcOyPnqGJ_KH1QWxQpZgRGiJfuIGp-3igBhCBzmr1YjO5N72QMPec6GOAr14UhrCjL0KLSlQ6vHK0LCH3GOj51WRMYJfbS6fIsk9L5aS6pXd1pHVt2YrZv5q8Ts27YNiCMgt_tA-GaUQJhFbfsE9RpREgxxX-UYROp_tgH3f9vFupfYksKeJpdmhH7E-vzNUDub64nOvq4geCuogK8_s28Yi74f9w1nJNJSfNR3e7YYSKR6Sb1WeCAX3UhcDsQID5oT8_T7PUqb2ETtBpURjxtc1-GugHziJTV_u6GCER3j-r333yfOARWMwLSb5qy0foYsf52hEsxl-AhpEBNzfJLROFR1EoE_2G0xH6mFoVUUD0GBqc1DhCNqU04b0swDigpEeh_8TTJEDaKSmEcIo-N9xDhWtGlpjGBWvXliPYeEuT2LprJzoWNbhQbCI4RgAAdD37xsc6e5hQLoJHePq3E7Cduvc1nniwawRSsAH_isWHfNE6DXASzRps8O7vfiqKp4oM8Wa5UZwAFIPYK4ssz1KrBTcfvSk5SIWB4tKEmtW__J1Zn4YgjqitXLN2yLcAGhWKbD1-G2SWORsYVz3JjcRlArkOXdgReiYKscI9Yp3Ik5qjC1Im9sAWvLuRK-jtg8vgFonDxp0GjUbD3a8397BefWtL9uzrRZFEIwHLa72DpNAORYYAJ8gKwjRoHcCflgT6zh-6kA32kGGJUyjy7pSf6vvER7afD-RVU9QO0yBl_3sLo7wAhTuULnpjIzdvCUH52HBDwgpOCfqI0euEZc2xWvuop_1wvdJhxgVff14dh9gsVEOvSwDZUKB&sai=AMfl-YSI4u9C6QjYKrOVF5trGDUBtglyqZDFW2fcv_YUEhGUc3AWZr_YLkEH4yAXPBskSAq_yRvTDwGXJNVn4Yn8iunZn51Ll-TTADjb8pzOLIAhmFGugRrZ5au_aEDXJCMk3WSF1PiuLHSMaiBzKsZfyP2nyq0E6KoOx201OWHFClyxIUWFRRlxEdOFMGFBNU_jx5h2DIOzr3s8RlDsam8rQS9HZXRpFsgcLN8m1HT896_z8-EYsPDrEbr7ht_KVBYD48mPQ4fyFN5T04TNRkzCpO9wmCjQcDsOUycoUg&sig=Cg0ArKJSzPPeniumdzINEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=83&cbvp=1&cstd=78&cisv=r20231206.95525&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 11 Dec 2023 05:37:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame B5E4 120 KB
41 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 07:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77924
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Dec 2023 07:58:53 GMT

GET
H3 200 loading.gif
s0.2mdn.net/sadbundle/13061726057864576226/images/ Frame B5E4 9 KB
10 KB 23ms
22ms Image
image/gif 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13061726057864576226/images/loading.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c54d5d4d0ab6332548945e7c2989a8e7bebee9fc4f80c75f5edd76bb2816f566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:51:00 GMT
x-content-type-options: nosniff
age: 258397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9716
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 09:56:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 05:51:00 GMT

GET
H3 200 endframe.jpg
s0.2mdn.net/sadbundle/13061726057864576226/images/ Frame B5E4 23 KB
23 KB 25ms
24ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13061726057864576226/images/endframe.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6515a1567b1770ae5401a7ca4253151880beae199598f425d6201ff1f4a9b6f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:15:14 GMT
x-content-type-options: nosniff
age: 199343
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23179
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 09:56:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 22:15:14 GMT

GET
H3 200 logo-dyson-range.svg
s0.2mdn.net/sadbundle/13061726057864576226/images/ Frame B5E4 1 KB
787 B 14ms
14ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13061726057864576226/images/logo-dyson-range.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad2181475c22168eef94675ffd44c0b3aeed926c3390d64a95be8d042d965fef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177603
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 758
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 09:56:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 04:17:34 GMT

GET
H3 200 logo-d.svg
s0.2mdn.net/sadbundle/13061726057864576226/images/ Frame B5E4 849 B
456 B 14ms
13ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13061726057864576226/images/logo-d.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4ad0a169308b00cb006a1a6a91dae5d80a1b892cc33cfd14d6190280f847c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:34:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205371
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 427
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 09:56:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 20:34:46 GMT

GET
H3 200 logo-dyson.svg
s0.2mdn.net/sadbundle/13061726057864576226/images/ Frame B5E4 2 KB
840 B 14ms
13ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13061726057864576226/images/logo-dyson.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

015c6dd52952e8805142ba09e0f20848d6b6eb54f6119fac32ab84ecfefe6ad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 232131
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 811
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 09:56:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 13:08:46 GMT

GET
H3 200 replay.svg
s0.2mdn.net/sadbundle/13061726057864576226/images/ Frame B5E4 649 B
412 B 14ms
13ms Image
image/svg+xml 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13061726057864576226/images/replay.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47f6d44e65ea780e0e2a75250a8e322dad1203220ab1109750d2da700beaddab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211055
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 383
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 09:56:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 19:00:02 GMT

GET
H2 200 iat-realtime-7.0.11-ws.js Show response
cdn.insurads.com/ 64 KB
16 KB 32ms
31ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.insurads.com/iat-realtime-7.0.11-ws.js
Requested by: Host: services.insurads.com
URL: https://services.insurads.com/init?appId=S9H7OMZB&h=https%3A%2F%2Fwww.haibunda.com%2F&tcfc=1&t=1702273056491
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: c2b126f8cf108b0b24da09947ec0f6ae3d55df120a87e1dd9ab6527fee53fe55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
content-encoding: gzip
cdn-edgestorageid: 1081
x-amz-request-id: XVY63RPQKTKV1SE5
x-amz-server-side-encryption: AES256
cdn-cachedat: 10/31/2023 18:07:11
cdn-pullzone: 55316
x-amz-id-2: OxSGwyV44A+UPoEv0j8nNL559Iq2zLjsX/92R3MyIkAZOVf/S1W6zOzKRs0lP9OafSx5FUrd8OY=
last-modified: Tue, 19 Sep 2023 08:22:46 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "75857c4fac071c7c848bbe0f76263cf8"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 56a941db-1de6-4dd7-bd60-f93546463707
cache-control: max-age=2592000
cdn-requestid: 462b79b6f7687edf7f549df9451b1494
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 iat-1.14.21b.js Show response
cdn.insurads.com/ 111 KB
31 KB 32ms
32ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.insurads.com/iat-1.14.21b.js
Requested by: Host: services.insurads.com
URL: https://services.insurads.com/init?appId=S9H7OMZB&h=https%3A%2F%2Fwww.haibunda.com%2F&tcfc=1&t=1702273056491
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 7fd9a8a8925e61a98a80214ba14b5daccc0c5b0759cb090674d6a9cbd0622b1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
content-encoding: gzip
cdn-edgestorageid: 1080
x-amz-request-id: 1M625MTWYJVVTFSA
x-amz-server-side-encryption: AES256
cdn-cachedat: 11/16/2023 14:35:33
cdn-pullzone: 55316
x-amz-id-2: YK2VTV3z6E03VGtyGJrH4sa520z1LaLKeFwdPjV6fWmxEKxJwAPyHATTc2GsSX6xUGT0TkWHXtA=
last-modified: Thu, 16 Nov 2023 14:34:30 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "c831539692ac529cdb5f6e3fa07d11fe"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 56a941db-1de6-4dd7-bd60-f93546463707
cache-control: max-age=2592000
cdn-requestid: 7c74895f6ffcb9fe7aff8501354b19ac
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 initcb Show response
services.insurads.com/ 138 B
445 B 107ms
106ms Script
application/javascript 18.210.2.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/initcb?v=1.0.12&appId=2414&vId=A4DB29AF5192A2DB&s=2830&fpc=1&nv=1&h=https%3A%2F%2Fwww.haibunda.com%2F&tcfc=1&lts=0&ts=1702273057227&iatId=6d26e0850e76e598547ecb337151d9f4&iatIdB=a23e81c1559bad30a10d932d5b05345d&iatIdM=11111111&iatIdV=1.0&lIatId=0&lIatIdB=0&lIatIdM=0&lIatIdV=0&lch=MMAUOBZIEB
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/S9H7OMZB.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.210.2.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-2-56.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b2be998af7bc5c3d0c2404d79aac315f7827ad228c20a2e282e5088b5d05d09a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript;charset=UTF-8
x-nocache: true
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame 4961 0
0

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/668d5c86-f6d6-4903-9880-988d62c01a9c/ 281 KB
60 KB 54ms
8ms Script
application/javascript 2600:9000:225e:1800:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/668d5c86-f6d6-4903-9880-988d62c01a9c/plugin.min.js
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 152973decff63c8c310e218fb2d74576f80a975a6bea168d044b5eb844f5f5c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:03:12 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 10:22:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 30866
x-amz-server-side-encryption: AES256
etag: W/"a71f1af57eb655eb9f8c61b8173428f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-id: FeDNTqKTGpwS9MwZZqEZN4TVt64nkIZKRNEeTe-RjELFZDKkUpdw7g==

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E8FE 0
0 52ms
52ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuupjSbtx74Gc-LvDDHPFdUYNkzl080_27XeMQSVKeZESNBoMUGq1BU5-lGHHlHy4HZD_uEVyOkt_YGvHYrKYIvrbdf_12Bk3AgQ1QpQ3Di9s1Z6ytJ0JR49z9BlWv7ii29m_pzy7VmqVCUfzCfbthj3SIRyCyCEDQUA4kcJyYLSxtLEtibsjqoy_DBFzSz7vzduxLJVQhUTgVOQs7fNROZ_Odh8CPDiAa4_DLZXnLtoVXSJv9616eimxJ8xoCsMIyahC2NNORpmjskSuGhwzFNVW4HYxthR_5trnPbqdf1SSd1owo9pBxuWqhzAaa_Loh34vW-IvGiRFeB6lxzHBFZeyP_HfIrQ4G7oxZmXWdLVdAfat1IPGc2f14grihUqCfx7TH5zpJ-KVLIvaIIjwd9cEFZLU9C730iYqd5hjlvD2h0Om3urTSUMth1bSMLIq1DOIdVh8yBbOYAcy1NbfgrD6RNBQY9a9rJiGTxiuyyC1iSkGK3XZEFW9PhmkOGPQh2lmoFYYKyqIIZ2bgmBwyi23A_YKSf9_FIsNgluwJF_5hnqYMzyY6fgjGiF1Bpf0mq68qhlrXl-tqF1Sw0gQZ1HBmIQbXUoZw69moVRnkwmRWFvGM9hcOyPnqGJ_KH1QWxQpZgRGiJfuIGp-3igBhCBzmr1YjO5N72QMPec6GOAr14UhrCjL0KLSlQ6vHK0LCH3GOj51WRMYJfbS6fIsk9L5aS6pXd1pHVt2YrZv5q8Ts27YNiCMgt_tA-GaUQJhFbfsE9RpREgxxX-UYROp_tgH3f9vFupfYksKeJpdmhH7E-vzNUDub64nOvq4geCuogK8_s28Yi74f9w1nJNJSfNR3e7YYSKR6Sb1WeCAX3UhcDsQID5oT8_T7PUqb2ETtBpURjxtc1-GugHziJTV_u6GCER3j-r333yfOARWMwLSb5qy0foYsf52hEsxl-AhpEBNzfJLROFR1EoE_2G0xH6mFoVUUD0GBqc1DhCNqU04b0swDigpEeh_8TTJEDaKSmEcIo-N9xDhWtGlpjGBWvXliPYeEuT2LprJzoWNbhQbCI4RgAAdD37xsc6e5hQLoJHePq3E7Cduvc1nniwawRSsAH_isWHfNE6DXASzRps8O7vfiqKp4oM8Wa5UZwAFIPYK4ssz1KrBTcfvSk5SIWB4tKEmtW__J1Zn4YgjqitXLN2yLcAGhWKbD1-G2SWORsYVz3JjcRlArkOXdgReiYKscI9Yp3Ik5qjC1Im9sAWvLuRK-jtg8vgFonDxp0GjUbD3a8397BefWtL9uzrRZFEIwHLa72DpNAORYYAJ8gKwjRoHcCflgT6zh-6kA32kGGJUyjy7pSf6vvER7afD-RVU9QO0yBl_3sLo7wAhTuULnpjIzdvCUH52HBDwgpOCfqI0euEZc2xWvuop_1wvdJhxgVff14dh9gsVEOvSwDZUKB&sai=AMfl-YSI4u9C6QjYKrOVF5trGDUBtglyqZDFW2fcv_YUEhGUc3AWZr_YLkEH4yAXPBskSAq_yRvTDwGXJNVn4Yn8iunZn51Ll-TTADjb8pzOLIAhmFGugRrZ5au_aEDXJCMk3WSF1PiuLHSMaiBzKsZfyP2nyq0E6KoOx201OWHFClyxIUWFRRlxEdOFMGFBNU_jx5h2DIOzr3s8RlDsam8rQS9HZXRpFsgcLN8m1HT896_z8-EYsPDrEbr7ht_KVBYD48mPQ4fyFN5T04TNRkzCpO9wmCjQcDsOUycoUg&sig=Cg0ArKJSzPPeniumdzINEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=208&vt=11&dtpt=125&dett=3&cstd=78&cisv=r20231206.95525&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame E8FE
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1742739/75943806/4.js?ias_dspID=3&ias_campId=1014501235&ias_pubId=pub-0428516164225172&ias_chanId=1&ias_placementId=20574793325&bidurl=https://www.haibunda.com...
https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_IaB2ZYFmnZSO7A-DzrCYBA&cbFunctionName=goog_wrapCb_IaB2ZYFmnZSO7A-DzrCYBA&true_pb=

1 KB
1 KB

39ms
22ms

Script
application/javascript

2600:9000:2611:d200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_IaB2ZYFmnZSO7A-DzrCYBA&cbFunctionName=goog_wrapCb_IaB2ZYFmnZSO7A-DzrCYBA&true_pb=
Requested by: Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:2611:d200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:45:50 GMT
x-amz-version-id: dZV1qYWLtZJQETG4KzZq1jUYDpTMrU_G
content-encoding: gzip
via: 1.1 c7fb0ef8cc8bb7055eaaaf9c7fa117ce.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P2
age: 298308
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Thu, 07 Dec 2023 18:45:48 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: Ou4TX6Ha_P6bwqW8zuZUD1ZIxIk7qcoTWb-UoG8XtMc9xsRcyN5Zaw==

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
server: nginx
x-server-name: app04.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?ias_xappb=&adContainerId=brand_safety_IaB2ZYFmnZSO7A-DzrCYBA&cbFunctionName=goog_wrapCb_IaB2ZYFmnZSO7A-DzrCYBA&true_pb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame C124 91 KB
23 KB 76ms
20ms Script
application/javascript 2600:9000:2611:d200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2611:d200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 21:19:49 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 c7fb0ef8cc8bb7055eaaaf9c7fa117ce.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P2
age: 16013869
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: MxBXkM8oZBECO-yuZtf-BpPrv0Y5BZZnDjeScrvigSpNmmWLI_MEHw==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5A0 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BcyeBIaB2ZYFmnZSO7A-DzrCYBAAAAAA4AeAEAg&bg=!QUKlQg3NAAY3kmNgF5I7ADQBe5WfOMdAYwMlenbuyCyFYgi36nneBLz9NrirnC-q96aZHEofr9aM4twazKm7ECwgElX7AgAAAGBSAAAAAmgBB5kDOjDJ-et7r3MnOW-zPmxHRuQC9BrcsEC1fmFcZZe_iDreR1v3Nq_gIDqR_DRJqDngF2fYmEmC9FWjN-DvSu0CsZwStc9oLAa4xgrkEUslE4WSSQFTk2wgI4z0xNoefL-VsyGSrqQuMKBXWzdT-i5Ng7goqQ3cc0xLayQ1pmJPUhGN6z_s2AHiJvfBr_qF-aSR8sDnhAlDyaa2I7xNCWNlVe-L7HY-pwpXGiM7Mb5GXnVn_NUGrtMLX3JFpkPXupmFzfxh2DrVlfkllGrFpaFo36M8C0aXlvr5jRc03PfnrcD4iTieKAaspsK_m3MnS9_aDpXhRxIyFBwJXUeU2unQ6ny5s3MDTYF3Eu4cpTQyoaY9lvgfznj_HuLE-f2UfDQ1s1kV-FHXUt2DYBbwfbq4nn2zHZ-O1ZSKWqjmdPJefP8a5zoauOiVXuWfg507ZPHWt6ZVGFAzUOyXmrC8q68ddDEdNvOvDcJeDd_C12CKg6ZDogXTSOJgZ8CcxiEXQ2sU_53r8zh84u6ynSCsiTMjLoWwuxuTlEmH52trclhiCXvWhgEHydSi0b4M3D3hjvGkOtTax49UY3ELu4fQfof0I8Maejs-2e73Mx1sT19VcARrJuV-8jJhbOJ1bSjovd3_cQ1a2h91KVaFUB4iq_t5V0vrTToSB6CA8cvppZdKt1UpUtWHRrU5LN0T3IYLeRfj8uTolF4A7qGO1nSxt2pbRAkjyvQNYn9qFS_RRiYb0IIwF5CZTFJwhs022oSoCQC56h7T2nfA_Ez89ogi_Qlp5zfbXralLUff9Vip4eNMfAM20xzmt_WFm_3qXAr5L3tHQPRYu35IDUdbljxm_lNbJjQoxdHzh1LEa7jLy9kqwCYUT6cc2gqj1Kvcvl9OUNDXIdhnDr2L8v1dwT1NL2FelvProcNj2T2hF_SBtnC1m8N9URWnXhtXs5EU2rnOsp6IyP32vjg8D6tjeniRWPha4JGB6YyrlK62ACWFDYY7WZUl7-_yBGjI317fUEI5VE4OKGcbCArX9z0SHOE_ZMGeg3U4_5TP5HTem-Mb7PEOKB1mn1c8WIs_ReuduxMb3QwYy_rTTQTEPTOhUb4

Requested by

Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E8FE 43 B
216 B 591ms
197ms Image
image/gif 2600:1f13:800:7780:e000:f538:bd2d:cf42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1742739&asId=96ec8880-4ac8-2d9d-13a0-ac4551ccf40f&tv=%7Bc:wt2UgG,pingTime:-3,time:38,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:38,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B33~0%5D,as:%5B33~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tY6EgIY+11%7C12%7C13%7C14*.1742739-75943806%7C141%7C142%7C143%7C15,idMap:14*,rmeas:1,rend:0,renddet:na,siq:13%7D&br=c
Requested by: Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:e000:f538:bd2d:cf42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
server: nginx
x-server-name: dt22.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E8FE 43 B
215 B 590ms
198ms Image
image/gif 2600:1f13:800:7780:e000:f538:bd2d:cf42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1742739&asId=96ec8880-4ac8-2d9d-13a0-ac4551ccf40f&tv=%7Bc:wt2UgH,pingTime:-6,time:39,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:39,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B34~0%5D,as:%5B34~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tY6EgIY+11%7C12%7C13%7C14*.1742739-75943806%7C141%7C142%7C143%7C15,idMap:14*,rmeas:1,rend:0,renddet:na,siq:13%7D&tpiLookup=ao:www.haibunda.com*&br=c
Requested by: Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:e000:f538:bd2d:cf42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
server: nginx
x-server-name: dt23.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B5E4 8 KB
6 KB 107ms
56ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2359620ddb79388c996214727ad274476bc18b9dee875d6f3bf70361bfa85bc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5899
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E8FE 43 B
215 B 587ms
198ms Image
image/gif 2600:1f13:800:7780:e000:f538:bd2d:cf42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1742739&asId=96ec8880-4ac8-2d9d-13a0-ac4551ccf40f&tv=%7Bc:wt2UgM,pingTime:-2,time:44,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:464,beZ:464,mfA:467,cmA:468,inA:468,inZ:470,prA:470,prZ:472,si:476,poA:476,poZ:489,cmZ:489,mfZ:489,loA:502,loZ:504,ltA:507,ltZ:507%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:44,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B39~0%5D,as:%5B39~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tY6EgIY+11%7C12%7C13%7C14*.1742739-75943806%7C141%7C142%7C143%7C15,idMap:14*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:13,sinceFw:31,readyFired:true%7D&br=c
Requested by: Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:e000:f538:bd2d:cf42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 200 list Show response
mcs.tobsnssdk.com/ 7 B
921 B 172ms
171ms XHR
application/json 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Requested by: Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: bd232f0f.4785c99b
date: Mon, 11 Dec 2023 05:37:37 GMT
upstream-caught: 1702273057658688
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312110537361F829D0567A875F2614D-2FADACDD8A4A2D74-00
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 164,104.126.37.124
server-timing: cdn-cache; desc=MISS, edge; dur=151, origin; dur=14, inner; dur=7
content-length: 7
pragma: no-cache
server: TLB
x-tt-logid: 202312110537361F829D0567A875F2614D
x-cache-remote: TCP_MISS from a23-193-104-216.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-max-age: 1800
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 14,23.193.104.216
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea005d3f9fe50253a23474beafc4021ad56c936d65b42bdc8de095344c267009c631905fbd499bb34c8e574b4ce70955cb5f4d28eb040417b6524c533ca3d1eec08d7b4b376703b8c9e598fb94f107b6d2998cf41e3a960c1b12f30e8cae4a091436
expires: Mon, 11 Dec 2023 05:37:37 GMT

OPTIONS
H2 200 list
mcs.tobsnssdk.com/ Frame 0
0 170ms
169ms Preflight 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haibunda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Mon, 11 Dec 2023 05:37:37 GMT
expires: Mon, 11 Dec 2023 05:37:37 GMT
pragma: no-cache
server: TLB
server-timing: cdn-cache; desc=MISS, edge; dur=154, origin; dur=8 inner; dur=2
upstream-caught: 1702273057488639
x-akamai-request-id: d3381621.4785c773
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-cache-remote: TCP_MISS from a23-193-104-215.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-origin-response-time: 8,23.193.104.215
x-parent-response-time: 162,104.126.37.124
x-tt-logid: 2023121105373635EAA5DE644A9BF077D6
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea005d3f9fe50253a23474beafc4021ad56c2cf14fa6d49d54f3316d2ac48994b45c0fd738891a7cf79bd4c02235d4d5f46da3ca844ef36bd1627f29970b6a4ce82f9e15ed46742d84c97f2424adc397e3393f2c4c8313e739dda59bff289b92da1f
x-tt-trace-id: 00-23121105373635EAA5DE644A9BF077D6-28B5534975E7A193-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H2 200 list Show response
mcs.tobsnssdk.com/ 7 B
776 B 203ms
202ms XHR
application/json 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Requested by: Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: 4785c995
date: Mon, 11 Dec 2023 05:37:37 GMT
upstream-caught: 1702273057683447
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312110537362671B2FA801330F0B104-4A14BF6A8E2F452A-00
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=7, cdn-cache; desc=MISS, edge; dur=0, origin; dur=162
content-length: 7
pragma: no-cache
server: TLB
x-tt-logid: 202312110537362671B2FA801330F0B104
access-control-max-age: 1800
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 162,104.126.37.124
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b1345e262ade5a48beb6c41b6308929d266423c036494564577e75164e5172db93ba244a7dfd03678377e645df474a97ddb2b38485765bd4cbde4430c42646182de30
expires: Mon, 11 Dec 2023 05:37:37 GMT

POST
H2 200 list Show response
mcs.tobsnssdk.com/ 7 B
776 B 172ms
172ms XHR
application/json 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Requested by: Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: 4785c996
date: Mon, 11 Dec 2023 05:37:37 GMT
upstream-caught: 1702273057652302
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121105373689FB38478B6603E94D6C-173E638292ACB9E7-00
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=7, cdn-cache; desc=MISS, edge; dur=1, origin; dur=163
content-length: 7
pragma: no-cache
server: TLB
x-tt-logid: 2023121105373689FB38478B6603E94D6C
access-control-max-age: 1800
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 163,104.126.37.124
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134536f1c6955a817d45ede27532755ae399ac171b363645f1c5302260358438947f121997c5666bd9f1eff27a93e8b1a0c65ce26de6a90052a613fd0eb540d265fe
expires: Mon, 11 Dec 2023 05:37:37 GMT

OPTIONS
H2 200 list
mcs.tobsnssdk.com/ Frame 0
0 165ms
165ms Preflight 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haibunda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Mon, 11 Dec 2023 05:37:37 GMT
expires: Mon, 11 Dec 2023 05:37:37 GMT
pragma: no-cache
server: TLB
server-timing: inner; dur=2 cdn-cache; desc=MISS, edge; dur=0, origin; dur=157
upstream-caught: 1702273057486755
x-akamai-request-id: 4785c776
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-origin-response-time: 157,104.126.37.124
x-tt-logid: 20231211053736C44632686D5E7FDEE597
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134562122c7fe03a408df230670f3dcd326d04d8aae1f207f071ce1e795aa0f5bbf2c789fc293e42aadc57130b739732782de60bc18037391379778a06ac3e0e283f
x-tt-trace-id: 00-231211053736C44632686D5E7FDEE597-4E643EB37F98146F-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

OPTIONS
H2 200 list
mcs.tobsnssdk.com/ Frame 0
0 167ms
167ms Preflight 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haibunda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Mon, 11 Dec 2023 05:37:37 GMT
expires: Mon, 11 Dec 2023 05:37:37 GMT
pragma: no-cache
server: TLB
server-timing: inner; dur=3 cdn-cache; desc=MISS, edge; dur=0, origin; dur=158
upstream-caught: 1702273057488496
x-akamai-request-id: 4785c777
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-origin-response-time: 158,104.126.37.124
x-tt-logid: 2023121105373689FB38478B6603E94D49
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134536f1c6955a817d45ede27532755ae399ac171b363645f1c5302260358438947f121997c5666bd9f1eff27a93e8b1a0c65ce26de6a90052a613fd0eb540d265fe
x-tt-trace-id: 00-23121105373689FB38478B6603E94D49-173E638292ACB943-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H2 200 47 Show response
www.haibunda.com/api/v2/tags/ 1 KB
524 B 257ms
257ms Fetch
application/json 2606:4700::6812:1c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/v2/tags/47?

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=4.5.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c47a3fc99dac7796a8041a5cd5dfbe7075591a26c89caaa1eddfef27f4584459

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
strict-transport-security: "max-age=31536000; includeSubDomains" always
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
cf-ray: 833b60710ad271bb-FRA
s: fe-publish5
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
x-xss-protection: '1;mode=block'
x-cached: MISS

GET
H2 200 47 Show response
www.haibunda.com/api/v2/mostpop/ 64 KB
14 KB 253ms
253ms Fetch
application/json 2606:4700::6812:1c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/v2/mostpop/47?limit=5

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=4.5.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd1bc694aea3c3b894329e733eee326bd26493c0cf7f338fba60bae54b445d58

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
strict-transport-security: "max-age=31536000; includeSubDomains" always
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
cf-ray: 833b60711adc71bb-FRA
s: fe-publish1
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
x-xss-protection: '1;mode=block'
x-cached: MISS

POST
H2 200 banner Show response
www.haibunda.com/api/ 420 B
510 B 211ms
210ms Fetch
application/json 2606:4700::6812:1c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/banner

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=4.5.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e61f6e0372b681226a456b9f8bf621708e402ea5f082fb8af4ad2efe4b7a3d66

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept-Action: newsfeed2
Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
strict-transport-security: "max-age=31536000; includeSubDomains" always
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
access-control-allow-methods: POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cf-ray: 833b60711ade71bb-FRA
s: fe-publish6
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept-Action
x-xss-protection: '1;mode=block'

POST
H2 200 banner Show response
www.haibunda.com/api/ 30 B
108 B 213ms
213ms Fetch
application/json 2606:4700::6812:1c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/banner

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=4.5.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d83e9935695c996946bfad955752b483ff58fc2ce589b50990ac44ecbceeeae6

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept-Action: parallax1
Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
strict-transport-security: "max-age=31536000; includeSubDomains" always
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
access-control-allow-methods: POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cf-ray: 833b60711ae071bb-FRA
s: fe-publish1
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept-Action
x-xss-protection: '1;mode=block'

POST
H2 200 banner Show response
www.haibunda.com/api/ 133 B
195 B 241ms
240ms Fetch
application/json 2606:4700::6812:1c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/banner

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=4.5.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfbfedb314daba594ef58afe599c84d874060c861cbc49163c3c95e395a504cf

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept-Action: newsfeed3
Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
strict-transport-security: "max-age=31536000; includeSubDomains" always
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
access-control-allow-methods: POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cf-ray: 833b60712ae871bb-FRA
s: fe-publish2
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept-Action
x-xss-protection: '1;mode=block'

GET
H2 200 detiknetwork Show response
www.haibunda.com/api/ 3 KB
2 KB 526ms
526ms Fetch
application/json 2606:4700::6812:1c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/detiknetwork

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=4.5.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc68f41f5d8aebea1af7b2267280fd9381b2262e2179292c7b45297cd6176822

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
strict-transport-security: "max-age=31536000; includeSubDomains" always
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
cf-ray: 833b60713af471bb-FRA
s: fe-publish6
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
x-xss-protection: '1;mode=block'
x-cached: HIT

GET
H2 200 logo_Insertlive.png
cdn.detik.net.id/libs/detik-vertical/images/logo/ 8 KB
7 KB 181ms
180ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.detik.net.id/libs/detik-vertical/images/logo/logo_Insertlive.png?v=0.0.4

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

892cbed999e182e677a982593b4a2b1054156fb5730cad5f14e26467119e062d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 08 Apr 2020 16:26:03 GMT
server: st1
content-encoding: gzip
etag: W/"5e8dfb1b-1eb2"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_FemaleDaily.png
cdn.detik.net.id/libs/detik-vertical/images/logo/ 8 KB
7 KB 181ms
181ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.detik.net.id/libs/detik-vertical/images/logo/logo_FemaleDaily.png?v=0.0.4

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

bbd58a1c832602875a0b34aba97d954d24dfa30ff69f95559ef675047b48a190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
middle-cache: MISS
x-content-type-options: nosniff
last-modified: Wed, 08 Apr 2020 16:26:03 GMT
server: st1
content-encoding: gzip
etag: W/"5e8dfb1b-2051"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-cxo.png
cdn.detik.net.id/libs/detik-vertical/images/logo/ 2 KB
2 KB 181ms
181ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.detik.net.id/libs/detik-vertical/images/logo/logo-cxo.png?v=0.0.4

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

89095ca11eae7b644fac81b99bdef7f8b08ceff77a67bee52c295cb46ef3abfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
middle-cache: MISS
x-content-type-options: nosniff
last-modified: Mon, 31 Jan 2022 03:14:26 GMT
server: st1
content-encoding: gzip
etag: W/"61f75412-893"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_Beautynesia.png
cdn.detik.net.id/libs/detik-vertical/images/logo/ 5 KB
5 KB 182ms
181ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.detik.net.id/libs/detik-vertical/images/logo/logo_Beautynesia.png?v=0.0.4

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

41f256772529dd56ce2f8bdd006e6a2cec7736283344f1e4dd677bb0ccc9e01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
middle-cache: MISS
x-content-type-options: nosniff
last-modified: Thu, 03 Feb 2022 03:14:21 GMT
server: st1
content-encoding: gzip
etag: W/"61fb488d-1435"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_Wolipop.png
cdn.detik.net.id/libs/detik-vertical/images/logo/ 16 KB
16 KB 182ms
181ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.detik.net.id/libs/detik-vertical/images/logo/logo_Wolipop.png?v=0.0.4

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

3c2d3bf051e5ceab46b67776c86b075de1e755aa34ec5a08fc7fc70e6a93e9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
middle-cache: MISS
x-content-type-options: nosniff
last-modified: Wed, 08 Apr 2020 16:26:03 GMT
server: st1
content-encoding: gzip
etag: W/"5e8dfb1b-3f44"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_MommiesDaily.png
cdn.detik.net.id/libs/detik-vertical/images/logo/ 5 KB
6 KB 182ms
182ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.detik.net.id/libs/detik-vertical/images/logo/logo_MommiesDaily.png?v=0.0.4

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

09c4a499c263c79321dd444b925b53a876bf544ebd877ada013587d1099fdd26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Mon, 09 Nov 2020 02:37:02 GMT
server: st1
content-encoding: gzip
etag: W/"5fa8ab4e-14e9"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B5E4 17 KB
6 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 05:37:37 GMT

GET
H2 200 asyncjs.php Show response
newrevive.detik.com/delivery/ 29 KB
7 KB 607ms
202ms Script
text/javascript 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://newrevive.detik.com/delivery/asyncjs.php

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive4 /

Resource Hash

bda2b2b3fe408efaec1312cdc117f353a14e6d1717f1846d827c319c5836bbff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .detik.com .cnnindonesia.com .cnbcindonesia.com .haibunda.com .insertlive.com .beautynesia.id .cxomedia.id .detiknetwork.com .ctcorpmpc.com .allobank.com .buzznesia.id .berbuatbaik.id .detikpublishing.com .femaledaily.com .femaledaily.net .mommiesdaily.com .mommiesdaily.net .mommyasia.id .transentertainment.com .transsnowworld.com .transtudiobali.com .transtudiobandung.com *.transtudiocibubur.com
Strict-Transport-Security	"max-age=31536000; includeSubdomains" preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:38 GMT
strict-transport-security: "max-age=31536000; includeSubdomains" preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
p3p: CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy: cross-origin
x-cached: MISS
referrer-policy: strict-origin-when-cross-origin
server: revive4
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript;charset=UTF-8
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-credentials: true
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag: HttpOnly Secure SameSite=None
expire: Mon, 11 Dec 2023 06:37:38 GMT
access-control-allow-headers: Origin,Content-Type,Accept,Authorization

GET
H2 200 prebid7.36.3.js Show response
get.optad360.io/sf/ 520 KB
165 KB 8ms
8ms Script
application/javascript 2600:9000:225e:1800:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid7.36.3.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/668d5c86-f6d6-4903-9880-988d62c01a9c/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7559ba45677beff9ea485d64ab945d4a29a460c9319f20f8b131051629a1a67a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:33:33 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
last-modified: Mon, 03 Apr 2023 08:32:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 2376244
etag: W/"0a921f4d0ab6e1dce1061b3c4ed313ce"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-id: UnhzY-n05mzaPpZ9ddbMxRy80SsZW2G53qgJ7WLDFdmtmoPunL-rrQ==

GET
H3 200 container.html Show response
a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A08B 6 KB
3 KB 13ms
13ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 05:37:36 GMT
expires: Tue, 10 Dec 2024 05:37:36 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 icon-foto.webp
www.haibunda.com/images/ 498 B
703 B 192ms
192ms Image
image/webp 2606:4700::6812:1c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haibunda.com/images/icon-foto.webp

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/swiper-bundle.min.js?v=4.5.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d490bc201c366e2121b60ba924dc4535142aaea0b8d87c4c1b53df4aeaca5f2

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
strict-transport-security: "max-age=31536000; includeSubDomains" always, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-length: 498
x-xss-protection: '1;mode=block'
last-modified: Wed, 14 Jun 2023 07:45:11 GMT
server: cloudflare
etag: "64897007-1f2"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
s: fe-publish2
cf-ray: 833b6071bb5571bb-FRA
expires: Tue, 10 Dec 2024 05:37:37 GMT

POST
H2 200 / Show response
kayumanis.detik.com/api/validation/ 20 B
203 B 417ms
307ms XHR
application/json 34.149.209.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://kayumanis.detik.com/api/validation/
Requested by: Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/detik-vertical/js/jquery-3.6.0.min.js?v=haibunda.4.5.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.209.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.209.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e42c48eaa0f6cff2fabe511e0ebaf0f37dd83d9082030256c2dd0ddd71a8fdf2

Request headers

Accept: */*
Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
via: 1.1 google
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

GET
H2 200 branding-ads.svg
cdn.optad360.net/icons/ 7 KB
3 KB 47ms
7ms Image
image/svg+xml 2600:9000:211e:4800:f:a31d:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.optad360.net/icons/branding-ads.svg
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4800:f:a31d:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 13:25:33 GMT
content-encoding: gzip
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 5155925
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: TSRRZ1TJNmsMq6KlJGX6bXEJELg0EpSUQpKeYxbmldWAZ4AN_L8QAg==

GET
H2 200 thetracker-haibunda-v3.min.js Show response
cdn.detik.net.id/loganalysistracker/ 6 KB
3 KB 342ms
342ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/loganalysistracker/thetracker-haibunda-v3.min.js?v=3.1

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

6d0a94daeed6fb13bff4a040ee8a19cf4e987f9425b42dc2c116f4c7b2717039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 02:34:34 GMT
server: st1
content-encoding: gzip
etag: W/"6018ba3a-185f"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detikBigDataSdk.js Show response
cdn.detik.net.id/loganalysistracker/ 106 KB
36 KB 342ms
342ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/loganalysistracker/detikBigDataSdk.js?v=1.7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

344c23ba1cbc2b819add73db2c6dce106bbf7f4a06c59b1030677cffe3ee668e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Thu, 08 Sep 2022 08:55:53 GMT
server: st1
content-encoding: gzip
etag: W/"6319ae19-1a7d3"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 me.html Show response
connect.detik.com/token/ Frame 88A8 288 B
1 KB 233ms
190ms Document
text/html 163.181.56.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.detik.com/token/me.html?autoLogin=1&clientId=10166

Requested by

Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/dc/v1/detikconnect_auto_login.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

163.181.56.215 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

4ead2bd6c769b87d010407b5bea2b3b642b1d5bcfea1d9103e5044f9c02195fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .detik.com .cnnindonesia.com .cnbcindonesia.com .haibunda.com .insertlive.com .beautynesia.id .cxomedia.id .detiknetwork.com .buzznesia.id .berbuatbaik.id *.ziswafctarsa.id
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.haibunda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET,POST
content-encoding: gzip
content-language: id
content-security-policy: frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.buzznesia.id *.berbuatbaik.id *.ziswafctarsa.id
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Mon, 11 Dec 2023 05:37:37 GMT
eagleid: 2ff62b1c17022730575987515e
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy: same-origin strict-origin-when-cross-origin
server: Tengine
serverloc: dc-02
strict-transport-security: max-age=31536000; includeSubdomains; preload
timing-allow-origin: *
vary: Origin, Accept-Language, Cookie
via: cache38.l2sg2[19,0], ens-cache4.de4[180,0]
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: master-only

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 337ms
119ms Image
image/gif 34.227.121.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=haibunda.com&p=%2F&u=BO4Fl1BbB1WqBjshlh&d=haibunda.com&g=54935&g0=Haibunda&g1=Haibunda&n=1&f=00001&c=0&x=0&m=0&y=9050&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.haibunda.com%2F&b=2933&t=CmjHQ9CPXd9HDbHQCrD_WsbOC33ARp&V=141&i=Informasi%20Terkini%20Kehamilan%2C%20Parenting%2C%20dan%20Mom%20Life%20-%20Haibunda.com&tz=-60&sn=1&sv=CL5UXtBokRYkCndh7DDdIN1NDhPVZ4&sd=1&im=067b2fff&_
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.121.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-121-59.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1251 624 B
245 B 57ms
57ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWgn1tAEwi_P5OgrtMmLdrgAJerVRITJJa3X2I8cZn3YFmXOTe_xZgRuNhYo8WNSiOHr1uf-CjUfe4fEgZB6NLLOlwZ5VOSodI2kgvLxkri3ctksBxvr5PbD8sOd2Do5WC24tgR_6oi1les-55uM-POJ97kTNF0PkF8D1v5EekaCtpbEoU

Requested by

Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 05:37:37 GMT
expires: Mon, 11 Dec 2023 05:37:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A08B 89 KB
31 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 05:37:37 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A08B 42 B
63 B 48ms
47ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CxKu4X2A4LwEZKXWJA2KbD2GfUWvDazoib87_mOmoR6UJrFOrtzLJwsTdcqFMsB3lM8UCd0Emnt9nD6dBUog7mCKAb4ipJz4czJPJILwW5w0_6oAA

Requested by

Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame A08B 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:08:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 17:08:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame A08B 20 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 20:42:11 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A08B 202 KB
64 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 05:37:37 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 30D7 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Dec 2024 19:00:51 GMT

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 25ms
16ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231211

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.36.3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb46a46f643895746cfe3e2e199278b0154edfb75cecb1132df74f47b84d67b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5805
x-jsd-version: 1.0.1900
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230059-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"636-0aixPJ+F9iGhoT5ok/tLvIFCVz0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uohs9jPDi2ops%2BDy7bIuW91V7Wc8Cviz%2FoGtbWzmAdX4CHyxLd%2FrkDlc9eVfOBASM7Vgn%2BLJD3c8bknnzP1cogEDPrxymJBn45q05YSEJ2K5Vn%2BojuyqWZFuJLUojfcc7g%2B7IXrX3VYwbhUBI9k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 833b60721f551e50-FRA

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1251
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnzIwJCcOCha_RwqMqzYnA&google_cver=1

43 B
730 B

18ms
18ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnzIwJCcOCha_RwqMqzYnA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWgn1tAEwi_P5OgrtMmLdrgAJerVRITJJa3X2I8cZn3YFmXOTe_xZgRuNhYo8WNSiOHr1uf-CjUfe4fEgZB6NLLOlwZ5VOSodI2kgvLxkri3ctksBxvr5PbD8sOd2Do5WC24tgR_6oi1les-55uM-POJ97kTNF0PkF8D1v5EekaCtpbEoU
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SRy4QhyhCNpoMyqsFqiRSrBQVLr0DpDCGvxgVlAciYz7s%2FwmozPGxyZiSwmOZ4aAIR22zWSgHzvWoPvPL92snMRKB8mrM3aQrsJnloW4iyl7d6wrMtHfvifLcsBPVDPCgbKPhxell711lA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 833b60729c6b2bb8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnzIwJCcOCha_RwqMqzYnA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1251
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXagIMQyfDFZP2f4ba9OYQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnzIwJCcOCha_RwqMqzYnA&google_cver=1

43 B
733 B

21ms
21ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnzIwJCcOCha_RwqMqzYnA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWgn1tAEwi_P5OgrtMmLdrgAJerVRITJJa3X2I8cZn3YFmXOTe_xZgRuNhYo8WNSiOHr1uf-CjUfe4fEgZB6NLLOlwZ5VOSodI2kgvLxkri3ctksBxvr5PbD8sOd2Do5WC24tgR_6oi1les-55uM-POJ97kTNF0PkF8D1v5EekaCtpbEoU
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RswIIc1svKMKrQpjDn26S9%2BddSDmGqc8JIoF0%2FQzDXxSFce02Z6sBQxtsv%2FiD3t9z4IMkIZjTT17zKnlyA2a5PxLAGniVh1sMPtU7bBmCkcUthPUuU1uVWOYHs27OVg8YD1IIDcSKDfM6w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 833b6072cc862bb8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnzIwJCcOCha_RwqMqzYnA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 1251
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDqz4X3gNoJm2EgUFtNjKW8&google_cver=1

43 B
842 B

14ms
14ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDqz4X3gNoJm2EgUFtNjKW8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWgn1tAEwi_P5OgrtMmLdrgAJerVRITJJa3X2I8cZn3YFmXOTe_xZgRuNhYo8WNSiOHr1uf-CjUfe4fEgZB6NLLOlwZ5VOSodI2kgvLxkri3ctksBxvr5PbD8sOd2Do5WC24tgR_6oi1les-55uM-POJ97kTNF0PkF8D1v5EekaCtpbEoU

Protocol

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
an-x-request-uuid: 244f9563-0749-42cc-9443-a7be78c951b1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.246; 37.58.58.246; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDqz4X3gNoJm2EgUFtNjKW8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1251
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg5MjY1Mzg5NjU2NzkyNjU4Mg%3D%3D

170 B
188 B

23ms
23ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg5MjY1Mzg5NjU2NzkyNjU4Mg%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
an-x-request-uuid: 082632d3-ab40-466b-a779-ed580c758e30
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg5MjY1Mzg5NjU2NzkyNjU4Mg%3D%3D
x-proxy-origin: 37.58.58.246; 37.58.58.246; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E8FE 43 B
215 B 222ms
199ms Image
image/gif 2600:1f13:800:7780:e000:f538:bd2d:cf42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1742739&asId=96ec8880-4ac8-2d9d-13a0-ac4551ccf40f&tv=%7Bc:wt2UmA,pingTime:-10,time:404,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjcxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702273057687%7C%7C8fc4080ac080846e13a97aa4950b8e9a%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7Cc2a96293bce4fc2a93dfa995a81eb372%7C%7C08cf7deabff3940a829eb1ed4cbce266%7C%7Ce0ea96636d0b3f1c18c77e224af751e5%7C%7Ce4aa56993d5ebb1efc9fc360f20cbba7%7C%7Cabe46a8a73a9dcc3d18437fd2fce5fb7%7C%7C1663701684%7D
Requested by: Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:e000:f538:bd2d:cf42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
server: nginx
x-server-name: dt24.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 394 B
173 B 236ms
236ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4319395245116756&correlator=2402536134404472&eid=31080078%2C31079233%2C31080020%2C31079525&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fif&iu_parts=4905536%2CHaiBunda_desktop%2Cnewsfeed2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&didk=854058710&sfv=1-0-40&ists=1&sc=1&cookie=ID%3Db6ab846522d7d610%3AT%3D1702273056%3ART%3D1702273056%3AS%3DALNI_MYNp5r_WhaYEP6YwIt70U8JAPgSEg&gpic=UID%3D00000d136dc011f0%3AT%3D1702273056%3ART%3D1702273056%3AS%3DALNI_MaraMfH995zGSE8QVwX4PTq_7ix4w&abxe=1&dt=1702273057704&lmt=1702273057&adxs=250&adys=3196&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.haibunda.com%2F&vis=1&psz=747x0&msz=747x0&fws=0&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsmp9iMKcLVRrRThAJoSuEZi-sTzZb1sIuZ3oHFw4zlsBzXvmOO75iJoajcIC9rupVUU7ZM5PmK7q36yREflKU900w&ga_vid=1929531125.1702273056&ga_sid=1702273057&ga_hid=660709581&ga_fc=true&dlt=1702273055155&idt=1358&cust_params=site%3Dhaibunda%26medium%3Ddesktop%26keyvalue%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat%26Keyword_tag%3Dkehamilan%252Cmenyusui%252Cparenting%252Cnama%2520bayi%252Cmom%27s%2520life%252Cmotherhood%252Ccerita%2520bunda%252Cresep%252Ctips%252Cvideo%252Creferensi%2520produk%252Crekomendasi%2520tempat&adks=1881386987&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e26d387ec0dec7a7f61e21dbe3194546e00a112e2b82376d23434ae269b3066a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A08B 0
20 B 47ms
46ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=27365572512&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A08B 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=27365572512&version=m202309260101&ct=77&x=1&cor=13070911472924301000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A08B 20 KB
14 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxV8vLDbOlXIUqaeeZJh_R4iBozyzteJpMOFRZQVl4a31FatMp-9MwyJivkjCvLaycQu8QS766G3582T8yAKuHptqacIpgqbaVxTpqWHIHOKJir0XyoXbC4OQQEZULqYaK8Ob1qGA9c3gtrcMrLEbMoDGT1UUMfUThSzT05CgohmxPZQQ&cry=1&dbm_d=AKAmf-D1QEPsDEjwMTlftwlVrox_EmkFLWxxnNynCEqp4Y3CUTE9ZUGPWaJVef3KTUi-NzWIfM1k44CJJ8_0QynSOe8VSO_3VPUT1Jp1wSSBBD9IqceZDq-mvoUljUs42TCO6Ge2SS1VCHq_kck0hb7YaOR--hEOjM_tMkbS5T2FPd49jyToh6AnpHf8gWo-pI8TBF2-wHJ0245irZOXTZv-AS3L0-k86MmnJB1Gy7QJ0LpFXwLEObhwJ2V4LAYXHgjrqDMhdu3HmJ-KPk0uiLNTZRQCjKRmR4cIIvIqUldPKK9RXcgPcks2DGzAzT4ngWt5X560t7B_RrTlGewV4SHkpEnRC8KcybJFhJoN-X-C_FPKloEsNhsXDNgo5g-e7JdYyIN4kIbg4sTy1LLiKuLMR_qgYsJssi7W0sShUpFIcMl0Oewkd-sRXMWt9NN5xoaZiLPVGU93o5AJoRwabAav6-8VtjeiKkljfQwFq1c2y7B5Dmo3B_JXUZ4V3jVcdJXZBkjoy4AAvhxkBcT85wmyRWM6OwSisck9iwFc4eIjeWDCf36_sNGYEd5B96ciYpbyLVhNNjFZ_3ZJtzt9PcoZ_TF-aMNXU1kiAvYjJ61jCc2hPKBy5H487mG3xxG_KjdrtDhNBJVNW0mLEPVs3UMojnkzUUN5v0fGfNE33yWC5MnOkCgyFf_wQ9vkWFG7kwHu5s_-5oN_kKx09z7QslPkkQ1-XI5QuaBENTmih0Ci8DTJd8LV3FpSE8msEP6sO1D5g95DFtosULMPC3iB9LOZkzTWdvXGn8bljnPIwmMYcAwco6Gii3aOvy_nXo0dZCuaoVeXzSnUPhhYUIWl5Dm47dFP1WAnIxVZsbxREmDJ_xIpg9Mu3fxo32UasFzcPi9zqLUXEJKDq--jZHkzz2D5GmSYv8o3hfBI8mbGCGFZ0cwTvUSWyMWSLlzPq8OJCY1X_Ad1LlIs8tK-2RBsydmia56AXstFZu7cM66D39xYsWS6HOmItlsaJm1W6ENF3cDMbjpFqpKg6zRqkpdXO2MlLGQOIf8hZmGuOQaK8ExPoQdVfi8Vusoh1bUeUawwylpRcvwsXmQbAWkGCFEJtbJE8_D1Zpx0klHJ1vojeLZU7ZiK2-hPpW9GlRZnS71eEJYTbKRnZeRvH7eJ7VG85bM-CmOoWiTKHZkjFris7PvTdQaZ0_CFhoYaycxstTmIpS_4ApNI7ZTR8yJjZgD12ycu_rB9Fwxf6kR4SCNA9zzDJGi53lAQuIKPpgmnbGKKxZwVmiXBw-ofl92b-khafHlfNnuBY7k0h6xEBFtt6xJ4giBqvbxkOKBzghp_zpOdnoi0APCLVo40J8HzK_Z-nJFqHNVFn1ZljJxN3FXEjmCDMaGlr5tkla7flvMP86njGD-XQTOV6PiOYKZUjt4RcOM63ZCJe88yHajyFr0n6uUXsset4GURNCbAhwGq1gznMKCBy1V-lcrX6wtanfrc3oNzawfX61hN60zToAOTIvUdB0V7isO4l9ZWP0OsoSxuoYnS-RrWuZ2Ks3ndC6FBZJGVM7OISkWLguDzUxhEvNLVvR1QwKL9AQnQUOx2UJnWmC8qTrGxnyPi2u6BouyiDbNIVzt1j5UVSXiDMh3dmvT_1n9pKBJKNcAdoD2GYaaIvHHZDIWVIZh2DTe2sBjhybdtXF3F_9THKGvv03OXzGaBKCib9hhDc42WJ-rdofW225_r1dhLsKLp11Exm_aftMoiMzHqieyPCBg0sKN4DkCaYpUCgTvCagXUAKiys91BfuHGcQeNvUp5sNNch-ekpAWqqqJHsrN_P_HokTepaiGnn5TSU9wMTSyxobTE1-P9bZISK6mQokc9GD37BtpOa2KNHFLWCen-4hjhUr6ByisekyxeLjRI3aSx898A2q0t9bE1peZQhQOReDKQ3DjQPvj_xcUzs07mg-x66MAc9ZIldMTNa42tcauYTfpA2GmDRmWu_zWpdWRBLJ_-0L95CvsCpkPMDUoUELtoy4ng8nquN4y73nCiBFJGIGtrx3kQ066BjH1h9lgmM6NSIaA4K-bFu_amE-TWPks1EqI4jEBm5pEkkPowT-AuMB3CqlowD07suf6tYBBRGiTBV-CTd70pVvlJsNoIRg3F86BHVkTv0kVhHTF0k-myANqqQsce3Lv-3MqfrFc9WmcB2z4U8dML8sNuj5enL_EJSV-8mb7zsdjqCOKP1OKYOWnXl6KMVsfhMKVRIUM0oafT2V7Pe2qPQOMrl245cOTvdS49ROipo8eJgf4tJfsMI0ltxjIj-9HbqAL5ASOvIq77xFcohMU2Tc-7_o7BbVeK-ru94lLlHdjBi-Yxa5xghX2iPoIBF5XvgbVyikLCdOZUemLoXe-M-aWOQwkPNI8uux13x3DkqedovnFlaLiA5wGdiJwszHFG-Boi9_CHw_Ey9lzcg-Jazw-EkR5mXx5e8ODcz36tYdXeO58koyxsjOv6Y8WR4fZyaXjr1gDgVLnTqROZXj0O7E-wnYG89GPr8SVKeMST3qGsDrZ4zNM_Yxd7YWH6a2TpklgGIUP7e52B6WFcB1Qc_lzixY6tCdn7uCrYefHxXX_4YD_wrQ5ogRt11f4Rj-zQ7FtHxY8WgPLkBUj47Al9F57nnoM9vFcfuQY5Th3ndiohrGhToPmw3pBYKjBeTsTIF20qFp5bRpH1YmQ98sffQMR-Ysr8Oikoa-dovhM5FsMvvr6x3283KYdCPIQTlB6A06n05iJxAVam-F-MLHakkX51BEyVYaTrF3-AKsmsmZUv6eg5pbgnB3U7SGCJ-vD3UQsUV36YBXgCCaDgDgjcx7bihUSdRRJYWvkPjNEZOaMz0fPGEBRs43u_UdfA6l-FEgazyLIT-Oik5CgrkMB0efguqY5pU1t4TzNYAdLlwbP75XU9wxDWrJKDmCoEHQyXmxGw6zZCEvqJJiURqGB_UcdvRRBEaeY-r35V98vRYCowna7QQSP9d7p0P9RdTsXeuMDgIxZ8O7imCTnMI_G8tfm_pK5SCAqMlqWBPRnqMNTv62mxbDOJz2kYx7ojKG2nG7hcsSFsvrUH-NKMf2ESK6wLaS_WudNhANTyFFigz-_Wxpvl2r0MOYoFZO-rD9DPhhKh7sLKrXAv_LSMDHyNbD9CX2CoNdi2y4MXd0jUAXeUVId0J0IwHAdn5eUVintqrHf408fNz3IhYpqb5KPvq0P21TLY5kOCjC32ws2yQOMu_uP05ehls9-l91WUSrYlqSDcB6PkaSf6uwPOee20JdJrhR_OYJ6ppCbyK_ywK2e0Iu37DnYz3NryTxEG-VNxoKr3VbLC1CVbTsfJ5BOWUP4sMTBENromTzIazooSfOqQEYbVUcQ577w5S0jjQLbzE10cJywy1Eaw4Eoe7FO_zZv-mOaZeEQ-EevWUU5A--h9tvE4vVzngRY02Agy8IkFtp8G3UqWTd_SAWYqYz-GSvEQrSd-yeKM63SyFgYCGy1DiyG32wEzM4I-JesoybG_WzSFHhPJ6rTTY6BTa7bukO-eBAC2rKC-00NF4VvijGiHs3N4SNtQJp3gaEG1oNpiW3MZ9hBEDker7t_zbA3NnndPDfCob0TatqTPRZohPrgg1Q3ToEbvfmf3K7fIPKW0weYBhLRInI8HWUIYRjtZCh0li5jGHb3YmUrI7T9Rogk5Rzvm7Sey_PPEIHrSKYri1yMELqXCbik8JOfDm7QT6QypRp5MUKf3j66LqLr6DAlr5DKri7Z7YcZg8LokRCqHoYnaW4BKsCniY8BgA62lZn7dlTQnkdua1r7QG3u0NPNyWYlkRu5We32Y3KlKIQ9QO1KworSCXzmbWjkd8Rh80942ACpVDsh7Uld8SZyUxT_i2FHzCfLpN-3uoZwk2zpkgJyQeJb0n9txMOzZC2eaS0CfdpZ1mvp7sh5J0YQ8qr3BEoJKPYJlYi6oIlSesSqzJHi-slR3ySs_eycau-1M0Xrnj4-R09WwSAxAhtXbuT79wULM-4Ap_mtH4DH3-9IUSbXvavsspkeTbrsxu2gDMP0cZx5VzgAd8TC_VPcsC9v_JK4YnjYsddiBcOKGFCU7gdLqK5u4&cid=CAQSTwDICaaNKoTdintvcbNWEPDneI7DoNLDuQG4bBJAL42lEilEeZZbKpEV0tQ7hO0BQwOyqk8H0FdmlglUGODbt_7wKwM1Yt1cZheNOtPmG2sYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.haibunda.com%2F&ds=l&xdt=1&iif=1&cor=13070911472924301000&adk=2228999114&idt=94&cac=0&dtd=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7eb9868191a83bed3e358853c3da36f500286d86e7187f83be6359687333ed27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13934
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 list Show response
mcs.tobsnssdk.com/ 7 B
776 B 172ms
168ms XHR
application/json 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Requested by: Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: 4785ce26
date: Mon, 11 Dec 2023 05:37:38 GMT
upstream-caught: 1702273057999190
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121105373681C81B1DE0735AEB8CD4-48BAF0D375759C8F-00
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=8, cdn-cache; desc=MISS, edge; dur=1, origin; dur=161
content-length: 7
pragma: no-cache
server: TLB
x-tt-logid: 2023121105373681C81B1DE0735AEB8CD4
access-control-max-age: 1800
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 162,104.126.37.124
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134536f1c6955a817d45ede27532755ae3998989e55f2d1da7ca4756471d901a6134ee02bd564bbee3103a7d710e191e9bbdbaa091cb8cc796f9c24f03914d597de8
expires: Mon, 11 Dec 2023 05:37:38 GMT

OPTIONS
H2 200 list
mcs.tobsnssdk.com/ Frame 0
0 204ms
204ms Preflight 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haibunda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Mon, 11 Dec 2023 05:37:37 GMT
expires: Mon, 11 Dec 2023 05:37:37 GMT
pragma: no-cache
server: TLB
server-timing: cdn-cache; desc=MISS, edge; dur=162, origin; dur=6 inner; dur=1
upstream-caught: 1702273057795770
x-akamai-request-id: bd232351.4785cb92
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-cache-remote: TCP_MISS from a23-193-104-216.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-origin-response-time: 6,23.193.104.216
x-parent-response-time: 165,104.126.37.124
x-tt-logid: 20231211053736B306D40540C7D30850E3
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea005d3f9fe50253a23474beafc4021ad56c936d65b42bdc8de095344c267009c631905fbd499bb34c8e574b4ce70955cb5f1c4952bce7d6276a5ffb67de1fb92aa2ab643f2993553402e97aad9a6bda990461fe62ed8bbd034201273c30e541916e
x-tt-trace-id: 00-231211053736B306D40540C7D30850E3-773224A9B5ABAE35-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H2 200 banner Show response
www.haibunda.com/api/ 12 B
123 B 301ms
300ms Fetch
application/json 2606:4700::6812:1c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/api/banner

Requested by

Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=4.5.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eca0fe7087d47bf8bba5ab355c02dc00bd403498edcdf259cb8eced59e8db45

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Accept-Action: newsfeed1
Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Mon, 11 Dec 2023 05:37:38 GMT
strict-transport-security: "max-age=31536000; includeSubDomains" always
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
access-control-allow-methods: POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.haibunda.com
cf-ray: 833b6072dc2b71bb-FRA
s: fe-publish3
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept-Action
x-xss-protection: '1;mode=block'

GET
H2 200 adiba-khanza-dan-egy-maulana-1_11.png
akcdn.detik.net.id/visual/2023/12/11/ 32 KB
33 KB 245ms
244ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/12/11/adiba-khanza-dan-egy-maulana-1_11.png?w=400&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

fe8d3068bac35e92c6414cb5209a4554b669b8dad39d8a3115e0c69c1f343fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st12
server: st8
etag: W/"cf509fed3ab1fa17af0aafee0741c352212493fd"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shio-naga_11.jpeg
akcdn.detik.net.id/visual/2023/11/06/ 40 KB
40 KB 245ms
244ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/11/06/shio-naga_11.jpeg?w=400&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

1eba471c48a167451577cc2c6c1fff0cad74fe4e8e06e4463a74abead36cf705

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st14
server: st8
etag: W/"6d4e23eecd9b2be71d1e8297fa3b50fe1d5f35bd"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 andreas-dan-cahyani_11.png
akcdn.detik.net.id/visual/2023/12/10/ 33 KB
34 KB 245ms
245ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/12/10/andreas-dan-cahyani_11.png?w=400&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

e565233aaf9bebf16449491ec075f722883713b606e89f7c62c96f9a50ba5654

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st9
server: st8
etag: W/"560fdbfe2068a1dfd45450e3eecd02a180bdf2f9"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vaksin_11.jpeg
akcdn.detik.net.id/visual/2020/11/02/ 29 KB
29 KB 257ms
257ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2020/11/02/vaksin_11.jpeg?w=400&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

5d7d237a12bb896701b8a81375907d4894236027eb112d6908c13aa5571c6b91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st4
server: st8
etag: W/"4063360690deb94f83595cdb6d96e8add01244a1"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ilustrasi-muslim-salat_11.jpeg
akcdn.detik.net.id/visual/2023/12/08/ 27 KB
27 KB 257ms
257ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/12/08/ilustrasi-muslim-salat_11.jpeg?w=400&q=90

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

c0997b6ac6ae7b9432fdef4fe85abb03e095c45ffb36bd1071304d2606e8d47d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st4
server: st8
etag: W/"4558c5477d7dc3314107b818f35bdf0b889fbc0a"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A08B 41 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxV8vLDbOlXIUqaeeZJh_R4iBozyzteJpMOFRZQVl4a31FatMp-9MwyJivkjCvLaycQu8QS766G3582T8yAKuHptqacIpgqbaVxTpqWHIHOKJir0XyoXbC4OQQEZULqYaK8Ob1qGA9c3gtrcMrLEbMoDGT1UUMfUThSzT05CgohmxPZQQ&cry=1&dbm_d=AKAmf-D1QEPsDEjwMTlftwlVrox_EmkFLWxxnNynCEqp4Y3CUTE9ZUGPWaJVef3KTUi-NzWIfM1k44CJJ8_0QynSOe8VSO_3VPUT1Jp1wSSBBD9IqceZDq-mvoUljUs42TCO6Ge2SS1VCHq_kck0hb7YaOR--hEOjM_tMkbS5T2FPd49jyToh6AnpHf8gWo-pI8TBF2-wHJ0245irZOXTZv-AS3L0-k86MmnJB1Gy7QJ0LpFXwLEObhwJ2V4LAYXHgjrqDMhdu3HmJ-KPk0uiLNTZRQCjKRmR4cIIvIqUldPKK9RXcgPcks2DGzAzT4ngWt5X560t7B_RrTlGewV4SHkpEnRC8KcybJFhJoN-X-C_FPKloEsNhsXDNgo5g-e7JdYyIN4kIbg4sTy1LLiKuLMR_qgYsJssi7W0sShUpFIcMl0Oewkd-sRXMWt9NN5xoaZiLPVGU93o5AJoRwabAav6-8VtjeiKkljfQwFq1c2y7B5Dmo3B_JXUZ4V3jVcdJXZBkjoy4AAvhxkBcT85wmyRWM6OwSisck9iwFc4eIjeWDCf36_sNGYEd5B96ciYpbyLVhNNjFZ_3ZJtzt9PcoZ_TF-aMNXU1kiAvYjJ61jCc2hPKBy5H487mG3xxG_KjdrtDhNBJVNW0mLEPVs3UMojnkzUUN5v0fGfNE33yWC5MnOkCgyFf_wQ9vkWFG7kwHu5s_-5oN_kKx09z7QslPkkQ1-XI5QuaBENTmih0Ci8DTJd8LV3FpSE8msEP6sO1D5g95DFtosULMPC3iB9LOZkzTWdvXGn8bljnPIwmMYcAwco6Gii3aOvy_nXo0dZCuaoVeXzSnUPhhYUIWl5Dm47dFP1WAnIxVZsbxREmDJ_xIpg9Mu3fxo32UasFzcPi9zqLUXEJKDq--jZHkzz2D5GmSYv8o3hfBI8mbGCGFZ0cwTvUSWyMWSLlzPq8OJCY1X_Ad1LlIs8tK-2RBsydmia56AXstFZu7cM66D39xYsWS6HOmItlsaJm1W6ENF3cDMbjpFqpKg6zRqkpdXO2MlLGQOIf8hZmGuOQaK8ExPoQdVfi8Vusoh1bUeUawwylpRcvwsXmQbAWkGCFEJtbJE8_D1Zpx0klHJ1vojeLZU7ZiK2-hPpW9GlRZnS71eEJYTbKRnZeRvH7eJ7VG85bM-CmOoWiTKHZkjFris7PvTdQaZ0_CFhoYaycxstTmIpS_4ApNI7ZTR8yJjZgD12ycu_rB9Fwxf6kR4SCNA9zzDJGi53lAQuIKPpgmnbGKKxZwVmiXBw-ofl92b-khafHlfNnuBY7k0h6xEBFtt6xJ4giBqvbxkOKBzghp_zpOdnoi0APCLVo40J8HzK_Z-nJFqHNVFn1ZljJxN3FXEjmCDMaGlr5tkla7flvMP86njGD-XQTOV6PiOYKZUjt4RcOM63ZCJe88yHajyFr0n6uUXsset4GURNCbAhwGq1gznMKCBy1V-lcrX6wtanfrc3oNzawfX61hN60zToAOTIvUdB0V7isO4l9ZWP0OsoSxuoYnS-RrWuZ2Ks3ndC6FBZJGVM7OISkWLguDzUxhEvNLVvR1QwKL9AQnQUOx2UJnWmC8qTrGxnyPi2u6BouyiDbNIVzt1j5UVSXiDMh3dmvT_1n9pKBJKNcAdoD2GYaaIvHHZDIWVIZh2DTe2sBjhybdtXF3F_9THKGvv03OXzGaBKCib9hhDc42WJ-rdofW225_r1dhLsKLp11Exm_aftMoiMzHqieyPCBg0sKN4DkCaYpUCgTvCagXUAKiys91BfuHGcQeNvUp5sNNch-ekpAWqqqJHsrN_P_HokTepaiGnn5TSU9wMTSyxobTE1-P9bZISK6mQokc9GD37BtpOa2KNHFLWCen-4hjhUr6ByisekyxeLjRI3aSx898A2q0t9bE1peZQhQOReDKQ3DjQPvj_xcUzs07mg-x66MAc9ZIldMTNa42tcauYTfpA2GmDRmWu_zWpdWRBLJ_-0L95CvsCpkPMDUoUELtoy4ng8nquN4y73nCiBFJGIGtrx3kQ066BjH1h9lgmM6NSIaA4K-bFu_amE-TWPks1EqI4jEBm5pEkkPowT-AuMB3CqlowD07suf6tYBBRGiTBV-CTd70pVvlJsNoIRg3F86BHVkTv0kVhHTF0k-myANqqQsce3Lv-3MqfrFc9WmcB2z4U8dML8sNuj5enL_EJSV-8mb7zsdjqCOKP1OKYOWnXl6KMVsfhMKVRIUM0oafT2V7Pe2qPQOMrl245cOTvdS49ROipo8eJgf4tJfsMI0ltxjIj-9HbqAL5ASOvIq77xFcohMU2Tc-7_o7BbVeK-ru94lLlHdjBi-Yxa5xghX2iPoIBF5XvgbVyikLCdOZUemLoXe-M-aWOQwkPNI8uux13x3DkqedovnFlaLiA5wGdiJwszHFG-Boi9_CHw_Ey9lzcg-Jazw-EkR5mXx5e8ODcz36tYdXeO58koyxsjOv6Y8WR4fZyaXjr1gDgVLnTqROZXj0O7E-wnYG89GPr8SVKeMST3qGsDrZ4zNM_Yxd7YWH6a2TpklgGIUP7e52B6WFcB1Qc_lzixY6tCdn7uCrYefHxXX_4YD_wrQ5ogRt11f4Rj-zQ7FtHxY8WgPLkBUj47Al9F57nnoM9vFcfuQY5Th3ndiohrGhToPmw3pBYKjBeTsTIF20qFp5bRpH1YmQ98sffQMR-Ysr8Oikoa-dovhM5FsMvvr6x3283KYdCPIQTlB6A06n05iJxAVam-F-MLHakkX51BEyVYaTrF3-AKsmsmZUv6eg5pbgnB3U7SGCJ-vD3UQsUV36YBXgCCaDgDgjcx7bihUSdRRJYWvkPjNEZOaMz0fPGEBRs43u_UdfA6l-FEgazyLIT-Oik5CgrkMB0efguqY5pU1t4TzNYAdLlwbP75XU9wxDWrJKDmCoEHQyXmxGw6zZCEvqJJiURqGB_UcdvRRBEaeY-r35V98vRYCowna7QQSP9d7p0P9RdTsXeuMDgIxZ8O7imCTnMI_G8tfm_pK5SCAqMlqWBPRnqMNTv62mxbDOJz2kYx7ojKG2nG7hcsSFsvrUH-NKMf2ESK6wLaS_WudNhANTyFFigz-_Wxpvl2r0MOYoFZO-rD9DPhhKh7sLKrXAv_LSMDHyNbD9CX2CoNdi2y4MXd0jUAXeUVId0J0IwHAdn5eUVintqrHf408fNz3IhYpqb5KPvq0P21TLY5kOCjC32ws2yQOMu_uP05ehls9-l91WUSrYlqSDcB6PkaSf6uwPOee20JdJrhR_OYJ6ppCbyK_ywK2e0Iu37DnYz3NryTxEG-VNxoKr3VbLC1CVbTsfJ5BOWUP4sMTBENromTzIazooSfOqQEYbVUcQ577w5S0jjQLbzE10cJywy1Eaw4Eoe7FO_zZv-mOaZeEQ-EevWUU5A--h9tvE4vVzngRY02Agy8IkFtp8G3UqWTd_SAWYqYz-GSvEQrSd-yeKM63SyFgYCGy1DiyG32wEzM4I-JesoybG_WzSFHhPJ6rTTY6BTa7bukO-eBAC2rKC-00NF4VvijGiHs3N4SNtQJp3gaEG1oNpiW3MZ9hBEDker7t_zbA3NnndPDfCob0TatqTPRZohPrgg1Q3ToEbvfmf3K7fIPKW0weYBhLRInI8HWUIYRjtZCh0li5jGHb3YmUrI7T9Rogk5Rzvm7Sey_PPEIHrSKYri1yMELqXCbik8JOfDm7QT6QypRp5MUKf3j66LqLr6DAlr5DKri7Z7YcZg8LokRCqHoYnaW4BKsCniY8BgA62lZn7dlTQnkdua1r7QG3u0NPNyWYlkRu5We32Y3KlKIQ9QO1KworSCXzmbWjkd8Rh80942ACpVDsh7Uld8SZyUxT_i2FHzCfLpN-3uoZwk2zpkgJyQeJb0n9txMOzZC2eaS0CfdpZ1mvp7sh5J0YQ8qr3BEoJKPYJlYi6oIlSesSqzJHi-slR3ySs_eycau-1M0Xrnj4-R09WwSAxAhtXbuT79wULM-4Ap_mtH4DH3-9IUSbXvavsspkeTbrsxu2gDMP0cZx5VzgAd8TC_VPcsC9v_JK4YnjYsddiBcOKGFCU7gdLqK5u4&cid=CAQSTwDICaaNKoTdintvcbNWEPDneI7DoNLDuQG4bBJAL42lEilEeZZbKpEV0tQ7hO0BQwOyqk8H0FdmlglUGODbt_7wKwM1Yt1cZheNOtPmG2sYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.haibunda.com%2F&ds=l&xdt=1&iif=1&cor=13070911472924301000&adk=2228999114&idt=94&cac=0&dtd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 214349
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjI3MzA1NzczMTU4MAogIHNlcnZlcl9pcDogMTM0MDYxNjcxCiAgcHJvY2Vzc19pZDogMTk0Njk3NjgwMwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame A08B 0
867 B 127ms
67ms Image
image/png 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjI3MzA1NzczMTU4MAogIHNlcnZlcl9pcDogMTM0MDYxNjcxCiAgcHJvY2Vzc19pZDogMTk0Njk3NjgwMwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNzQ4OTQzNjY2ODQxNDIzMTg5MwpkZWJ1Z19rZXk6IDEwOTAyOTM3NTQ0OTc3NDE0NzY0CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0xMSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMTc1ODk5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMDcwNjcKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2FkLXNydi5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9rbGljay13ZWx0LmRlIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:37 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xd27808e55bf7b19a0000000000000000","13":"0xddae7aebe1866baa0000000000000000","14":"0xd2194a21798b11530000000000000000","15":"0x8a8c22a3b594eb10000000000000000"},"debug_key":"10902937544977414764","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"17489436668414231893"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame A08B 12 KB
4 KB 51ms
12ms Script
text/html 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1702273057203497&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAzYaIaB2Zem1DKKtjuwP-dCQsAGm5b2gaa2VnKfJD_AuEAEg4P_mHGCVgoCAtAfIAQmpAmItiH_3DrI-qAMByAObBKoEnAJP0DPFbionL6xDb8Ki_yDuOzd2DQ4S1xg-Ha--ym7p_ehyQhMFvdiih6nTQutn5KeZZc7zl3jViM2kaC6zHEmILqApP2yZWlFAlTQgsid6got2Iho69rkqrJI5PsyUCmv5g_TwvTMt7sjPK9X5UfdJzsnN5ouP6i38aDtXfEVTe3Uo_EK1kQ8XdFaPr9AncWOsd88olw2VP3hABi-rxZ0JoD0pXJkKnhlC-Zo7NXjQkVrZJkm799noaH47CF0oLzlgnm20dfCaYhEVFDu6OmiscSD8Mgzv8Ga9X3qtKd0_PXTN8J5Mk3dMzRUCTBgpseSJsFbdoL_2mIa0b5cHWgxRn7T3vxCQlx-hq6S1QR6m0822oXUiXKrbLJB148AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliz9OOm1YaDA4AKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAqoNAkRF4g0TCJeo5KbVhoMDFaKWgwcdeSgEFrATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNKoTdintvcbNWEPDneI7DoNLDuQG4bBJAL42lEilEeZZbKpEV0tQ7hO0BQwOyqk8H0FdmlglUGODbt_7wKwM1Yt1cZheNOtPmG2sYAQ%26sig%3DAOD64_1nQo4qvcthS0Mgh1qtHWNZ1qNzKg%26client%3Dca-pub-0428516164225172%26dbm_c%3DAKAmf-AO8opH1zSM8l6qw2S6KvdFg4648RiSNcrlv80qWJm33DDz3e5PDpdEr_jQOIAOeXOTIyY4-z-Bjw-1YuwzNVuToqSYC_6mFltpWO2YQp6txTs8xGa0RlvruIOZQV57weSLi9Pwp3CHBWnGFcSyfTdvAdAFtnTFA-rJJnwT4Fnokvr3dw8%26cry%3D1%26dbm_d%3DAKAmf-BlV89_0tD9rO8x7bKu9_qhKBE1gM3rU-qMrREnXUmcu4CxccH6WvBzfeXoWkNzEqD1PpfYkp067YPecFzPv37E30YMeu-gXnNsejUbPR-PSUO7pl3UEar_TC5q6YpL4KwihYxfHbhQn5tIJ5vw4lHSlRm0AbKD73s_6lQ4SzMrMt92r90QZqwUl2ORZXUge6EcyN6R1KDeiYYidSlkYls5towwuyA5FHbV0LTNA0-oX98MaBlkJNDmcMUsiR3D3c9eMbWUyL24xmRse85m5hUidBJnCzyNvFEp-CpMXE1otUEoE-Cwc_k5mQdAZ9VCQag56vPuLnIC_n1W9_Y9eBOMiRWN4KAdUG7YrambTIf8iX1gZNb6LBccY4pNbS6IfK-HISprKvMi9FcSordqedh_PW8KShXVVLqN4ZflxVDspZrxjkyvlcmhQn9SmUjbhbGIcIkWYMEpvVHM4II38a6vZAJRoDZPuOu0wm4w8kaLCXfFQoSFK2gy0NSzzI9afejAz9jImVpID44GhbWUpUxegpOEDiTjWRMB169qFRgrvQ6MbI8%26adurl%3D
Requested by: Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: ca1f8d01f8e97b305403ba92eb765ec47ea35aaaf088ffd40a934e35401d0c5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 05:37:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4249
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7455 38 KB
13 KB 14ms
13ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 179509
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 03:45:48 GMT
expires: Sun, 08 Dec 2024 03:45:48 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 905D 196 KB
56 KB 47ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 10 Dec 2023 23:43:40 GMT
age: 21237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 09 Dec 2024 23:43:40 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 905D 15 KB
5 KB 81ms
47ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 09 Dec 2023 08:33:14 GMT
age: 162263
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 08 Dec 2024 08:33:14 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 905D 95 KB
29 KB 83ms
49ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 09 Dec 2023 07:42:20 GMT
age: 165317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 08 Dec 2024 07:42:20 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 905D 5 KB
2 KB 99ms
65ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Dec 2023 11:30:53 GMT
age: 238004
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Dec 2024 11:30:53 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 905D 40 KB
13 KB 100ms
66ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 10 Dec 2023 23:43:33 GMT
age: 21244
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 09 Dec 2024 23:43:33 GMT

GET
DATA 200
OK truncated
/ Frame 905D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d118a84feb11debf2c46ecca1ec1014205c1c369de317df3f217fa92b92eb423

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 11189611139674897181
tpc.googlesyndication.com/simgad/ Frame 905D 49 KB
49 KB 14ms
14ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11189611139674897181

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d83129bfd8ba1d595280732060c1987dcb8ad35381cfdcbe7bbf8144b0e04e7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 23:05:22 GMT
x-content-type-options: nosniff
age: 23535
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49970
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 09:50:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 09 Dec 2024 23:05:22 GMT

GET
H3 200 id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 905D 3 KB
3 KB 21ms
21ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/id.png

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 20:38:54 GMT
x-content-type-options: nosniff
server: cafe
age: 32323
etag: 12948112503563494795
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
expires: Mon, 11 Dec 2023 20:38:54 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 905D 344 B
368 B 13ms
13ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 21:48:36 GMT
x-content-type-options: nosniff
server: cafe
age: 28141
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 11 Dec 2023 21:48:36 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 7455 39 KB
15 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Dec 2024 19:00:51 GMT

GET
H2 200 batch Show response
services.insurads.com/dfp/mapping/ Frame 2E74 1 KB
639 B 118ms
118ms Script
application/javascript 18.210.2.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/dfp/mapping/batch?appId=2414&requests=[{%22eaUp%22:%22/4905536/HaiBunda_desktop/billboard%22,%22eoId%22:508818616,%22advId%22:820121176,%22w%22:970,%22h%22:250,%22eId%22:%22main_haibunda_desktop_billboard_0%22},{%22eaUp%22:%22/4905536/HaiBunda_desktop/medium_rectangle2%22,%22eoId%22:508818616,%22advId%22:820121176,%22w%22:300,%22h%22:250,%22eId%22:%22main_haibunda_desktop_medium_rectangle2_0%22}]&h=https%3A%2F%2Fwww.haibunda.com%2F&ts=1702273057830
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.21b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.210.2.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-2-56.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 958bbcf9bfa5175d4f900d794cadb5576c865a56f8643b6e00c2a6963ecd03bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:37 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript; charset=utf-8

GET
H/1.1

200
OK

request.php Show response
hal900021.redintelligence.net/ Frame A08B
Redirect Chain

https://hal900021.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=9ca5700e09&subid=&uid=d46426254a302c07&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900021.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=9ca5700e09&subid=&uid=d46426254a302c07&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

101ms
78ms

Script
application/x-javascript

144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=9ca5700e09&subid=&uid=d46426254a302c07&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAzYaIaB2Zem1DKKtjuwP-dCQsAGm5b2gaa2VnKfJD_AuEAEg4P_mHGCVgoCAtAfIAQmpAmItiH_3DrI-qAMByAObBKoEnAJP0DPFbionL6xDb8Ki_yDuOzd2DQ4S1xg-Ha--ym7p_ehyQhMFvdiih6nTQutn5KeZZc7zl3jViM2kaC6zHEmILqApP2yZWlFAlTQgsid6got2Iho69rkqrJI5PsyUCmv5g_TwvTMt7sjPK9X5UfdJzsnN5ouP6i38aDtXfEVTe3Uo_EK1kQ8XdFaPr9AncWOsd88olw2VP3hABi-rxZ0JoD0pXJkKnhlC-Zo7NXjQkVrZJkm799noaH47CF0oLzlgnm20dfCaYhEVFDu6OmiscSD8Mgzv8Ga9X3qtKd0_PXTN8J5Mk3dMzRUCTBgpseSJsFbdoL_2mIa0b5cHWgxRn7T3vxCQlx-hq6S1QR6m0822oXUiXKrbLJB148AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliz9OOm1YaDA4AKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAqoNAkRF4g0TCJeo5KbVhoMDFaKWgwcdeSgEFrATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNKoTdintvcbNWEPDneI7DoNLDuQG4bBJAL42lEilEeZZbKpEV0tQ7hO0BQwOyqk8H0FdmlglUGODbt_7wKwM1Yt1cZheNOtPmG2sYAQ%26sig%3DAOD64_1nQo4qvcthS0Mgh1qtHWNZ1qNzKg%26client%3Dca-pub-0428516164225172%26dbm_c%3DAKAmf-AO8opH1zSM8l6qw2S6KvdFg4648RiSNcrlv80qWJm33DDz3e5PDpdEr_jQOIAOeXOTIyY4-z-Bjw-1YuwzNVuToqSYC_6mFltpWO2YQp6txTs8xGa0RlvruIOZQV57weSLi9Pwp3CHBWnGFcSyfTdvAdAFtnTFA-rJJnwT4Fnokvr3dw8%26cry%3D1%26dbm_d%3DAKAmf-BlV89_0tD9rO8x7bKu9_qhKBE1gM3rU-qMrREnXUmcu4CxccH6WvBzfeXoWkNzEqD1PpfYkp067YPecFzPv37E30YMeu-gXnNsejUbPR-PSUO7pl3UEar_TC5q6YpL4KwihYxfHbhQn5tIJ5vw4lHSlRm0AbKD73s_6lQ4SzMrMt92r90QZqwUl2ORZXUge6EcyN6R1KDeiYYidSlkYls5towwuyA5FHbV0LTNA0-oX98MaBlkJNDmcMUsiR3D3c9eMbWUyL24xmRse85m5hUidBJnCzyNvFEp-CpMXE1otUEoE-Cwc_k5mQdAZ9VCQag56vPuLnIC_n1W9_Y9eBOMiRWN4KAdUG7YrambTIf8iX1gZNb6LBccY4pNbS6IfK-HISprKvMi9FcSordqedh_PW8KShXVVLqN4ZflxVDspZrxjkyvlcmhQn9SmUjbhbGIcIkWYMEpvVHM4II38a6vZAJRoDZPuOu0wm4w8kaLCXfFQoSFK2gy0NSzzI9afejAz9jImVpID44GhbWUpUxegpOEDiTjWRMB169qFRgrvQ6MbI8%26adurl%3D&documentReferer=https%3A%2F%2Fwww.haibunda.com%2F&ancestorOrigins=https%3A%2F%2Fwww.haibunda.com&random=9184241977634&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 93a3fb5e5c49bf236583ced8b20c06d3b0f53572e6465df0606fc13a65ff36e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Dec 2023 05:37:38 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 47675300013898004444554012535021
Connection: close
Content-Length: 1352
Expires: Mon, 11 Dec 2023 05:37:38 +0100

Redirect headers

Pragma: no-cache
Date: Mon, 11 Dec 2023 05:37:37 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=9ca5700e09&subid=&uid=d46426254a302c07&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAzYaIaB2Zem1DKKtjuwP-dCQsAGm5b2gaa2VnKfJD_AuEAEg4P_mHGCVgoCAtAfIAQmpAmItiH_3DrI-qAMByAObBKoEnAJP0DPFbionL6xDb8Ki_yDuOzd2DQ4S1xg-Ha--ym7p_ehyQhMFvdiih6nTQutn5KeZZc7zl3jViM2kaC6zHEmILqApP2yZWlFAlTQgsid6got2Iho69rkqrJI5PsyUCmv5g_TwvTMt7sjPK9X5UfdJzsnN5ouP6i38aDtXfEVTe3Uo_EK1kQ8XdFaPr9AncWOsd88olw2VP3hABi-rxZ0JoD0pXJkKnhlC-Zo7NXjQkVrZJkm799noaH47CF0oLzlgnm20dfCaYhEVFDu6OmiscSD8Mgzv8Ga9X3qtKd0_PXTN8J5Mk3dMzRUCTBgpseSJsFbdoL_2mIa0b5cHWgxRn7T3vxCQlx-hq6S1QR6m0822oXUiXKrbLJB148AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliz9OOm1YaDA4AKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAqoNAkRF4g0TCJeo5KbVhoMDFaKWgwcdeSgEFrATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNKoTdintvcbNWEPDneI7DoNLDuQG4bBJAL42lEilEeZZbKpEV0tQ7hO0BQwOyqk8H0FdmlglUGODbt_7wKwM1Yt1cZheNOtPmG2sYAQ%26sig%3DAOD64_1nQo4qvcthS0Mgh1qtHWNZ1qNzKg%26client%3Dca-pub-0428516164225172%26dbm_c%3DAKAmf-AO8opH1zSM8l6qw2S6KvdFg4648RiSNcrlv80qWJm33DDz3e5PDpdEr_jQOIAOeXOTIyY4-z-Bjw-1YuwzNVuToqSYC_6mFltpWO2YQp6txTs8xGa0RlvruIOZQV57weSLi9Pwp3CHBWnGFcSyfTdvAdAFtnTFA-rJJnwT4Fnokvr3dw8%26cry%3D1%26dbm_d%3DAKAmf-BlV89_0tD9rO8x7bKu9_qhKBE1gM3rU-qMrREnXUmcu4CxccH6WvBzfeXoWkNzEqD1PpfYkp067YPecFzPv37E30YMeu-gXnNsejUbPR-PSUO7pl3UEar_TC5q6YpL4KwihYxfHbhQn5tIJ5vw4lHSlRm0AbKD73s_6lQ4SzMrMt92r90QZqwUl2ORZXUge6EcyN6R1KDeiYYidSlkYls5towwuyA5FHbV0LTNA0-oX98MaBlkJNDmcMUsiR3D3c9eMbWUyL24xmRse85m5hUidBJnCzyNvFEp-CpMXE1otUEoE-Cwc_k5mQdAZ9VCQag56vPuLnIC_n1W9_Y9eBOMiRWN4KAdUG7YrambTIf8iX1gZNb6LBccY4pNbS6IfK-HISprKvMi9FcSordqedh_PW8KShXVVLqN4ZflxVDspZrxjkyvlcmhQn9SmUjbhbGIcIkWYMEpvVHM4II38a6vZAJRoDZPuOu0wm4w8kaLCXfFQoSFK2gy0NSzzI9afejAz9jImVpID44GhbWUpUxegpOEDiTjWRMB169qFRgrvQ6MbI8%26adurl%3D&documentReferer=https%3A%2F%2Fwww.haibunda.com%2F&ancestorOrigins=https%3A%2F%2Fwww.haibunda.com&random=9184241977634&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Mon, 11 Dec 2023 05:37:37 +0100

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 905D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

27ms
27ms

Image
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H3
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Redirect headers

date: Mon, 11 Dec 2023 05:37:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/13061726057864576226/styles/ Frame B5E4 3 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13061726057864576226/styles/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d533f38bae7bae6d71d6d9be3b8a5663ec4f02b0bfaabcad38a1c96ba07d130

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:34:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205372
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1135
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 09:56:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 20:34:45 GMT

GET
H3 200 gsap_3.11.5_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B5E4 70 KB
27 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.5_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27946
x-xss-protection: 0
last-modified: Fri, 12 May 2023 16:06:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Dec 2023 05:37:38 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 905D 0
0 59ms
58ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cvk0kIaB2ZbOAGqucjuwPkoyE4Ai9jevFdNrksLCeEtrZHhABIOD_5hxglYKAgLQHoAHs2r7yAsgBA6kCYi2If_cOsj7gAgCoAwHIAwiqBLQCT9AujgqqTk4RhUZJTVOtlC7pB_0m6ngGv9Y8eVH2qtQKRSzKVLlIPoblI-_quhMLWlBPOgQXErIAv0dnZAnB7PtrKvSCLBBI5ihPaM3U6yx8kUmz2dEO5KaOm9Cv6XkEkJoWrd-EuiXN81X8f3CTIhLvfCWmECKMNupbFu93OjspU0SktopwNHBM9YuOMCITwAEhSTY7OteRgAyHvOPdn2V3awy_Q-YJ7UFayeF8Vx4HYvVvsNlOdlhNoIqpDc3r5cpjLWWzjuqQjJWGIhH6k3dOWPQl1c4WCulB0kjuPvXZECMCSSyyFN8hrgObpt7bFJkB7PskYdk2289P3phPLe4e6tR4d7-Zo_aGYmRJCf9XzHX2VnJEmHvybQ3IX9-cJrnZy7GRlHeEdFIOQfh8yUorIfrABNOZvYPbBOAEAYgFwMX9xE2SBQQIBBgBkgUECAUYBKAGA4AH_KTBjQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDRzTTSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WNHn46bVhoMDmgmEAWh0dHBzOi8vZW1lYS5pbmdyYW1taWNyby5jb20vZGUtZGUvaHAtc21hcnQtYnV5P3V0bV9zb3VyY2U9QVotRGlyZWN0X0luZ3JhbSZ1dG1fbWVkaXVtPUdETl9EaXNwbGF5JnV0bV9jYW1wYWlnbj0yNFExX0RFX0hQX1NtYXJ0X0J1eYAKA8gLAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAuINEwirm-Sm1YaDAxUrjoMHHRIGAYzYEwLQFQGYFgGAFwGyFx4KHAgAEhRwdWItNjg4MDUzMzI2MzUzNTIzNBjgzxE&sigh=2Nq2xfhTkoM&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwDICaaN4Lfb21KCc1zWoXn_pOv9Wlsq1ZwM-LWh8FTLdtfAHlahtepExyeAnxmUVFps624BVtFrNuv25sCxP4qsPd0M9AYkEkBcOlBlykQYAQ&cbvp=2
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 a162c1bc-d10c-4b51-8d55-f6fdc6d1a1eb_169.jpg
akcdn.detik.net.id/visual/2017/03/20/ 11 KB
12 KB 187ms
186ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2017/03/20/a162c1bc-d10c-4b51-8d55-f6fdc6d1a1eb_169.jpg?w=428

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

8c4263213f1d4d432c983029e4fbd114e8c16b333e9374d95af995aeaaa8e33c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:38 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st12
server: st8
etag: W/"0b86aab2a662597607a5fc5338b8a1be55d1ca9f"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tnbts-raih-peringkat-tiga-taman-tercantik-di-dunia_169.jpeg
akcdn.detik.net.id/visual/2023/12/04/ 23 KB
23 KB 189ms
188ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/12/04/tnbts-raih-peringkat-tiga-taman-tercantik-di-dunia_169.jpeg?w=428

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

8503ca172b8449f786f7ded80bde785489ebd41c172190b741c65f5f16f7bd83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:38 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st1
server: st8
etag: W/"d0dcc5e696f65c8aeefffc6018f5d0b4e3265043"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ROUNN-x-Jovi.png
editorial.femaledaily.com/wp-content/uploads/2023/12/ 330 KB
330 KB 755ms
245ms Image
image/png 52.76.29.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://editorial.femaledaily.com/wp-content/uploads/2023/12/ROUNN-x-Jovi.png

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.76.29.240 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-76-29-240.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

aa1c613a81da8d0b86714f655b56e5a026a6041003b8a3655edf3dd56491fa65

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Dec 2023 03:30:36 GMT
etag: "6576825c-526d1"
content-type: image/png
accept-ranges: bytes
content-length: 337617

GET
H2 200 dear-me-beauty-1_169.png
akcdn.detik.net.id/visual/2023/12/09/ 16 KB
16 KB 190ms
190ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/12/09/dear-me-beauty-1_169.png?w=428

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

68b105c42735f17cc78f509aee362507f90f41aca245bc81fc53eddcd7f787a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:38 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st10
server: st8
etag: W/"3b7b723807cad0cbc2eda92cc58cac2ba1c2ce17"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 line-up-golden-disc-awards-2024-2_169.png
akcdn.detik.net.id/community/media/visual/2023/12/11/ 21 KB
22 KB 191ms
190ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/community/media/visual/2023/12/11/line-up-golden-disc-awards-2024-2_169.png?w=428

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

c0dfe0904eef3bda20161c0d9c4e09937650d0272db5ea6cbbee23789e4b992b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:38 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st13
server: st8
etag: W/"bf87871add66b02e2a5a9c102fcf46f2c68bc748"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/13061726057864576226/js/ Frame B5E4 5 KB
1 KB 13ms
13ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13061726057864576226/js/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

470c3f9b9d534ef1c763871c932a51bc33c6b08029318e4ed4ab863fde764a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13061726057864576226/index.html?e=69&leftOffset=0&topOffset=0&c=77u6sVAFAp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:34:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205373
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1456
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 09:56:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 20:34:45 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7455 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BvHtVIaB2ZbzTLOe89u8Po4SyoAcAAAAAOAHgBAI&bg=!YmGlYS7NAAY3kmNgF5I7ADQBe5WfOCJXCEzIIaXTDyTWPihe1KQoL5WAhfRd1_0yhYAUqH_nK4w510QUsDuKwhjsJqU9AgAAAI5SAAAAAmgBBwoAEfZhb11iDIFwg-RRhcNhAYqlmQNAhfvtfZIjittdnwm1F8af-Cj1JBvASmGMo04ydDStATRkiYGANCMfQzfCiqNqz_TJPJ5NCmupiUXikERVOu9i9fkVG4bzMBBnuJc2_kmnKpC60iOI74Bb73FsYYzkCsnoc5TbH2fmsViVeboIGTYZNItTTmJvGg9F1Xjz9WmQzEo-ZmXaEb7IIzd8yeA8dprUaqg4KDEN06qr5QuyITwRkMyXR9F0kE4n0Im16yTQr3BehRWbykGvUlbR5ewXfAxC0cLOlcI3H0hcsN-68bigk11qa_6iIATSIQnPhTd7GBL5JK7I5CAN8vprwYOqhOtJs8oCJqXsN17jUiy9Y9tHZJ9Z46OBqh9CKLpnydWe7wwo21k0aKhF1-o5JJ71FoG5ThDCCpCGEFoOUOoeCSTI-X0o35v4ZXVA7Kle2q2vRNN34XX82p6tKPCIiHZNE2oP8-_08Qsd-1Fb8OhANBweeRAKSbIyX6KLD4Tvk3FgSvNsOgT1rDo0ipZUKFaF5iWd5FbBHZNPBkVRH8TiI-htlgoXs_gidru4MA-Ac_ROuLuXtyP6O9KErGB5nwemWHomolSSzw6R70l1hXznMC113oBwgGIgHvqYgJLn9uasgQk-Hubao1fGp-Tjv5KzI-0lB6iLtluLgTpWqVXpyPISAmEqawmuaGxTWF1Fx4t6STMWCfCxR2vg6PPoIQUpKUqAv1vycXS5GbQ_t1BSn7S1CIC2k0kK3cBiW1KGcTUdo5Ts8N28tXm8dzIM-Ear2wBxrtURtE7PNSpNGgBZbHsg1nG4O4jXL3JHHwB5TSUsIOnZNM9BqpCS_ezXhw_VZhoP34QYgkdzwALbUy1vCHM_6wT8hUdNkxKVtkMrOpp4t7FxuzpE-ODLZjpsPLh9zQUyfoeZ5ZewHp8bBEm-GqcZGNFxiWNtOVOiR9Pahw7T4XKi1vcv1wBBNrfmzZGW-MSU7jG8EV4fB-YPsrex93oghTp5G7cRzMMBlJBRNlpSJYRYt1BAr-_-6kEWgeI1hyBVMGHPiKnxmxe0wZMsItZIFTQ4p8vtWj_UbGBysz4s6ukwRmjqwhkUmhYtMZDg5Yx7SBR4UNI7mgIEb3OCQMgH8w

Requested by

Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E8FE 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcn2RWe988_9A1CkMRizRHOLXlkGlR7SV1GEfEU9T4Bh--Kj-10CRYo2A09OFOFQm3o-GcLbU1GVaPVmjwTzbUGXoNgTKKlsT6QofzuiXVnglnjE9Hi3Y0rWUhVtOojIPeWy8uWVDix_8K&sai=AMfl-YQZpDW_oAe-My59UUC1O3MxzFHpcuw8899RnVC9y0-I8VONWiK6nDsyoA8NqWtMqg70FlUS00pxfi4Lzugqtrwlwv2zJdB0w_5EG1iB24qn3o_gAxhAXIru5mMCUxP0y9jeW04JoeHwtmzLXyyqJlJIwJYZ4B1bNm0&sig=Cg0ArKJSzFDERIWFv7jgEAE&cid=CAQSTgDICaaNN8_Vmbq2OV7TEMIqX-EZJ0bpWreEyfBEI2wE9tE2BVb_DqaChhKs95uZN2_QX7u5vPkl411m9oHha2WieHg-3PEYp43lLU_1cBgB&id=lidar2&mcvt=1024&p=1103,436,1193,1164&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=528661791&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702273056821&rpt=279&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame CEF7 0
326 B 65ms
16ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=47675300013898004444554012535021&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=9ca5700e09&subid=&uid=d46426254a302c07&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAzYaIaB2Zem1DKKtjuwP-dCQsAGm5b2gaa2VnKfJD_AuEAEg4P_mHGCVgoCAtAfIAQmpAmItiH_3DrI-qAMByAObBKoEnAJP0DPFbionL6xDb8Ki_yDuOzd2DQ4S1xg-Ha--ym7p_ehyQhMFvdiih6nTQutn5KeZZc7zl3jViM2kaC6zHEmILqApP2yZWlFAlTQgsid6got2Iho69rkqrJI5PsyUCmv5g_TwvTMt7sjPK9X5UfdJzsnN5ouP6i38aDtXfEVTe3Uo_EK1kQ8XdFaPr9AncWOsd88olw2VP3hABi-rxZ0JoD0pXJkKnhlC-Zo7NXjQkVrZJkm799noaH47CF0oLzlgnm20dfCaYhEVFDu6OmiscSD8Mgzv8Ga9X3qtKd0_PXTN8J5Mk3dMzRUCTBgpseSJsFbdoL_2mIa0b5cHWgxRn7T3vxCQlx-hq6S1QR6m0822oXUiXKrbLJB148AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliz9OOm1YaDA4AKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAqoNAkRF4g0TCJeo5KbVhoMDFaKWgwcdeSgEFrATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNKoTdintvcbNWEPDneI7DoNLDuQG4bBJAL42lEilEeZZbKpEV0tQ7hO0BQwOyqk8H0FdmlglUGODbt_7wKwM1Yt1cZheNOtPmG2sYAQ%26sig%3DAOD64_1nQo4qvcthS0Mgh1qtHWNZ1qNzKg%26client%3Dca-pub-0428516164225172%26dbm_c%3DAKAmf-AO8opH1zSM8l6qw2S6KvdFg4648RiSNcrlv80qWJm33DDz3e5PDpdEr_jQOIAOeXOTIyY4-z-Bjw-1YuwzNVuToqSYC_6mFltpWO2YQp6txTs8xGa0RlvruIOZQV57weSLi9Pwp3CHBWnGFcSyfTdvAdAFtnTFA-rJJnwT4Fnokvr3dw8%26cry%3D1%26dbm_d%3DAKAmf-BlV89_0tD9rO8x7bKu9_qhKBE1gM3rU-qMrREnXUmcu4CxccH6WvBzfeXoWkNzEqD1PpfYkp067YPecFzPv37E30YMeu-gXnNsejUbPR-PSUO7pl3UEar_TC5q6YpL4KwihYxfHbhQn5tIJ5vw4lHSlRm0AbKD73s_6lQ4SzMrMt92r90QZqwUl2ORZXUge6EcyN6R1KDeiYYidSlkYls5towwuyA5FHbV0LTNA0-oX98MaBlkJNDmcMUsiR3D3c9eMbWUyL24xmRse85m5hUidBJnCzyNvFEp-CpMXE1otUEoE-Cwc_k5mQdAZ9VCQag56vPuLnIC_n1W9_Y9eBOMiRWN4KAdUG7YrambTIf8iX1gZNb6LBccY4pNbS6IfK-HISprKvMi9FcSordqedh_PW8KShXVVLqN4ZflxVDspZrxjkyvlcmhQn9SmUjbhbGIcIkWYMEpvVHM4II38a6vZAJRoDZPuOu0wm4w8kaLCXfFQoSFK2gy0NSzzI9afejAz9jImVpID44GhbWUpUxegpOEDiTjWRMB169qFRgrvQ6MbI8%26adurl%3D&documentReferer=https%3A%2F%2Fwww.haibunda.com%2F&ancestorOrigins=https%3A%2F%2Fwww.haibunda.com&random=9184241977634&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Mon, 11 Dec 2023 05:37:38 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 / Show response
adv.office-partner.de/ Frame 2842 930 B
923 B 62ms
7ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=9ca5700e09&subid=&uid=d46426254a302c07&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAzYaIaB2Zem1DKKtjuwP-dCQsAGm5b2gaa2VnKfJD_AuEAEg4P_mHGCVgoCAtAfIAQmpAmItiH_3DrI-qAMByAObBKoEnAJP0DPFbionL6xDb8Ki_yDuOzd2DQ4S1xg-Ha--ym7p_ehyQhMFvdiih6nTQutn5KeZZc7zl3jViM2kaC6zHEmILqApP2yZWlFAlTQgsid6got2Iho69rkqrJI5PsyUCmv5g_TwvTMt7sjPK9X5UfdJzsnN5ouP6i38aDtXfEVTe3Uo_EK1kQ8XdFaPr9AncWOsd88olw2VP3hABi-rxZ0JoD0pXJkKnhlC-Zo7NXjQkVrZJkm799noaH47CF0oLzlgnm20dfCaYhEVFDu6OmiscSD8Mgzv8Ga9X3qtKd0_PXTN8J5Mk3dMzRUCTBgpseSJsFbdoL_2mIa0b5cHWgxRn7T3vxCQlx-hq6S1QR6m0822oXUiXKrbLJB148AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliz9OOm1YaDA4AKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAqoNAkRF4g0TCJeo5KbVhoMDFaKWgwcdeSgEFrATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNKoTdintvcbNWEPDneI7DoNLDuQG4bBJAL42lEilEeZZbKpEV0tQ7hO0BQwOyqk8H0FdmlglUGODbt_7wKwM1Yt1cZheNOtPmG2sYAQ%26sig%3DAOD64_1nQo4qvcthS0Mgh1qtHWNZ1qNzKg%26client%3Dca-pub-0428516164225172%26dbm_c%3DAKAmf-AO8opH1zSM8l6qw2S6KvdFg4648RiSNcrlv80qWJm33DDz3e5PDpdEr_jQOIAOeXOTIyY4-z-Bjw-1YuwzNVuToqSYC_6mFltpWO2YQp6txTs8xGa0RlvruIOZQV57weSLi9Pwp3CHBWnGFcSyfTdvAdAFtnTFA-rJJnwT4Fnokvr3dw8%26cry%3D1%26dbm_d%3DAKAmf-BlV89_0tD9rO8x7bKu9_qhKBE1gM3rU-qMrREnXUmcu4CxccH6WvBzfeXoWkNzEqD1PpfYkp067YPecFzPv37E30YMeu-gXnNsejUbPR-PSUO7pl3UEar_TC5q6YpL4KwihYxfHbhQn5tIJ5vw4lHSlRm0AbKD73s_6lQ4SzMrMt92r90QZqwUl2ORZXUge6EcyN6R1KDeiYYidSlkYls5towwuyA5FHbV0LTNA0-oX98MaBlkJNDmcMUsiR3D3c9eMbWUyL24xmRse85m5hUidBJnCzyNvFEp-CpMXE1otUEoE-Cwc_k5mQdAZ9VCQag56vPuLnIC_n1W9_Y9eBOMiRWN4KAdUG7YrambTIf8iX1gZNb6LBccY4pNbS6IfK-HISprKvMi9FcSordqedh_PW8KShXVVLqN4ZflxVDspZrxjkyvlcmhQn9SmUjbhbGIcIkWYMEpvVHM4II38a6vZAJRoDZPuOu0wm4w8kaLCXfFQoSFK2gy0NSzzI9afejAz9jImVpID44GhbWUpUxegpOEDiTjWRMB169qFRgrvQ6MbI8%26adurl%3D&documentReferer=https%3A%2F%2Fwww.haibunda.com%2F&ancestorOrigins=https%3A%2F%2Fwww.haibunda.com&random=9184241977634&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Mon, 11 Dec 2023 05:37:38 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Mon, 18 Dec 2023 05:37:38 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame A08B 0
326 B 65ms
16ms Script
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=47675300013898004444554012535021&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=9ca5700e09&subid=&uid=d46426254a302c07&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAzYaIaB2Zem1DKKtjuwP-dCQsAGm5b2gaa2VnKfJD_AuEAEg4P_mHGCVgoCAtAfIAQmpAmItiH_3DrI-qAMByAObBKoEnAJP0DPFbionL6xDb8Ki_yDuOzd2DQ4S1xg-Ha--ym7p_ehyQhMFvdiih6nTQutn5KeZZc7zl3jViM2kaC6zHEmILqApP2yZWlFAlTQgsid6got2Iho69rkqrJI5PsyUCmv5g_TwvTMt7sjPK9X5UfdJzsnN5ouP6i38aDtXfEVTe3Uo_EK1kQ8XdFaPr9AncWOsd88olw2VP3hABi-rxZ0JoD0pXJkKnhlC-Zo7NXjQkVrZJkm799noaH47CF0oLzlgnm20dfCaYhEVFDu6OmiscSD8Mgzv8Ga9X3qtKd0_PXTN8J5Mk3dMzRUCTBgpseSJsFbdoL_2mIa0b5cHWgxRn7T3vxCQlx-hq6S1QR6m0822oXUiXKrbLJB148AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliz9OOm1YaDA4AKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAqoNAkRF4g0TCJeo5KbVhoMDFaKWgwcdeSgEFrATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNKoTdintvcbNWEPDneI7DoNLDuQG4bBJAL42lEilEeZZbKpEV0tQ7hO0BQwOyqk8H0FdmlglUGODbt_7wKwM1Yt1cZheNOtPmG2sYAQ%26sig%3DAOD64_1nQo4qvcthS0Mgh1qtHWNZ1qNzKg%26client%3Dca-pub-0428516164225172%26dbm_c%3DAKAmf-AO8opH1zSM8l6qw2S6KvdFg4648RiSNcrlv80qWJm33DDz3e5PDpdEr_jQOIAOeXOTIyY4-z-Bjw-1YuwzNVuToqSYC_6mFltpWO2YQp6txTs8xGa0RlvruIOZQV57weSLi9Pwp3CHBWnGFcSyfTdvAdAFtnTFA-rJJnwT4Fnokvr3dw8%26cry%3D1%26dbm_d%3DAKAmf-BlV89_0tD9rO8x7bKu9_qhKBE1gM3rU-qMrREnXUmcu4CxccH6WvBzfeXoWkNzEqD1PpfYkp067YPecFzPv37E30YMeu-gXnNsejUbPR-PSUO7pl3UEar_TC5q6YpL4KwihYxfHbhQn5tIJ5vw4lHSlRm0AbKD73s_6lQ4SzMrMt92r90QZqwUl2ORZXUge6EcyN6R1KDeiYYidSlkYls5towwuyA5FHbV0LTNA0-oX98MaBlkJNDmcMUsiR3D3c9eMbWUyL24xmRse85m5hUidBJnCzyNvFEp-CpMXE1otUEoE-Cwc_k5mQdAZ9VCQag56vPuLnIC_n1W9_Y9eBOMiRWN4KAdUG7YrambTIf8iX1gZNb6LBccY4pNbS6IfK-HISprKvMi9FcSordqedh_PW8KShXVVLqN4ZflxVDspZrxjkyvlcmhQn9SmUjbhbGIcIkWYMEpvVHM4II38a6vZAJRoDZPuOu0wm4w8kaLCXfFQoSFK2gy0NSzzI9afejAz9jImVpID44GhbWUpUxegpOEDiTjWRMB169qFRgrvQ6MbI8%26adurl%3D&documentReferer=https%3A%2F%2Fwww.haibunda.com%2F&ancestorOrigins=https%3A%2F%2Fwww.haibunda.com&random=9184241977634&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:38 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame A08B 43 B
361 B 64ms
15ms Image
image/gif 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=47675300013898004444554012535021&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=9ca5700e09&subid=&uid=d46426254a302c07&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAzYaIaB2Zem1DKKtjuwP-dCQsAGm5b2gaa2VnKfJD_AuEAEg4P_mHGCVgoCAtAfIAQmpAmItiH_3DrI-qAMByAObBKoEnAJP0DPFbionL6xDb8Ki_yDuOzd2DQ4S1xg-Ha--ym7p_ehyQhMFvdiih6nTQutn5KeZZc7zl3jViM2kaC6zHEmILqApP2yZWlFAlTQgsid6got2Iho69rkqrJI5PsyUCmv5g_TwvTMt7sjPK9X5UfdJzsnN5ouP6i38aDtXfEVTe3Uo_EK1kQ8XdFaPr9AncWOsd88olw2VP3hABi-rxZ0JoD0pXJkKnhlC-Zo7NXjQkVrZJkm799noaH47CF0oLzlgnm20dfCaYhEVFDu6OmiscSD8Mgzv8Ga9X3qtKd0_PXTN8J5Mk3dMzRUCTBgpseSJsFbdoL_2mIa0b5cHWgxRn7T3vxCQlx-hq6S1QR6m0822oXUiXKrbLJB148AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliz9OOm1YaDA4AKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAqoNAkRF4g0TCJeo5KbVhoMDFaKWgwcdeSgEFrATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNKoTdintvcbNWEPDneI7DoNLDuQG4bBJAL42lEilEeZZbKpEV0tQ7hO0BQwOyqk8H0FdmlglUGODbt_7wKwM1Yt1cZheNOtPmG2sYAQ%26sig%3DAOD64_1nQo4qvcthS0Mgh1qtHWNZ1qNzKg%26client%3Dca-pub-0428516164225172%26dbm_c%3DAKAmf-AO8opH1zSM8l6qw2S6KvdFg4648RiSNcrlv80qWJm33DDz3e5PDpdEr_jQOIAOeXOTIyY4-z-Bjw-1YuwzNVuToqSYC_6mFltpWO2YQp6txTs8xGa0RlvruIOZQV57weSLi9Pwp3CHBWnGFcSyfTdvAdAFtnTFA-rJJnwT4Fnokvr3dw8%26cry%3D1%26dbm_d%3DAKAmf-BlV89_0tD9rO8x7bKu9_qhKBE1gM3rU-qMrREnXUmcu4CxccH6WvBzfeXoWkNzEqD1PpfYkp067YPecFzPv37E30YMeu-gXnNsejUbPR-PSUO7pl3UEar_TC5q6YpL4KwihYxfHbhQn5tIJ5vw4lHSlRm0AbKD73s_6lQ4SzMrMt92r90QZqwUl2ORZXUge6EcyN6R1KDeiYYidSlkYls5towwuyA5FHbV0LTNA0-oX98MaBlkJNDmcMUsiR3D3c9eMbWUyL24xmRse85m5hUidBJnCzyNvFEp-CpMXE1otUEoE-Cwc_k5mQdAZ9VCQag56vPuLnIC_n1W9_Y9eBOMiRWN4KAdUG7YrambTIf8iX1gZNb6LBccY4pNbS6IfK-HISprKvMi9FcSordqedh_PW8KShXVVLqN4ZflxVDspZrxjkyvlcmhQn9SmUjbhbGIcIkWYMEpvVHM4II38a6vZAJRoDZPuOu0wm4w8kaLCXfFQoSFK2gy0NSzzI9afejAz9jImVpID44GhbWUpUxegpOEDiTjWRMB169qFRgrvQ6MbI8%26adurl%3D&documentReferer=https%3A%2F%2Fwww.haibunda.com%2F&ancestorOrigins=https%3A%2F%2Fwww.haibunda.com&random=9184241977634&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:38 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame A08B 43 B
702 B 94ms
45ms Image
image/gif 2.23.68.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=47675300013898004444554012535021&pv=1

Requested by

Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=9ca5700e09&subid=&uid=d46426254a302c07&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAzYaIaB2Zem1DKKtjuwP-dCQsAGm5b2gaa2VnKfJD_AuEAEg4P_mHGCVgoCAtAfIAQmpAmItiH_3DrI-qAMByAObBKoEnAJP0DPFbionL6xDb8Ki_yDuOzd2DQ4S1xg-Ha--ym7p_ehyQhMFvdiih6nTQutn5KeZZc7zl3jViM2kaC6zHEmILqApP2yZWlFAlTQgsid6got2Iho69rkqrJI5PsyUCmv5g_TwvTMt7sjPK9X5UfdJzsnN5ouP6i38aDtXfEVTe3Uo_EK1kQ8XdFaPr9AncWOsd88olw2VP3hABi-rxZ0JoD0pXJkKnhlC-Zo7NXjQkVrZJkm799noaH47CF0oLzlgnm20dfCaYhEVFDu6OmiscSD8Mgzv8Ga9X3qtKd0_PXTN8J5Mk3dMzRUCTBgpseSJsFbdoL_2mIa0b5cHWgxRn7T3vxCQlx-hq6S1QR6m0822oXUiXKrbLJB148AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOliz9OOm1YaDA4AKA5gLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAqoNAkRF4g0TCJeo5KbVhoMDFaKWgwcdeSgEFrATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaNKoTdintvcbNWEPDneI7DoNLDuQG4bBJAL42lEilEeZZbKpEV0tQ7hO0BQwOyqk8H0FdmlglUGODbt_7wKwM1Yt1cZheNOtPmG2sYAQ%26sig%3DAOD64_1nQo4qvcthS0Mgh1qtHWNZ1qNzKg%26client%3Dca-pub-0428516164225172%26dbm_c%3DAKAmf-AO8opH1zSM8l6qw2S6KvdFg4648RiSNcrlv80qWJm33DDz3e5PDpdEr_jQOIAOeXOTIyY4-z-Bjw-1YuwzNVuToqSYC_6mFltpWO2YQp6txTs8xGa0RlvruIOZQV57weSLi9Pwp3CHBWnGFcSyfTdvAdAFtnTFA-rJJnwT4Fnokvr3dw8%26cry%3D1%26dbm_d%3DAKAmf-BlV89_0tD9rO8x7bKu9_qhKBE1gM3rU-qMrREnXUmcu4CxccH6WvBzfeXoWkNzEqD1PpfYkp067YPecFzPv37E30YMeu-gXnNsejUbPR-PSUO7pl3UEar_TC5q6YpL4KwihYxfHbhQn5tIJ5vw4lHSlRm0AbKD73s_6lQ4SzMrMt92r90QZqwUl2ORZXUge6EcyN6R1KDeiYYidSlkYls5towwuyA5FHbV0LTNA0-oX98MaBlkJNDmcMUsiR3D3c9eMbWUyL24xmRse85m5hUidBJnCzyNvFEp-CpMXE1otUEoE-Cwc_k5mQdAZ9VCQag56vPuLnIC_n1W9_Y9eBOMiRWN4KAdUG7YrambTIf8iX1gZNb6LBccY4pNbS6IfK-HISprKvMi9FcSordqedh_PW8KShXVVLqN4ZflxVDspZrxjkyvlcmhQn9SmUjbhbGIcIkWYMEpvVHM4II38a6vZAJRoDZPuOu0wm4w8kaLCXfFQoSFK2gy0NSzzI9afejAz9jImVpID44GhbWUpUxegpOEDiTjWRMB169qFRgrvQ6MbI8%26adurl%3D&documentReferer=https%3A%2F%2Fwww.haibunda.com%2F&ancestorOrigins=https%3A%2F%2Fwww.haibunda.com&random=9184241977634&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.23.68.89 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-23-68-89.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Dec 2023 05:37:38 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

OPTIONS
H2 200 list
mcs.tobsnssdk.com/ Frame 0
0 203ms
203ms Preflight 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haibunda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Mon, 11 Dec 2023 05:37:38 GMT
expires: Mon, 11 Dec 2023 05:37:38 GMT
pragma: no-cache
server: TLB
server-timing: cdn-cache; desc=MISS, edge; dur=178, origin; dur=7 inner; dur=3
upstream-caught: 1702273058239829
x-akamai-request-id: bd233c53.4785d0de
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-cache-remote: TCP_MISS from a23-193-104-216.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-origin-response-time: 7,23.193.104.216
x-parent-response-time: 181,104.126.37.124
x-tt-logid: 20231211053737D07CA65730DCEEF3CA32
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea005d3f9fe50253a23474beafc4021ad56c936d65b42bdc8de095344c267009c631905fbd499bb34c8e574b4ce70955cb5f6ec939e0195532657a764fb08009da20fe53759bff801ff3ec8e15b0f5a5fda699bff752666944d27f60663623ebbb5c
x-tt-trace-id: 00-231211053737D07CA65730DCEEF3CA32-31DDDB557C0C4D82-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H2 200 list Show response
mcs.tobsnssdk.com/ 7 B
776 B 178ms
178ms XHR
application/json 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Requested by: Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: 4785d391
date: Mon, 11 Dec 2023 05:37:38 GMT
upstream-caught: 1702273058434997
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121105373781C81B1DE0735AEB8D53-48BAF0D375759ED7-00
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=0, origin; dur=165
content-length: 7
pragma: no-cache
server: TLB
x-tt-logid: 2023121105373781C81B1DE0735AEB8D53
access-control-max-age: 1800
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 165,104.126.37.124
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134536f1c6955a817d45ede27532755ae3998989e55f2d1da7ca4756471d901a6134ee02bd564bbee3103a7d710e191e9bbdbaa091cb8cc796f9c24f03914d597de8
expires: Mon, 11 Dec 2023 05:37:38 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E8FE 43 B
215 B 179ms
178ms Image
image/gif 2600:1f13:800:7780:e000:f538:bd2d:cf42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1742739&asId=96ec8880-4ac8-2d9d-13a0-ac4551ccf40f&tv=%7Bc:wt2Uus,time:892,type:e,im:%7Bpci:%7Btdr:658%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:892,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B887~0%5D,as:%5B887~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:263,fm:tY6EgIY+11%7C12%7C13%7C14*.1742739-75943806%7C141%7C142%7C143%7C15,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:13,sis:105%7D&br=c
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:e000:f538:bd2d:cf42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:38 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1

206
Partial Content

file.mp4
r3---sn-4g5lzne6.c.2mdn.net/videoplayback/id/712f6f4d3ec85bb4/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733809057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm... Frame B5E4
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/712f6f4d3ec85bb4/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733809057/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signatur...
https://r3---sn-4g5lzne6.c.2mdn.net/videoplayback/id/712f6f4d3ec85bb4/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733809057/sparams/acao,ctier,expire,id,ip,ipbits,itag,m...

720 KB
0

95ms
15ms

Media
application/octet-stream

2a00:1450:4001:12::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5lzne6.c.2mdn.net/videoplayback/id/712f6f4d3ec85bb4/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733809057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0E2F08356841C1D3D83E91CB581076002A855D9C.6BEF6D4EECD66C55CC9477B23D1A1B7A36C5F6F0/key/cms1/cms_redirect/yes/mh/pc/mip/2a00:c98:2030:a004:1::14/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1702272470/mv/u/mvi/3/pl/60/file/file.mp4

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:12::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 05:37:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 18 Oct 2023 09:28:32 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/octet-stream
Content-Range: bytes 0-2131407/2131408
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2131408
Expires: Mon, 11 Dec 2023 05:37:38 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:38 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-4g5lzne6.c.2mdn.net/videoplayback/id/712f6f4d3ec85bb4/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733809057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0E2F08356841C1D3D83E91CB581076002A855D9C.6BEF6D4EECD66C55CC9477B23D1A1B7A36C5F6F0/key/cms1/cms_redirect/yes/mh/pc/mip/2a00:c98:2030:a004:1::14/mm/42/mn/sn-4g5lzne6/ms/onc/mt/1702272470/mv/u/mvi/3/pl/60/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 651
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 2842 175 KB
63 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9fdeeace260c539ba397a75bc354082e64925c327e07d1fb4ff788f5f053781a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64126
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Dec 2023 05:37:38 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame A08B 2 KB
2 KB 164ms
84ms Script
text/html 3.11.198.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=47675300013898004444554012535021&nw=1
Requested by: Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.198.160 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-198-160.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 85be195f91e505379a7746129e887d1929b93b449ca651e3045dec5fed055879

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:38 GMT
last-modified: Mon, 11 Dec 2023 05:37:38 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 11 Dec 2023 05:38:38 GMT

GET
H2

200

activityi;dc_pre=CMj-z6fVhoMDFW9TkQUdH_QB3Q;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=230432437040.42426 Show response
8019191.fls.doubleclick.net/ Frame 526E
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=230432437040.42426?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CMj-z6fVhoMDFW9TkQUdH_QB3Q;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=230432437040.42426?

392 B
328 B

60ms
60ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CMj-z6fVhoMDFW9TkQUdH_QB3Q;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=230432437040.42426?

Requested by

Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

2f1c6677e58c633ce01ee52f7c00f0ca50d0c6bb01875498eb3643243b02148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 219
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 05:37:38 GMT
expires: Mon, 11 Dec 2023 05:37:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 05:37:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMj-z6fVhoMDFW9TkQUdH_QB3Q;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=230432437040.42426?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900021.redintelligence.net/ Frame D350 7 KB
2 KB 34ms
12ms Document
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request_content.php?s=47675300013898004444554012535021&a=9c376a87
Requested by: Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 66172b688b7e5f7c3425f2b23e24388c17a6cc3b1b32272bed772c2bd2b0525d

Request headers

Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2052
Content-Type: text/html; charset=utf-8
Date: Mon, 11 Dec 2023 05:37:38 GMT
Expires: Mon, 11 Dec 2023 05:37:38 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame A08B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3687af2d3788e734fd5019b7b3b5b632045377270277f6ce4fab4c11ef862b24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame D350 5 KB
778 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=47675300013898004444554012535021&a=9c376a87

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 05:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 03:41:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 05:37:38 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D350 12 KB
12 KB 131ms
107ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=47675300013898004444554012535021&a=9c376a87
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: d29092b1c9a8c715fed5f389f9d077a8b76fb80885912ad7a322b9b5353ed678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 05:37:38 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12180
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D350 12 KB
12 KB 35ms
12ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=47675300013898004444554012535021&a=9c376a87
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 659f8a09b5e97b0ef2caae50d9cdde63f390010ac8c35f95c62cb5fde23c7b7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 05:37:38 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12073
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D350 8 KB
8 KB 34ms
12ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=47675300013898004444554012535021&a=9c376a87
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: eb97d0bf8cc813f1a88fedac9dac9fa58bb1d541200ecdeb36c4ce7e0b3b800d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 05:37:38 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 8151
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 2842 274 KB
91 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84b3ca0638ff50ab947f966f489414aefd831865c8ab0145af74d4bbbfba3ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93075
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 05:37:38 GMT

GET
H/1.1 200
OK viewability Show response
hal900021.redintelligence.net/ Frame D350 0
150 B 34ms
12ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/viewability?s=47675300013898004444554012535021&a=7fa0b8cf&vb=m
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=47675300013898004444554012535021&a=9c376a87
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/request_content.php?s=47675300013898004444554012535021&a=9c376a87
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Mon, 11 Dec 2023 05:37:38 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 ad Show response
services.insurads.com/ Frame C498 131 B
355 B 107ms
107ms Script
application/javascript 18.210.2.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/ad?auid=910278&appId=2414&s=2830&dm=1&is=0&csz=%5B%5D&sz=%5B%5D&ct=%7B%7D&h=https%3A%2F%2Fwww.haibunda.com%2F&sid=A4DB29AF5192A2DB&v=1.14.21b&ts=1702273058344
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.21b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.210.2.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-2-56.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4f80281f458217d3879bc58f0785b342f2585072df5fb45f53afd3d0dd7ecca4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:38 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript;charset=UTF-8
x-nocache: true
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame D350 14 KB
15 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900021.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:36:48 GMT
x-content-type-options: nosniff
age: 205250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 20:36:48 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame D350 15 KB
15 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900021.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:13:55 GMT
x-content-type-options: nosniff
age: 239023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 11:13:55 GMT

GET
H2 200 dc_pre=CMj-z6fVhoMDFW9TkQUdH_QB3Q;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=230432437040.42426
adservice.google.com/ddm/fls/z/ Frame 526E 42 B
401 B 109ms
51ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMj-z6fVhoMDFW9TkQUdH_QB3Q;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=230432437040.42426

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMj-z6fVhoMDFW9TkQUdH_QB3Q;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=230432437040.42426?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame A08B 53 KB
19 KB 97ms
16ms Script
application/javascript 18.65.39.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=47675300013898004444554012535021&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-98.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 01:58:49 GMT
content-encoding: gzip
via: 1.1 447163709b16a97083db09f6ac040b38.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 16:26:10 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 13130
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: goxBNzNsu-7d10iymP1zorY3LsGG4J4RTzP6abhFKXVyrse7mNpCVg==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame A08B 85 B
437 B 70ms
14ms Image
image/gif 18.239.50.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1702273358&Signature=ifgcx7NRbQlIaaQVfNtiaQT0fG~fDkL7ErlQGAUIH~vEL417tYWSG2nfy8mfQUeZWzO1nCRs7Z21qD243sMBbFzcRjJq4fG59CVCqg3XOqLzFboDDFwFbB6Ll-vrms5Dowd2AT3r71aicMW~gqToH2R15Z6v1kzTrRL5GU0GZXkTqKByiIllW14KoPLQp8X1KfLnfWJrcdatWliE7DwrKKQhfdYX7z7oAG2qGD9li3P2kfMzGJjvoe85Vs9PdZ02~wUW7PDBxtqRLsz6fmLgNFz4cI8CTRsyZqku8wQIh8cKi7jCrh2xSdy8--~kTSoVyGtu4x4bPu87QQ3gOgRRjA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
URL: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-47.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 10 Dec 2023 07:37:51 GMT
via: 1.1 2b4f91feaec910b23d827812b244c812.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 79280
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: g7i6GvgKpXHymt5dNjPvxghuWGGJcZnBMnLph7LCfE6etalZqMYF2A==

POST
H2 404 / Show response
recg.haibunda.com/article-recommendation/ 36 B
114 B 2929ms
2929ms Fetch
text/plain 34.117.205.94
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://recg.haibunda.com/article-recommendation/
Requested by: Host: cdn.haibunda.com
URL: https://cdn.haibunda.com/js/detik-vertical.js?v=4.5.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.205.94 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 94.205.117.34.bc.googleusercontent.com
Software: /
Resource Hash: fd4882e87c37b0ce91b1c7fbebca9af1489952b69dfd352eadb86071166477f4

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.haibunda.com
date: Mon, 11 Dec 2023 05:37:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36
vary: Origin
content-type: text/plain; charset=utf-8

OPTIONS
H2 204 /
recg.haibunda.com/article-recommendation/ Frame 0
0 1214ms
1158ms Preflight 34.117.205.94
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://recg.haibunda.com/article-recommendation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.205.94 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 94.205.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haibunda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.haibunda.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Dec 2023 05:37:39 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google

GET
H2 200 lb
services.insurads.com/ 0
156 B 103ms
100ms Image
text/plain 18.210.2.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.insurads.com/lb?appid=2414&acid=330&s=2830&sid=A4DB29AF5192A2DB&auid=910278&mawId=0&ts=1702273058526&iid=p1ffa847b832f9032743f0d8a28e701de24c6183e33&is=0&m=0
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.210.2.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-2-56.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nocache: true
pragma: no-cache
date: Mon, 11 Dec 2023 05:37:38 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx/1.18.0 (Ubuntu)
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 DysonFutura-Book.woff
s0.2mdn.net/sadbundle/13061726057864576226/fonts/ Frame B5E4 55 KB
55 KB 16ms
16ms Font
font/woff 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13061726057864576226/fonts/DysonFutura-Book.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13061726057864576226/styles/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4750878e466fd6d0b024c731f94e59499aa0056bf258505ce37f1c171c7a81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13061726057864576226/styles/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:07:30 GMT
x-content-type-options: nosniff
age: 192608
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56100
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 09:56:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 00:07:30 GMT

POST
H2 200 list Show response
collent.haibunda.com/ 2 B
80 B 1212ms
1211ms XHR
text/plain 34.107.217.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://collent.haibunda.com/list
Requested by: Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/loganalysistracker/detikBigDataSdk.js?v=1.7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.217.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 180.217.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: */*
Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 11 Dec 2023 05:37:39 GMT
via: 1.1 google
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

OPTIONS
H2 204 list
collent.haibunda.com/ Frame 0
0 373ms
301ms Preflight 34.107.217.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://collent.haibunda.com/list
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.217.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 180.217.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haibunda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization
access-control-allow-methods: POST
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Dec 2023 05:37:37 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E8FE 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5910348782014&version=m202309260101&ct=76&x=1&cor=18132638745087222000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 905D 42 B
64 B 51ms
51ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHd7fLZz1p0doEefaoniws6cowgKz9Ig8sDS1l78dJjoDJb2kAMN-KDiwIzPwM6X04SKYQ7nAsNe7xNzxn5uHW-txr_GM_-z1kLAzIaIa6-2WAbyh1RHTpstprwzt25dI9hdNUUI5IzNg9&sai=AMfl-YRmM6HlvjoABlYHQwJLnTxLiXj2fmm7Q4mLTvLRiLK9EGEbR0NoVNDUmk1U4Xw9GwZcfdu2WwFbT7kBcPFwcN_9TpAQgUDSNJxfppdcknY6JB6NbqpTQPSpIzng3V-4OrFvRRj_iwqPs_21mX-2O0yROh7PtdW35XLE&sig=Cg0ArKJSzIu9fQRZwnGMEAE&cid=CAQSTwDICaaN4Lfb21KCc1zWoXn_pOv9Wlsq1ZwM-LWh8FTLdtfAHlahtepExyeAnxmUVFps624BVtFrNuv25sCxP4qsPd0M9AYkEkBcOlBlykQYAQ&id=ampim&o=315,174&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1026&mtos=0,0,0,1026,1026&tos=0,0,0,1026,0&tfs=215&tls=1241&g=100&h=100&tt=1241&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 134ms
24ms Preflight 3.10.29.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 11 Dec 2023 05:37:39 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame A08B 16 B
209 B 71ms
70ms Fetch
application/json 3.10.29.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-29-13.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 11 Dec 2023 05:37:39 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E8FE 43 B
215 B 178ms
178ms Image
image/gif 2600:1f13:800:7780:e000:f538:bd2d:cf42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1742739&asId=96ec8880-4ac8-2d9d-13a0-ac4551ccf40f&tv=%7Bc:wt2UNk,pingTime:1,time:2062,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D,%7Bpiv:100,vs:i,r:,t:1062%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1000,o:1062,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1057~0,0~100%5D,as:%5B1057~728.90%5D%7D%7D,%7Bsl:i,t:1062,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:204,fm:tY6EgIY+11%7C12%7C13%7C14*.1742739-75943806%7C141%7C142%7C143%7C15,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:13,sis:105%7D&br=c
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:e000:f538:bd2d:cf42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:39 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E8FE 43 B
215 B 179ms
179ms Image
image/gif 2600:1f13:800:7780:e000:f538:bd2d:cf42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1742739&asId=96ec8880-4ac8-2d9d-13a0-ac4551ccf40f&tv=%7Bc:wt2UNl,pingTime:1,time:2063,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D,%7Bpiv:100,vs:i,r:,t:1062%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1062,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1057~0,0~100%5D,as:%5B1057~728.90%5D%7D%7D,%7Bsl:i,t:1062,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:204,fm:tY6EgIY+11%7C12%7C13%7C14*.1742739-75943806%7C141%7C142%7C143%7C15,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:13,sis:105%7D&br=c
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:e000:f538:bd2d:cf42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:39 GMT
server: nginx
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A08B 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=27365572512&version=m202309260101&ct=77&x=1&cor=13070911472924301000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 batch Show response
services.insurads.com/dfp/mapping/ Frame A3F2 1011 B
600 B 102ms
101ms Script
application/javascript 18.210.2.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://services.insurads.com/dfp/mapping/batch?appId=2414&requests=[{%22eaUp%22:%22/4905536/HaiBunda_desktop/bottomframe%22,%22eoId%22:508818616,%22advId%22:820121176,%22w%22:728,%22h%22:90,%22eId%22:%22main_haibunda_desktop_bottomframe_0%22}]&h=https%3A%2F%2Fwww.haibunda.com%2F&ts=1702273059623
Requested by: Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.14.21b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.210.2.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-2-56.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f3b23f3995257725895e59383cf54ebf2a175fec5ee42767e52bbca6cf1b4bc2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:39 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript; charset=utf-8

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 73ms
62ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4f8572b20f37e1bcc8faa6354d4223227164c82792fdb2cd0048d3c46e74d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12296
x-xss-protection: 0

GET
H2 200 972fa1b1-24cb-47a5-acbe-cbc6be2ae3e6.png
akcdn.detik.net.id/community/media/visual/2019/07/23/ 8 KB
9 KB 204ms
192ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/community/media/visual/2019/07/23/972fa1b1-24cb-47a5-acbe-cbc6be2ae3e6.png?d=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

95ea4f9b70f2ca3ad7bab58bc9dc7ef03450b206e493bd6da1a9878d7e0b9f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:39 GMT
middle-cache: MISS
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 23 Jul 2019 04:36:48 GMT
server: st8
etag: W/"5d368ee0-211e"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 user.png
cdn.haibunda.com/images/ 2 KB
2 KB 207ms
194ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/user.png?v=4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

d45b32cf6bd6e88742ffe7e217493a27513dfb56613b6dc7f69855fb4364267b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Mon, 19 Jun 2023 07:06:55 GMT
server: st1
content-encoding: gzip
etag: W/"648ffe8f-649"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-hb.webp
cdn.haibunda.com/images/ 2 KB
3 KB 208ms
195ms Image
image/webp 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/logo-hb.webp?v=4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

ecf5938e74b5b2a3aa509c3e71a53fc0b44bb1a32f8d2a9af145d26ff027e470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-946"
cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2374
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shio-naga_34.jpeg
akcdn.detik.net.id/visual/2023/11/06/ 124 KB
122 KB 204ms
192ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/11/06/shio-naga_34.jpeg?w=750&q=90

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

b983d5376ac2f5b7cb2ffbf9640ffe96d4a73d175d5116651f9c5cb00cdad711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:39 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st4
server: st8
etag: W/"affa1b79754b5371a3529c7b24f3eb16141f9661"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ilustrasi-ayah-dan-anak_34.jpeg
akcdn.detik.net.id/visual/2023/11/29/ 117 KB
118 KB 204ms
192ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/11/29/ilustrasi-ayah-dan-anak_34.jpeg?w=750&q=90

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

faa9e3a73fbbde0ef5e5e330b6fe619fd136a5c8dc677dc9d8c8b98c66efa330

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:39 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st4
server: st8
etag: W/"baff1bce314a155e5bef0286475cfda55c82cc88"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rachel-amanda-1_34.jpeg
akcdn.detik.net.id/visual/2023/12/08/ 202 KB
202 KB 203ms
192ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/12/08/rachel-amanda-1_34.jpeg?w=750&q=90

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

f0f5a84e4039b50c9c4053ebd8991aec14d5cdcec168bfaa2f27d4d5fcbd1255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:39 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st12
server: st8
etag: W/"51ce25c4c770320862d71db206177841844ba14b"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-foto.webp
cdn.haibunda.com/images/ 498 B
791 B 206ms
195ms Image
image/webp 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/icon-foto.webp?v=4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

3d490bc201c366e2121b60ba924dc4535142aaea0b8d87c4c1b53df4aeaca5f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: MISS
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-1f2"
cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 498
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 highlight11.webp
cdn.haibunda.com/images/ 5 KB
5 KB 206ms
195ms Image
image/webp 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/highlight11.webp?v=4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

24b0a3453e05cc95d9da378b01565b5d1f592b01104bcb45bb99ca015f233f52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-1398"
cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5016
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 highlight22.webp
cdn.haibunda.com/images/ 4 KB
5 KB 206ms
196ms Image
image/webp 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/highlight22.webp?v=4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

27b6e7880d8ec59b516645f3f8984d2365e85e827a95fc032c63d34ce31b1ef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-11f8"
cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4600
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 highlight33.webp
cdn.haibunda.com/images/ 6 KB
6 KB 206ms
196ms Image
image/webp 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/highlight33.webp?v=4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

3fd1c4933aefeb81416d2ce45a7ea8f032a5fd637ef04eadc1a8c89adc7d2d06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-17fa"
cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 6138
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 highlight44.webp
cdn.haibunda.com/images/ 4 KB
4 KB 206ms
196ms Image
image/webp 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/highlight44.webp?v=4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

963e58beab597778b19955449f5bbb26ccc583603477243dc3f31504d646bafb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-107e"
cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4222
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 highlight55.webp
cdn.haibunda.com/images/ 5 KB
6 KB 206ms
196ms Image
image/webp 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/highlight55.webp?v=4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

0f5ece39e94279c1f438c935eb4003eeebb18b805a2f2806fe055e4cf29f8ad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-15ae"
cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5550
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 highlight66.webp
cdn.haibunda.com/images/ 3 KB
4 KB 206ms
197ms Image
image/webp 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/highlight66.webp?v=4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

387378d2f231edbd6785e3f202b24462b68838ebee494bdb23d5c713be9a5923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-d98"
cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3480
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 highlight77.webp
cdn.haibunda.com/images/ 2 KB
3 KB 206ms
197ms Image
image/webp 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/highlight77.webp?v=4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

e0fc243e9972387fa20dd5e96d09d80caad5e113434d4a01c61f8b0030cf09ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-994"
cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2452
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 highlight88.webp
cdn.haibunda.com/images/ 5 KB
5 KB 553ms
544ms Image
image/webp 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/highlight88.webp?v=4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

8baf641907db0884113fac6a39941e595322dbca8da51411bf8a17d489577c25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 07:44:55 GMT
server: st1
etag: "64896ff7-1450"
cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5200
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adiba-khanza-dan-egy-maulana-1_11.png
akcdn.detik.net.id/visual/2023/12/11/ 32 KB
33 KB 201ms
193ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/12/11/adiba-khanza-dan-egy-maulana-1_11.png?w=400&q=90

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

fe8d3068bac35e92c6414cb5209a4554b669b8dad39d8a3115e0c69c1f343fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:39 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st12
server: st8
etag: W/"cf509fed3ab1fa17af0aafee0741c352212493fd"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shio-naga_11.jpeg
akcdn.detik.net.id/visual/2023/11/06/ 40 KB
40 KB 201ms
193ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/11/06/shio-naga_11.jpeg?w=400&q=90

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

1eba471c48a167451577cc2c6c1fff0cad74fe4e8e06e4463a74abead36cf705

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:39 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st14
server: st8
etag: W/"6d4e23eecd9b2be71d1e8297fa3b50fe1d5f35bd"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 andreas-dan-cahyani_11.png
akcdn.detik.net.id/visual/2023/12/10/ 33 KB
34 KB 201ms
193ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/12/10/andreas-dan-cahyani_11.png?w=400&q=90

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

e565233aaf9bebf16449491ec075f722883713b606e89f7c62c96f9a50ba5654

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:39 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st9
server: st8
etag: W/"560fdbfe2068a1dfd45450e3eecd02a180bdf2f9"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vaksin_11.jpeg
akcdn.detik.net.id/visual/2020/11/02/ 29 KB
29 KB 201ms
193ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2020/11/02/vaksin_11.jpeg?w=400&q=90

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

5d7d237a12bb896701b8a81375907d4894236027eb112d6908c13aa5571c6b91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:39 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st4
server: st8
etag: W/"4063360690deb94f83595cdb6d96e8add01244a1"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ilustrasi-muslim-salat_11.jpeg
akcdn.detik.net.id/visual/2023/12/08/ 27 KB
27 KB 201ms
194ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/12/08/ilustrasi-muslim-salat_11.jpeg?w=400&q=90

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

c0997b6ac6ae7b9432fdef4fe85abb03e095c45ffb36bd1071304d2606e8d47d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:39 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st4
server: st8
etag: W/"4558c5477d7dc3314107b818f35bdf0b889fbc0a"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adiba-khanza-dan-egy-maulana-1_169.png
akcdn.detik.net.id/visual/2023/12/11/ 53 KB
53 KB 201ms
194ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/12/11/adiba-khanza-dan-egy-maulana-1_169.png?w=1490&q=90

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

fc11dd076da3f54de838ecc446e03acd286599095a7b4e880af2a34a6caf69a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:39 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st14
server: st8
etag: W/"8b977524aede6166cddba2d169affa2665156257"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 transmart-full-day-sale-kasih-diskon-gede-gedean-buat-produk-buah_43.jpeg
akcdn.detik.net.id/visual/2023/10/29/ 60 KB
60 KB 399ms
392ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/10/29/transmart-full-day-sale-kasih-diskon-gede-gedean-buat-produk-buah_43.jpeg?w=430&q=90

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

878c37b1d5044029b15db9b77c5e96be34385d5f832a6ae9c539a842b4c786e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st10
server: st8
etag: W/"b015e728f7e796a81a9c7448c8c394feacbe3857"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shio-naga_43.jpeg
akcdn.detik.net.id/visual/2023/11/06/ 36 KB
36 KB 399ms
392ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/11/06/shio-naga_43.jpeg?w=430&q=90

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

ebeb832ec1665102de92372c87d679759182e0d45bc533f704d56bec6865eb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st13
server: st8
etag: W/"626ff93bdb2b713f601a2481b5f22cb9160466cf"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ilustrasi-muslim-salat_43.jpeg
akcdn.detik.net.id/visual/2023/12/08/ 23 KB
23 KB 399ms
392ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/12/08/ilustrasi-muslim-salat_43.jpeg?w=430&q=90

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

1dcce424db633ec2784ab9d60a1e5c0e92eae95abf270a6a77e17046c2bad2f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: MISS
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st5
server: st8
etag: W/"369016551a3ecd13f3c716004421c5fefe727154"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a162c1bc-d10c-4b51-8d55-f6fdc6d1a1eb_169.jpg
akcdn.detik.net.id/visual/2017/03/20/ 11 KB
12 KB 399ms
392ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2017/03/20/a162c1bc-d10c-4b51-8d55-f6fdc6d1a1eb_169.jpg?w=428

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

8c4263213f1d4d432c983029e4fbd114e8c16b333e9374d95af995aeaaa8e33c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st12
server: st8
etag: W/"0b86aab2a662597607a5fc5338b8a1be55d1ca9f"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tnbts-raih-peringkat-tiga-taman-tercantik-di-dunia_169.jpeg
akcdn.detik.net.id/visual/2023/12/04/ 23 KB
23 KB 399ms
393ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/12/04/tnbts-raih-peringkat-tiga-taman-tercantik-di-dunia_169.jpeg?w=428

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

8503ca172b8449f786f7ded80bde785489ebd41c172190b741c65f5f16f7bd83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st1
server: st8
etag: W/"d0dcc5e696f65c8aeefffc6018f5d0b4e3265043"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ROUNN-x-Jovi.png
editorial.femaledaily.com/wp-content/uploads/2023/12/ 330 KB
330 KB 252ms
246ms Image
image/png 52.76.29.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://editorial.femaledaily.com/wp-content/uploads/2023/12/ROUNN-x-Jovi.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.76.29.240 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-76-29-240.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

aa1c613a81da8d0b86714f655b56e5a026a6041003b8a3655edf3dd56491fa65

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Dec 2023 03:30:36 GMT
etag: "6576825c-526d1"
content-type: image/png
accept-ranges: bytes
content-length: 337617

GET
H2 200 dear-me-beauty-1_169.png
akcdn.detik.net.id/visual/2023/12/09/ 16 KB
16 KB 398ms
393ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/12/09/dear-me-beauty-1_169.png?w=428

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

68b105c42735f17cc78f509aee362507f90f41aca245bc81fc53eddcd7f787a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st10
server: st8
etag: W/"3b7b723807cad0cbc2eda92cc58cac2ba1c2ce17"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 line-up-golden-disc-awards-2024-2_169.png
akcdn.detik.net.id/community/media/visual/2023/12/11/ 21 KB
22 KB 398ms
393ms Image
image/png 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/community/media/visual/2023/12/11/line-up-golden-disc-awards-2024-2_169.png?w=428

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

c0dfe0904eef3bda20161c0d9c4e09937650d0272db5ea6cbbee23789e4b992b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st13
server: st8
etag: W/"bf87871add66b02e2a5a9c102fcf46f2c68bc748"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-foto.webp
www.haibunda.com/images/ 498 B
563 B 39ms
33ms Image
image/webp 2606:4700::6812:1c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haibunda.com/images/icon-foto.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d490bc201c366e2121b60ba924dc4535142aaea0b8d87c4c1b53df4aeaca5f2

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:39 GMT
strict-transport-security: "max-age=31536000; includeSubDomains" always, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2
content-length: 498
x-xss-protection: '1;mode=block'
last-modified: Wed, 14 Jun 2023 07:45:11 GMT
server: cloudflare
etag: "64897007-1f2"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
s: fe-publish2
cf-ray: 833b607f9e8471bb-FRA
expires: Tue, 10 Dec 2024 05:37:39 GMT

GET
H2 200 lb
services.insurads.com/ 0
156 B 105ms
99ms Image
text/plain 18.210.2.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://services.insurads.com/lb?appid=2414&acid=330&s=2830&sid=A4DB29AF5192A2DB&auid=910278&mawId=0&ts=1702273058526&iid=p1ffa847b832f9032743f0d8a28e701de24c6183e33&is=0&m=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.210.2.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-2-56.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nocache: true
pragma: no-cache
date: Mon, 11 Dec 2023 05:37:39 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx/1.18.0 (Ubuntu)
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 asyncspc.php Show response
newrevive.detik.com/delivery/ 3 KB
2 KB 246ms
240ms XHR
application/json 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://newrevive.detik.com/delivery/asyncspc.php?zones=3717%7C3718%7C3778%7C1514%7C2679&prefix=revive-0-&loc=https%3A%2F%2Fwww.haibunda.com%2F

Requested by

Host: newrevive.detik.com
URL: https://newrevive.detik.com/delivery/asyncjs.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive4 /

Resource Hash

e63f81694b0c09a8e3e503520cd64e8cb1fcb1c0f6d2d46038ec858bc617c6e9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .detik.com .cnnindonesia.com .cnbcindonesia.com .haibunda.com .insertlive.com .beautynesia.id .cxomedia.id .detiknetwork.com .ctcorpmpc.com .allobank.com .buzznesia.id .berbuatbaik.id .detikpublishing.com .femaledaily.com .femaledaily.net .mommiesdaily.com .mommiesdaily.net .mommyasia.id .transentertainment.com .transsnowworld.com .transtudiobali.com .transtudiobandung.com *.transtudiocibubur.com
Strict-Transport-Security	"max-age=31536000; includeSubdomains" preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:39 GMT
strict-transport-security: "max-age=31536000; includeSubdomains" preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
p3p: CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy: cross-origin
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: revive4
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.haibunda.com
access-control-allow-methods: GET, POST, OPTIONS, HEAD
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag: HttpOnly Secure SameSite=None
access-control-allow-headers: Origin,Content-Type,Accept,Authorization
expires: 0

POST
H2 204 rum Show response
www.haibunda.com/cdn-cgi/ 0
144 B 27ms
22ms XHR
text/plain 2606:4700::6812:1c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: application/json

Response headers

date: Mon, 11 Dec 2023 05:37:39 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.haibunda.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 833b607f8e7071bb-FRA

POST
H2 200 list Show response
mcs.tobsnssdk.com/ 7 B
776 B 177ms
177ms XHR
application/json 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Requested by: Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: 4785ecdf
date: Mon, 11 Dec 2023 05:37:40 GMT
upstream-caught: 1702273060060903
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231211053739C44632686D5E7FDEE7ED-4E643EB37F981EC3-00
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=0, origin; dur=161
content-length: 7
pragma: no-cache
server: TLB
x-tt-logid: 20231211053739C44632686D5E7FDEE7ED
access-control-max-age: 1800
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 161,104.126.37.124
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134562122c7fe03a408df230670f3dcd326d04d8aae1f207f071ce1e795aa0f5bbf2c789fc293e42aadc57130b739732782de60bc18037391379778a06ac3e0e283f
expires: Mon, 11 Dec 2023 05:37:40 GMT

OPTIONS
H2 200 list
mcs.tobsnssdk.com/ Frame 0
0 192ms
191ms Preflight 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haibunda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Mon, 11 Dec 2023 05:37:39 GMT
expires: Mon, 11 Dec 2023 05:37:39 GMT
pragma: no-cache
server: TLB
server-timing: inner; dur=2 cdn-cache; desc=MISS, edge; dur=0, origin; dur=156
upstream-caught: 1702273059891671
x-akamai-request-id: 4785e9e5
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-origin-response-time: 156,104.126.37.124
x-tt-logid: 20231211053738C44632686D5E7FDEE7C7
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134562122c7fe03a408df230670f3dcd326d04d8aae1f207f071ce1e795aa0f5bbf2c789fc293e42aadc57130b739732782de60bc18037391379778a06ac3e0e283f
x-tt-trace-id: 00-231211053738C44632686D5E7FDEE7C7-4E643EB37F981E17-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31080020

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 05:37:39 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1937 13 KB
5 KB 13ms
13ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 38209
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Dec 2023 19:00:50 GMT
expires: Mon, 09 Dec 2024 19:00:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E34E 829 B
560 B 24ms
23ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3bed9c2ec853cd0af23ad80fe0ad52fcd569b76351ea4d0cabfd8aee07f0cb95

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3LIK8R0dxLoz5Pu1SN9-lA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haibunda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3LIK8R0dxLoz5Pu1SN9-lA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 05:37:39 GMT
expires: Mon, 11 Dec 2023 05:37:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 default_169.png
cdn.haibunda.com/images/placeholder/ 7 KB
5 KB 444ms
444ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.haibunda.com/images/placeholder/default_169.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

2b7d06c75454ca3a04aafa9d6110fbbbe7a07c9c1f7b89ba2a8c925b2c471986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: MISS
x-content-type-options: nosniff
last-modified: Tue, 14 Dec 2021 03:07:21 GMT
server: st1
content-encoding: gzip
etag: W/"61b80a69-1a02"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1937 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 19:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Dec 2024 19:00:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E34E 0
0 48ms
48ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312050101&jk=4319395245116756&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1937 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lUKTGA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 322813 Show response
www.haibunda.com/embed/video/ Frame C143 11 KB
3 KB 274ms
272ms Document
text/html 2606:4700::6812:1c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/embed/video/322813?smartautoplay=true

Requested by

Host: newrevive.detik.com
URL: https://newrevive.detik.com/delivery/asyncjs.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

172faf4180ed8403d5f26b69c215718865bdbde4a5d7a93bc7b723f9665d60c9

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Request headers

Referer: https://www.haibunda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 833b60811f8c71bb-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 11 Dec 2023 05:37:40 GMT
s: fe-publish2
server: cloudflare
strict-transport-security: "max-age=31536000; includeSubDomains" always
x-cached: MISS
x-content-type-options: nosniff
x-xss-protection: '1;mode=block'

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
1 KB 217ms
214ms Image
image/gif 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3717&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=d308844102

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive4 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .detik.com .cnnindonesia.com .cnbcindonesia.com .haibunda.com .insertlive.com .beautynesia.id .cxomedia.id .detiknetwork.com .ctcorpmpc.com .allobank.com .buzznesia.id .berbuatbaik.id .detikpublishing.com .femaledaily.com .femaledaily.net .mommiesdaily.com .mommiesdaily.net .mommyasia.id .transentertainment.com .transsnowworld.com .transtudiobali.com .transtudiobandung.com *.transtudiocibubur.com
Strict-Transport-Security	"max-age=31536000; includeSubdomains" preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
strict-transport-security: "max-age=31536000; includeSubdomains" preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
x-permitted-cross-domain-policies: master-only
p3p: CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy: cross-origin
x-cached: MISS
referrer-policy: strict-origin-when-cross-origin
server: revive4
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/gif
access-control-allow-credentials: true
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag: HttpOnly Secure SameSite=None
access-control-allow-headers: Origin,Content-Type,Accept,Authorization

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
1 KB 216ms
213ms Image
image/gif 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3718&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=e0bdea61a8

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive4 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .detik.com .cnnindonesia.com .cnbcindonesia.com .haibunda.com .insertlive.com .beautynesia.id .cxomedia.id .detiknetwork.com .ctcorpmpc.com .allobank.com .buzznesia.id .berbuatbaik.id .detikpublishing.com .femaledaily.com .femaledaily.net .mommiesdaily.com .mommiesdaily.net .mommyasia.id .transentertainment.com .transsnowworld.com .transtudiobali.com .transtudiobandung.com *.transtudiocibubur.com
Strict-Transport-Security	"max-age=31536000; includeSubdomains" preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
strict-transport-security: "max-age=31536000; includeSubdomains" preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
x-permitted-cross-domain-policies: master-only
p3p: CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy: cross-origin
x-cached: MISS
referrer-policy: strict-origin-when-cross-origin
server: revive4
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/gif
access-control-allow-credentials: true
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag: HttpOnly Secure SameSite=None
access-control-allow-headers: Origin,Content-Type,Accept,Authorization

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
1 KB 228ms
225ms Image
image/gif 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3778&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=0118039a79

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive4 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .detik.com .cnnindonesia.com .cnbcindonesia.com .haibunda.com .insertlive.com .beautynesia.id .cxomedia.id .detiknetwork.com .ctcorpmpc.com .allobank.com .buzznesia.id .berbuatbaik.id .detikpublishing.com .femaledaily.com .femaledaily.net .mommiesdaily.com .mommiesdaily.net .mommyasia.id .transentertainment.com .transsnowworld.com .transtudiobali.com .transtudiobandung.com *.transtudiocibubur.com
Strict-Transport-Security	"max-age=31536000; includeSubdomains" preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
strict-transport-security: "max-age=31536000; includeSubdomains" preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
x-permitted-cross-domain-policies: master-only
p3p: CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy: cross-origin
x-cached: MISS
referrer-policy: strict-origin-when-cross-origin
server: revive4
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/gif
access-control-allow-credentials: true
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag: HttpOnly Secure SameSite=None
access-control-allow-headers: Origin,Content-Type,Accept,Authorization

GET
H2 200 EP.18%20-%20MINUS_970x250%203.jpg
cdnstatic.detik.com/live/traffic/2023/HAIBUNDA/loop/ 175 KB
135 KB 208ms
205ms Image
image/jpeg 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnstatic.detik.com/live/traffic/2023/HAIBUNDA/loop/EP.18%20-%20MINUS_970x250%203.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

4b09bec3a1a9e9ce38d267677e90bd46d23ecf364494ccb43b0392385fc5530d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
middle-cache: MISS
last-modified: Fri, 08 Dec 2023 07:03:31 GMT
server: st1
etag: W/"6572bfc3-2ba37"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg
barrier_2: MISS
access-control-allow-origin: *
barrier_1: Static
barrier_3: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
1 KB 217ms
214ms Image
image/gif 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=217253&campaignid=97608&zoneid=1514&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=5da8df45f5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive4 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .detik.com .cnnindonesia.com .cnbcindonesia.com .haibunda.com .insertlive.com .beautynesia.id .cxomedia.id .detiknetwork.com .ctcorpmpc.com .allobank.com .buzznesia.id .berbuatbaik.id .detikpublishing.com .femaledaily.com .femaledaily.net .mommiesdaily.com .mommiesdaily.net .mommyasia.id .transentertainment.com .transsnowworld.com .transtudiobali.com .transtudiobandung.com *.transtudiocibubur.com
Strict-Transport-Security	"max-age=31536000; includeSubdomains" preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
strict-transport-security: "max-age=31536000; includeSubdomains" preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
x-permitted-cross-domain-policies: master-only
p3p: CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy: cross-origin
x-cached: MISS
referrer-policy: strict-origin-when-cross-origin
server: revive4
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/gif
access-control-allow-credentials: true
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag: HttpOnly Secure SameSite=None
access-control-allow-headers: Origin,Content-Type,Accept,Authorization

GET
H2 200 lg.php
newrevive.detik.com/delivery/ 43 B
1 KB 227ms
224ms Image
image/gif 203.190.242.244
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newrevive.detik.com/delivery/lg.php?bannerid=0&campaignid=0&zoneid=2679&loc=https%3A%2F%2Fwww.haibunda.com%2F&cb=79257428a0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.190.242.244 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-244-242.190.203.detik.com

Software

revive4 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .detik.com .cnnindonesia.com .cnbcindonesia.com .haibunda.com .insertlive.com .beautynesia.id .cxomedia.id .detiknetwork.com .ctcorpmpc.com .allobank.com .buzznesia.id .berbuatbaik.id .detikpublishing.com .femaledaily.com .femaledaily.net .mommiesdaily.com .mommiesdaily.net .mommyasia.id .transentertainment.com .transsnowworld.com .transtudiobali.com .transtudiobandung.com *.transtudiocibubur.com
Strict-Transport-Security	"max-age=31536000; includeSubdomains" preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
strict-transport-security: "max-age=31536000; includeSubdomains" preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors *.detik.com *.cnnindonesia.com *.cnbcindonesia.com *.haibunda.com *.insertlive.com *.beautynesia.id *.cxomedia.id *.detiknetwork.com *.ctcorpmpc.com *.allobank.com *.buzznesia.id *.berbuatbaik.id *.detikpublishing.com *.femaledaily.com *.femaledaily.net *.mommiesdaily.com *.mommiesdaily.net *.mommyasia.id *.transentertainment.com *.transsnowworld.com *.transtudiobali.com *.transtudiobandung.com *.transtudiocibubur.com
x-permitted-cross-domain-policies: master-only
p3p: CP="CUR ADM OUR NOR STA NID"
cross-origin-resource-policy: cross-origin
x-cached: MISS
referrer-policy: strict-origin-when-cross-origin
server: revive4
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/gif
access-control-allow-credentials: true
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
set_cookie_flag: HttpOnly Secure SameSite=None
access-control-allow-headers: Origin,Content-Type,Accept,Authorization

GET
H3 206 file.mp4
r3---sn-4g5lzne6.c.2mdn.net/videoplayback/id/712f6f4d3ec85bb4/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1733809057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm... Frame B5E4 1 MB
1 MB 30ms
14ms Media
application/octet-stream 2a00:1450:4001:12::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:12::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

090272d3a2460b68374878cc71d3901c0a5c30aa88364fea75da2bbee81f0200

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s0.2mdn.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range: bytes=720896-

Response headers

client-protocol: quic
date: Mon, 11 Dec 2023 05:37:40 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2023 09:28:32 GMT
server: gvs 1.0
vary: Origin
content-type: application/octet-stream
Content-Range: bytes 720896-2131407/2131408
cache-control: private, max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1410512
expires: Mon, 11 Dec 2023 05:37:40 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
cdn.detik.net.id/libs/detik-vertical/js/ Frame C143 87 KB
31 KB 2366ms
2366ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/detik-vertical/js/jquery-3.6.0.min.js?v=haibunda.4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/embed/video/322813?smartautoplay=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: MISS
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 07:01:24 GMT
server: st1
content-encoding: gzip
etag: W/"60bdc444-15d9d"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtmdl.js Show response
cdn.detik.net.id/libs/detik-vertical/js/ Frame C143 4 KB
1 KB 2366ms
2366ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/libs/detik-vertical/js/gtmdl.js?v=haibunda.4.5.9

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/embed/video/322813?smartautoplay=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

05d20b8b8b5db9ad1794d810f11803a59fbda373d04d313deeb842d388aac6c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Fri, 25 Oct 2019 07:47:26 GMT
server: st1
content-encoding: gzip
etag: W/"5db2a88e-e65"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 skin.css
cdn.detik.net.id/flowplayer/ Frame C143 39 KB
6 KB 2366ms
2365ms Stylesheet
text/css 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/flowplayer/skin.css

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/embed/video/322813?smartautoplay=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

4871a0b9c15975aadd71635853aa642aee7d193f32232838447cab31592eebcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: MISS
x-content-type-options: nosniff
last-modified: Fri, 23 Feb 2018 03:39:16 GMT
server: st1
content-encoding: gzip
etag: W/"5a8f8ce4-9bf7"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detikVideo.core.js Show response
cdn.detik.net.id/detikVideo/ Frame C143 483 KB
86 KB 2366ms
2366ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/detikVideo/detikVideo.core.js?v=2023121112

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/embed/video/322813?smartautoplay=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

187a1db2cecd6c8f786600f46f3c5d1782c2900e0f7259483b435c921fd850ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:40 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 06:53:45 GMT
server: st1
content-encoding: gzip
etag: W/"655ef6f9-78c87"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame C143 20 KB
7 KB 36ms
36ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.haibunda.com
URL: https://www.haibunda.com/embed/video/322813?smartautoplay=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.haibunda.com/
Origin: https://www.haibunda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:43 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 833b6095b99d30cc-FRA

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 2233ms
2233ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312050101&jk=4319395245116756&bg=!a2ilaCfNAAY3kmNgF5I7ADQBe5WfOJlMlm0mJxgs-4WJHcpgBPIh1AZVOP6Twe0nfZ-IYr5NuWqcOahFJ2cv8zlOU67hAgAAADVSAAAAAmgBB5kC8TlrGMyW2fC7RPwrivV5S5lVsVeIRDM_913t_ntMO31tlEgQTbQyBzJLmWULu1PaOJgwELDk9SnQKgo80i87zDqbleWcD26pl080DkuWmcP-kJnY_BuZUzoSA9PGNBCS7Enpu7c_hxVmlY-HY-wx0ovbQVVcPF9RWfpZR1ppWgABoG8eUInDuIIZWzGsEAk0fkECCFxUwbejTwhXir6qKXUtYClqh_lLUMepXKi4mbAVFNebl2e8A8Cg_OzTSClyD9z_jlQhI_6t2qP9XrpSr6wrlUIpUcqL6eahJk9aCiPogt4PXbmq6QH6zb4U33ERBKe_e-qnvy9g2_PWRMNItpv80LneDPRflb7P2N5n2eh3GBaxcEnQPf14mhM083YcJWWZ6eqcJNEkzN4o6Rf5W9oAsDLGu4tINo0wKhzdhGMsL2zBSYhtEHfklCsZ-vLHRhnQCLcBGV1W9NFf8mlQZeFniPdhWCZTk1bftafZP5C-7GNcxE8yBwRreaHU7-dR_yDFKAus5HMcngmrn8InI0ykVxPBpDkL8w4XOxzHQKplAubKKaTEvRd5Sgiok4gnVusI0w7bnEfqaZIA_3x0p8rubv6FlYG8B50Fx3l4p0jXKfGkkMEYJTvVDOIpMQwbQ-HaXZ-Il1QaL6QxJ-sLgdp5AzfMWu82ZmoR7bPN-8beUWc4rj0BE8dcmXHNNlFjpieup_76uUiCjHVQEt6XH27YPSoXf0u0FSHuqXA3FIqx43sI-dqCmDRbAxbGL6GIHd9WVNu90WQh4LwbNxebVuDkZrsbYOCLO9ivJaoGsylMhWfH-FDqmOd8YWe6gfqshTp6lAXca2DxCKhlP0nBvxUBC3-dTwhTy9ccXQPrhK9Wv4mPBglzre3AMXY2mvbCrvKWW2JsqBC0t1SUO0777qXAv7zqlLIozdvgmfFxz4ZW8tI0H2q47li8B9Mmqk9_q-EoA3c-rtq8cE_yVRICcohhPJFr77npQLhHRIGGJU7bIg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame C143 297 KB
96 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/embed/video/322813?smartautoplay=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

243169a0b5779c2430fe4e12cbe2ac7ad4aedd22addace394e57a5d1f78bd28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97914
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Dec 2023 05:37:43 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E8FE 43 B
215 B 511ms
511ms Image
image/gif 2600:1f13:800:7780:e000:f538:bd2d:cf42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1742739&asId=96ec8880-4ac8-2d9d-13a0-ac4551ccf40f&tv=%7Bc:wt2VPQ,pingTime:5,time:6062,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D,%7Bpiv:100,vs:i,r:,t:1062%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5000,o:1062,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1057~0,0~100%5D,as:%5B1057~728.90%5D%7D%7D,%7Bsl:i,t:1062,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:180,fm:tY6EgIY+11%7C12%7C13%7C14*.1742739-75943806%7C141%7C142%7C143%7C15,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:13,sis:105%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:e000:f538:bd2d:cf42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:43 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E8FE 43 B
215 B 512ms
512ms Image
image/gif 2600:1f13:800:7780:e000:f538:bd2d:cf42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1742739&asId=96ec8880-4ac8-2d9d-13a0-ac4551ccf40f&tv=%7Bc:wt2VPR,pingTime:5,time:6063,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D,%7Bpiv:100,vs:i,r:,t:1062%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1062,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1057~0,0~100%5D,as:%5B1057~728.90%5D%7D%7D,%7Bsl:i,t:1062,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:180,fm:tY6EgIY+11%7C12%7C13%7C14*.1742739-75943806%7C141%7C142%7C143%7C15,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:13,sis:105%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:e000:f538:bd2d:cf42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:43 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame C143 241 KB
84 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LW7SH9Y4G8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

571cb945330d422ea3e7f7ff0d72818ed2cd717097a0d46e673425adb552b430

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85480
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 05:37:43 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame C143 52 KB
21 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 11 Dec 2023 03:48:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6564
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 11 Dec 2023 05:48:19 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11300199237/ Frame C143 3 KB
2 KB 490ms
424ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11300199237/?random=1702273063363&cv=11&fst=1702273063363&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77092987&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.haibunda.com%2F&ref=https%3A%2F%2Fwww.haibunda.com%2F&label=bBlMCLjfgdMYEMW2rYwq&hn=www.googleadservices.com&frm=1&tiba=Anya%20Prameswari%2C%20Peraih%20Puluhan%20Medali%20Olimpiade%20Matematika%20%26%20Sains%20di%20Kancah%20Internasional&value=0&bttype=purchase&auid=571431742.1702273056&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

8457e02b611eaa79766fadb8497b525d44a797e702317a034b8ae6a1cd2ce4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1688
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame C143 202 KB
53 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 11 Dec 2023 05:37:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Vx3kzdX7gtYBJGS6OrH7mQWc4fimiDHMai0ysW7mIC9NPOPrT0Mop5pf81bMt8lkJ6tCu6iO9Nc7n0FZrztTbg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 collect-rangers-v5.0.0.js Show response
lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/ Frame C143 93 KB
26 KB 8ms
8ms Script
application/javascript 23.55.163.57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.163.57 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-163-57.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: 42b448c8c5f67a9c48b021dfd6676e0c1aa3146b1513d18cad8ba2ad7be9df8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-akamai-request-id: 1a16b399
date: Mon, 11 Dec 2023 05:37:43 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
x-check-cacheable: YES
content-md5: 0NGYZsGPAC/sdgY7Low4DQ==
x-cache: TCP_MEM_HIT from a23-55-162-57.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=8
content-length: 25562
x-tos-request-id: 3bb401069f055a5d65069f05-aba03d8
x-tos-response-time: Sun, 17 Sep 2023 06:39:02 GMT
last-modified: Thu, 23 Feb 2023 05:54:55 GMT
server: TLB
x-tt-logid: 20230918133434ABC25F0A1BCC82E12067
etag: "d0d19866c18f002fec76063b2e8c380d"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
x-request-ip: fdbd:dc51:4000:294:a::141
cache-control: max-age=956508
access-control-allow-credentials: false
x-response-cinfo: fdbd:dc51:4000:294:a::141
x-tt-trace-host: 0101fdb82af2250f101e544b911120f0b24a0ff6f78f80669531083873d5778b48a4ec96cc4ebdb4212a26783822874f9ab5f98d2cff53238f41cd6758ae936b725eea53829d7bc1c70ffc47d04f911a0eaedbe689b3ab4c1e170dbb84659091053c77a0b73a35b716b14512514879b3206ec602a7354e3fafe13a73ba3997a8ae
accept-ranges: bytes
x-response-cache: edge_hit
timing-allow-origin: *
access-control-allow-headers: *

OPTIONS
H2 200 /
toblog.tobsnssdk.com/service/2/abtest_config/ Frame 0
0 478ms
478ms Preflight 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://toblog.tobsnssdk.com/service/2/abtest_config/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haibunda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Mon, 11 Dec 2023 05:37:43 GMT
expires: Mon, 11 Dec 2023 05:37:43 GMT
pragma: no-cache
server: TLB
server-timing: inner; dur=2 cdn-cache; desc=MISS, edge; dur=1, origin; dur=156
x-akamai-request-id: 47861cd7
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-origin-response-time: 156,104.126.37.124
x-tt-logid: 202312110537427864D48E0AB45EECA6B9
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b1345e262ade5a48beb6c41b6308929d2664218cd8b9ab0d3c68d3cea4a576c2c92b51a2ece5362a0b67f018b1e091da6ac0246b8881ab1f18277ce958f15da6ec4e2
x-tt-trace-id: 00-2312110537427864D48E0AB45EECA6B9-5F6C585E5183821A-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

OPTIONS
H2 200 list
mcs.tobsnssdk.com/ Frame 0
0 477ms
477ms Preflight 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haibunda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Mon, 11 Dec 2023 05:37:43 GMT
expires: Mon, 11 Dec 2023 05:37:43 GMT
pragma: no-cache
server: TLB
server-timing: inner; dur=0 cdn-cache; desc=MISS, edge; dur=0, origin; dur=153
upstream-caught: 1702273063464351
x-akamai-request-id: 47861cde
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-origin-response-time: 153,104.126.37.124
x-tt-logid: 202312110537423703489491EC03E0395B
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134562122c7fe03a408df230670f3dcd326dbbea8cf32e1169ddb243a4d65affc88ae22dd9960c6604b42a7c392c61d713b064d811672801443994a1f87009d7a10c
x-tt-trace-id: 00-2312110537423703489491EC03E0395B-2822C01478E876EB-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H2 200 / Show response
toblog.tobsnssdk.com/service/2/abtest_config/ Frame C143 366 B
1 KB 184ms
182ms XHR
application/json 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://toblog.tobsnssdk.com/service/2/abtest_config/
Requested by: Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: d291ea326fd2d8b5f194ae98b2891b6aec54f066adddd6ab99ffaccde0bc0685

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: bd23bed9.4786245a
date: Mon, 11 Dec 2023 05:37:44 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231211053742868800B77B88A9037FAF-4FF7A444A7CD55FC-00
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 172,104.126.37.124
server-timing: cdn-cache; desc=MISS, edge; dur=152, origin; dur=20, inner; dur=15
content-length: 162
pragma: no-cache
server: TLB
x-tt-logid: 20231211053742868800B77B88A9037FAF
x-cache-remote: TCP_MISS from a23-193-104-216.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,23.193.104.216
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea005d3f9fe50253a23474beafc4021ad56c936d65b42bdc8de095344c267009c631905fbd499bb34c8e574b4ce70955cb5f496e06b5b5ea2898336212e02e33c1531d70a7d09610d5038ad453258332bc94f7fbdefdcce2de2a659aaf0f66c42419
expires: Mon, 11 Dec 2023 05:37:44 GMT

POST
H2 200 list Show response
mcs.tobsnssdk.com/ Frame C143 7 B
776 B 171ms
169ms XHR
application/json 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Requested by: Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: 47862456
date: Mon, 11 Dec 2023 05:37:44 GMT
upstream-caught: 1702273063946311
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121105374281C81B1DE0735AEB92A3-48BAF0D37575B6B3-00
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=9, cdn-cache; desc=MISS, edge; dur=0, origin; dur=162
content-length: 7
pragma: no-cache
server: TLB
x-tt-logid: 2023121105374281C81B1DE0735AEB92A3
access-control-max-age: 1800
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 162,104.126.37.124
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134536f1c6955a817d45ede27532755ae3998989e55f2d1da7ca4756471d901a6134ee02bd564bbee3103a7d710e191e9bbdbaa091cb8cc796f9c24f03914d597de8
expires: Mon, 11 Dec 2023 05:37:44 GMT

GET
H3 200 304159643041671 Show response
connect.facebook.net/signals/config/ Frame C143 135 KB
36 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/304159643041671?v=2.9.138&r=stable&domain=www.haibunda.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d6cd0567de90117a36966d71f4cd44e4a23b7cf717e18dd4bfdd3bfef394407d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 11 Dec 2023 05:37:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 36335
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: JhvR5Cbsk8t7DekI6L+S6hIfZCYQyTytGB8dOCC869JsJDXVT5DTV2XEm+bseDgFlLhz/xpUlzi1FBkcQOjZvA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame C143 3 B
23 B 31ms
31ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=426045338&t=pageview&_s=1&dl=https%3A%2F%2Fwww.haibunda.com%2Fembed%2Fvideo%2F322813%3Fsmartautoplay%3Dtrue&ul=en-us&de=UTF-8&dt=Anya%20Prameswari%2C%20Peraih%20Puluhan%20Medali%20Olimpiade%20Matematika%20%26%20Sains%20di%20Kancah%20Internasional&sd=24-bit&sr=1600x1200&vp=370x250&je=0&_u=QACAAUABAAAAACAAI~&jid=&gjid=&cid=1929531125.1702273056&tid=UA-891770-244&_gid=1710171754.1702273057&_slc=1&gtm=45He3bt0n81WGBMBG8v77092987&cd1=47-58-64&cd2=322813&cd3=singlepage&cd5=2023%2F12%2F06%2012%3A09%3A26&cd6=juara%20cilik%2C%20anya%20prameswari%2C%20olimpiade%20matematika%2C%20parenting%2C%20anak%20cerdas%2C%20anak%20berprestasi&cd15=Yes&cd16=singlepagevideo&cd17=desktop&cd18=Tim%20Multimedia%20HaiBunda&cd19=3.355&cd27=juara%20cilik%2Canya%20prameswari%2Colimpiade%20matematika%2Cparenting%2Canak%20cerdas%2Canak%20berprestasi&cd40=nonheadline-0&cd41=nonheadline-0-47-58-64&cd48=Anya%20Prameswari%2C%20Peraih%20Puluhan%20Medali%20Olimpiade%20Matematika%20%26%20Sains%20di%20Kancah%20Internasional&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1319381162

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 list Show response
mcs.tobsnssdk.com/ Frame C143 7 B
775 B 172ms
170ms XHR
application/json 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Requested by: Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

X-MCS-AppKey: 566f58151b0ed37e
Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: 4786245b
date: Mon, 11 Dec 2023 05:37:44 GMT
upstream-caught: 1702273063946965
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312110537422671B2FA801330F0B64B-4A14BF6A8E2F5B5A-00
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=7, cdn-cache; desc=MISS, edge; dur=0, origin; dur=161
content-length: 7
pragma: no-cache
server: TLB
x-tt-logid: 202312110537422671B2FA801330F0B64B
access-control-max-age: 1800
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 161,104.126.37.124
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b1345e262ade5a48beb6c41b6308929d266423c036494564577e75164e5172db93ba2a8fbebae3a4313fdbc83bb4cc035e6e3d4369da323a5f2ba6e0c74b9ed7d1c66
expires: Mon, 11 Dec 2023 05:37:44 GMT

OPTIONS
H2 200 list
mcs.tobsnssdk.com/ Frame 0
0 461ms
461ms Preflight 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-mcs-appkey
Access-Control-Request-Method: POST
Origin: https://www.haibunda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-mcs-appkey
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Mon, 11 Dec 2023 05:37:43 GMT
expires: Mon, 11 Dec 2023 05:37:43 GMT
pragma: no-cache
server: TLB
server-timing: inner; dur=1 cdn-cache; desc=MISS, edge; dur=0, origin; dur=153
upstream-caught: 1702273063492348
x-akamai-request-id: 47861d59
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-origin-response-time: 153,104.126.37.124
x-tt-logid: 20231211053742CA1A99BC33B1E9F0D305
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134536f1c6955a817d45ede27532755ae399775dccb990cc7f606d68074c742bcc0616681cb446572bbdde96daf1904eb75677106901b7700a36f100bd8941371c71
x-tt-trace-id: 00-231211053742CA1A99BC33B1E9F0D305-06852DD28EF24B6F-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

POST
H2 200 list Show response
mcs.tobsnssdk.com/ Frame C143 7 B
776 B 184ms
182ms XHR
application/json 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Requested by: Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: 4786245c
date: Mon, 11 Dec 2023 05:37:44 GMT
upstream-caught: 1702273063960311
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231211053742745AD79F6744CDDF34CE-27A2A0159449C850-00
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=7, cdn-cache; desc=MISS, edge; dur=0, origin; dur=160
content-length: 7
pragma: no-cache
server: TLB
x-tt-logid: 20231211053742745AD79F6744CDDF34CE
access-control-max-age: 1800
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 160,104.126.37.124
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134562122c7fe03a408df230670f3dcd326d9f2e058b895bc1143d188a23e4f19e6e06c9ee197f9d9482045a5d85bae88d3f5c074bb989674bd429588902cce05935
expires: Mon, 11 Dec 2023 05:37:44 GMT

OPTIONS
H2 200 list
mcs.tobsnssdk.com/ Frame 0
0 447ms
447ms Preflight 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haibunda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Mon, 11 Dec 2023 05:37:43 GMT
expires: Mon, 11 Dec 2023 05:37:43 GMT
pragma: no-cache
server: TLB
server-timing: inner; dur=1 cdn-cache; desc=MISS, edge; dur=0, origin; dur=159
upstream-caught: 1702273063498583
x-akamai-request-id: 47861d64
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-origin-response-time: 159,104.126.37.124
x-tt-logid: 20231211053742541AF02B64EF96E515D7
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134562122c7fe03a408df230670f3dcd326df4c870a7beb34e8f96d30d445098e0d98c75f674a65108aeca67f703831e83b40a1a46efd082dd61b71558621617e3ef
x-tt-trace-id: 00-231211053742541AF02B64EF96E515D7-447EB1659AB39CFC-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H2 200 /
www.facebook.com/tr/ Frame C143 0
54 B 8ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=304159643041671&ev=PageView&dl=https%3A%2F%2Fwww.haibunda.com%2Fembed%2Fvideo%2F322813%3Fsmartautoplay%3Dtrue&rl=https%3A%2F%2Fwww.haibunda.com%2F&if=true&ts=1702273063421&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702273056715.804147843&ler=empty&it=1702273063385&coo=false&rqm=GET

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/embed/video/322813?smartautoplay=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 11 Dec 2023 05:37:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ Frame C143 0
31 B 8ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=304159643041671&ev=ViewContent&dl=https%3A%2F%2Fwww.haibunda.com%2Fembed%2Fvideo%2F322813%3Fsmartautoplay%3Dtrue&rl=https%3A%2F%2Fwww.haibunda.com%2F&if=true&ts=1702273063421&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1702273056715.804147843&ler=empty&it=1702273063385&coo=false&rqm=GET

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/embed/video/322813?smartautoplay=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 11 Dec 2023 05:37:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ Frame C143 0
54 B 413ms
412ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LW7SH9Y4G8&gtm=45je3bt0v884803178z877092987&_p=1702273063313&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1929531125.1702273056&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702273056&sct=1&seg=1&dl=https%3A%2F%2Fwww.haibunda.com%2Fembed%2Fvideo%2F322813%3Fsmartautoplay%3Dtrue&dr=https%3A%2F%2Fwww.haibunda.com%2F&dt=Anya%20Prameswari%2C%20Peraih%20Puluhan%20Medali%20Olimpiade%20Matematika%20%26%20Sains%20di%20Kancah%20Internasional&en=page_view&ep.allowLinker=true&ep.cookieDomain=auto&ep.kanalId=47-58-64&ep.articleId=322813&ep.articleType=singlepage&ep.publishDate=2023%2F12%2F06%2012%3A09%3A26&ep.keyword=juara%20cilik%2C%20anya%20prameswari%2C%20olimpiade%20matematika%2C%20parenting%2C%20anak%20cerdas%2C%20anak%20berprestasi&ep.contentType=singlepagevideo&ep.platform=desktop&ep.author=Tim%20Multimedia%20HaiBunda&ep.originalTitle=Anya%20Prameswari%2C%20Peraih%20Puluhan%20Medali%20Olimpiade%20Matematika%20%26%20Sains%20di%20Kancah%20Internasional&ep.namaKanal=parenting&tfd=3436
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LW7SH9Y4G8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.haibunda.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/11300199237/ Frame C143
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11300199237/?random=1730035362&cv=11&fst=1702273063363&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77092987&gcd=11l1l1l1l1&dma_cps=sypham...
https://www.google.com/pagead/1p-conversion/11300199237/?random=1730035362&cv=11&fst=1702273063363&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77092987&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1...
https://www.google.de/pagead/1p-conversion/11300199237/?random=1730035362&cv=11&fst=1702273063363&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77092987&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=12...

42 B
64 B

28ms
28ms

Image
image/gif

2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/11300199237/?random=1730035362&cv=11&fst=1702273063363&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77092987&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.haibunda.com%2F&ref=https%3A%2F%2Fwww.haibunda.com%2F&label=bBlMCLjfgdMYEMW2rYwq&hn=www.googleadservices.com&frm=1&tiba=Anya%20Prameswari%2C%20Peraih%20Puluhan%20Medali%20Olimpiade%20Matematika%20%26%20Sains%20di%20Kancah%20Internasional&value=0&auid=571431742.1702273056&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ09EVnF3WVFsYWFnMU1UTzBNVU9FaVVBZ3NPcUM3R0tLY1FxWVcxTFdtakg2SENmRUtheU1Bc0FkNTVWM093YUFXeXUyVm5NGldDaEFJZ09EVnF3WVF5T3pBeXJEcTZOSTNFaTBBYmR5MWdmb0pFZm5fZk9QbGZXYlJTeEJXR1gzdGkwcHp4TGNERVpUTkR4Q2tRQXpIVFFwYXpsbnplTkEiEwi0uYiq1YaDAxWW3jsCHZDfCqA&is_vtc=1&ocp_id=J6B2ZfSJHJa978EPkL-rgAo&cid=CAQSKQDICaaNS_YBcHzb0tPIMt1CNSfwah-gIgsK6g-jDC3d9ryTEe_5XFyx&eitems=ChAIgODVqwYQ0czoksHOsKgaEh0AKMHu3vByuJHjGXPoKcZObi7HqtAzS-3mmuSeuA&random=1776620343&ipr=y

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/embed/video/322813?smartautoplay=true

Protocol

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 05:37:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/11300199237/?random=1730035362&cv=11&fst=1702273063363&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v77092987&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.haibunda.com%2F&ref=https%3A%2F%2Fwww.haibunda.com%2F&label=bBlMCLjfgdMYEMW2rYwq&hn=www.googleadservices.com&frm=1&tiba=Anya%20Prameswari%2C%20Peraih%20Puluhan%20Medali%20Olimpiade%20Matematika%20%26%20Sains%20di%20Kancah%20Internasional&value=0&auid=571431742.1702273056&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ09EVnF3WVFsYWFnMU1UTzBNVU9FaVVBZ3NPcUM3R0tLY1FxWVcxTFdtakg2SENmRUtheU1Bc0FkNTVWM093YUFXeXUyVm5NGldDaEFJZ09EVnF3WVF5T3pBeXJEcTZOSTNFaTBBYmR5MWdmb0pFZm5fZk9QbGZXYlJTeEJXR1gzdGkwcHp4TGNERVpUTkR4Q2tRQXpIVFFwYXpsbnplTkEiEwi0uYiq1YaDAxWW3jsCHZDfCqA&is_vtc=1&ocp_id=J6B2ZfSJHJa978EPkL-rgAo&cid=CAQSKQDICaaNS_YBcHzb0tPIMt1CNSfwah-gIgsK6g-jDC3d9ryTEe_5XFyx&eitems=ChAIgODVqwYQ0czoksHOsKgaEh0AKMHu3vByuJHjGXPoKcZObi7HqtAzS-3mmuSeuA&random=1776620343&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 list Show response
mcs.tobsnssdk.com/ Frame C143 7 B
775 B 169ms
169ms XHR
application/json 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Requested by: Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: 478629c7
date: Mon, 11 Dec 2023 05:37:44 GMT
upstream-caught: 1702273064310620
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231211053743C44632686D5E7FDEEB7C-4E643EB37F982D9F-00
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=0, origin; dur=161
content-length: 7
pragma: no-cache
server: TLB
x-tt-logid: 20231211053743C44632686D5E7FDEEB7C
access-control-max-age: 1800
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 161,104.126.37.124
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134562122c7fe03a408df230670f3dcd326d04d8aae1f207f071ce1e795aa0f5bbf2a7ae7a19d91d0e5803b546204ab922eebaa4db05590c375de31ef7d48a212710
expires: Mon, 11 Dec 2023 05:37:44 GMT

POST
H2 200 list Show response
mcs.tobsnssdk.com/ Frame C143 7 B
777 B 168ms
168ms XHR
application/json 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Requested by: Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: 478629ce
date: Mon, 11 Dec 2023 05:37:44 GMT
upstream-caught: 1702273064313471
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121105374381C81B1DE0735AEB92F6-48BAF0D37575B827-00
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=158
content-length: 7
pragma: no-cache
server: TLB
x-tt-logid: 2023121105374381C81B1DE0735AEB92F6
access-control-max-age: 1800
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 159,104.126.37.124
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134536f1c6955a817d45ede27532755ae3998989e55f2d1da7ca4756471d901a6134fd22952f1d0fc3ebb6abc5f56572f6b7c47265b98e4deef07eb6c39f24a5ab70
expires: Mon, 11 Dec 2023 05:37:44 GMT

POST
H2 200 list Show response
mcs.tobsnssdk.com/ Frame C143 7 B
922 B 186ms
186ms XHR
application/json 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Requested by: Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: bd23c68e.478629cb
date: Mon, 11 Dec 2023 05:37:44 GMT
upstream-caught: 1702273064325544
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231211053743D8EF94CD0AC3C20876F5-7D480C389826B60E-00
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 167,104.126.37.124
server-timing: cdn-cache; desc=MISS, edge; dur=151, origin; dur=17, inner; dur=10
content-length: 7
pragma: no-cache
server: TLB
x-tt-logid: 20231211053743D8EF94CD0AC3C20876F5
x-cache-remote: TCP_MISS from a23-193-104-216.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-max-age: 1800
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 17,23.193.104.216
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea005d3f9fe50253a23474beafc4021ad56c936d65b42bdc8de095344c267009c631905fbd499bb34c8e574b4ce70955cb5f1bd63440fab1bcc5ec37fea0258b80e4ada2e12ba2ae681e8a5fc9563db0b4da2e5fae7f26d15c7b3e9c96e55a8d32e3
expires: Mon, 11 Dec 2023 05:37:44 GMT

OPTIONS
H2 200 list
mcs.tobsnssdk.com/ Frame 0
0 162ms
162ms Preflight 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haibunda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Mon, 11 Dec 2023 05:37:44 GMT
expires: Mon, 11 Dec 2023 05:37:44 GMT
pragma: no-cache
server: TLB
server-timing: inner; dur=0 cdn-cache; desc=MISS, edge; dur=1, origin; dur=154
upstream-caught: 1702273064146301
x-akamai-request-id: 4786271e
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-origin-response-time: 154,104.126.37.124
x-tt-logid: 202312110537432671B2FA801330F0B672
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b1345e262ade5a48beb6c41b6308929d266423c036494564577e75164e5172db93ba244a7dfd03678377e645df474a97ddb2b38485765bd4cbde4430c42646182de30
x-tt-trace-id: 00-2312110537432671B2FA801330F0B672-4A14BF6A8E2F5C02-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

OPTIONS
H2 200 list
mcs.tobsnssdk.com/ Frame 0
0 164ms
164ms Preflight 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haibunda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Mon, 11 Dec 2023 05:37:44 GMT
expires: Mon, 11 Dec 2023 05:37:44 GMT
pragma: no-cache
server: TLB
server-timing: inner; dur=2 cdn-cache; desc=MISS, edge; dur=1, origin; dur=156
upstream-caught: 1702273064147927
x-akamai-request-id: 4786271f
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-origin-response-time: 157,104.126.37.124
x-tt-logid: 20231211053743C44632686D5E7FDEEB58
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134562122c7fe03a408df230670f3dcd326d04d8aae1f207f071ce1e795aa0f5bbf2a7ae7a19d91d0e5803b546204ab922eebaa4db05590c375de31ef7d48a212710
x-tt-trace-id: 00-231211053743C44632686D5E7FDEEB58-4E643EB37F982D0B-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

OPTIONS
H2 200 list
mcs.tobsnssdk.com/ Frame 0
0 163ms
163ms Preflight 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haibunda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Mon, 11 Dec 2023 05:37:44 GMT
expires: Mon, 11 Dec 2023 05:37:44 GMT
pragma: no-cache
server: TLB
server-timing: inner; dur=1 cdn-cache; desc=MISS, edge; dur=0, origin; dur=155
upstream-caught: 1702273064147730
x-akamai-request-id: 47862721
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-origin-response-time: 155,104.126.37.124
x-tt-logid: 2023121105374381C81B1DE0735AEB92D9
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134536f1c6955a817d45ede27532755ae3998989e55f2d1da7ca4756471d901a6134fd22952f1d0fc3ebb6abc5f56572f6b7c47265b98e4deef07eb6c39f24a5ab70
x-tt-trace-id: 00-23121105374381C81B1DE0735AEB92D9-48BAF0D37575B7A7-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H2 200 thetracker-haibunda-v3.min.js Show response
cdn.detik.net.id/loganalysistracker/ Frame C143 6 KB
3 KB 180ms
179ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/loganalysistracker/thetracker-haibunda-v3.min.js?v=3.1

Requested by

Host: www.haibunda.com
URL: https://www.haibunda.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

6d0a94daeed6fb13bff4a040ee8a19cf4e987f9425b42dc2c116f4c7b2717039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:44 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Tue, 02 Feb 2021 02:34:34 GMT
server: st1
content-encoding: gzip
etag: W/"6018ba3a-185f"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 detikBigDataSdk.js Show response
cdn.detik.net.id/loganalysistracker/ Frame C143 106 KB
36 KB 180ms
180ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/loganalysistracker/detikBigDataSdk.js?v=1.7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGBMBG8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

344c23ba1cbc2b819add73db2c6dce106bbf7f4a06c59b1030677cffe3ee668e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:44 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Thu, 08 Sep 2022 08:55:53 GMT
server: st1
content-encoding: gzip
etag: W/"6319ae19-1a7d3"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 videojs.v7.21.5.B.monocss.min.css
cdn.detik.net.id/detikVideo/css/ Frame C143 53 KB
15 KB 376ms
376ms Stylesheet
text/css 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/detikVideo/css/videojs.v7.21.5.B.monocss.min.css?v=2023121112

Requested by

Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/detik-vertical/js/jquery-3.6.0.min.js?v=haibunda.4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

1e5acfc48e52770c811481b9e607951c08396918d694881420b8e544b5adf936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:44 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 06:53:45 GMT
server: st1
content-encoding: gzip
etag: W/"655ef6f9-d40d"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1;mode=block

GET
H2 200 videojs-custom.css
cdn.detik.net.id/detikVideo/css/ Frame C143 7 KB
2 KB 376ms
376ms Stylesheet
text/css 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/detikVideo/css/videojs-custom.css?v=2023121112

Requested by

Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/detik-vertical/js/jquery-3.6.0.min.js?v=haibunda.4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

8819eb4f77e1935b576b698e1bdc9c11569359f8a9b3abfb0e8cf7b561d48a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:44 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 06:53:45 GMT
server: st1
content-encoding: gzip
etag: W/"655ef6f9-1d16"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1;mode=block

GET
H2 200 videojs.v7.21.5.B.monolib.min.js Show response
cdn.detik.net.id/detikVideo/lib/ Frame C143 1 MB
338 KB 387ms
387ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/detikVideo/lib/videojs.v7.21.5.B.monolib.min.js?v=2023121112

Requested by

Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/detik-vertical/js/jquery-3.6.0.min.js?v=haibunda.4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

9fc69b28a4c6631ebf4940a88feddfca4ec33fd5744d3b5955b80c6c4e36195d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:44 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 06:53:47 GMT
server: st1
content-encoding: gzip
etag: W/"655ef6fb-12ec0c"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block

GET
H2 200 detikVideo.portal.js Show response
cdn.detik.net.id/detikVideo/ Frame C143 82 KB
10 KB 387ms
386ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/detikVideo/detikVideo.portal.js?v=2023121112

Requested by

Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/detik-vertical/js/jquery-3.6.0.min.js?v=haibunda.4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

7d34a47e164ee62fd8fee4fd775d37c36575b412369ade3dbe8afe1a5e20d3c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:44 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 06:53:45 GMT
server: st1
content-encoding: gzip
etag: W/"655ef6f9-1498a"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block

GET
H2 200 separator.js Show response
cdn.detik.net.id/detikVideo/lib/ Frame C143 4 B
244 B 386ms
386ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/detikVideo/lib/separator.js

Requested by

Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/detik-vertical/js/jquery-3.6.0.min.js?v=haibunda.4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

9a4e79834ffdb71cb10babcae620e49c29ff20bcfddfdf1a1f0671594b008a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:44 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 12 Apr 2023 06:34:30 GMT
server: st1
etag: "643650f6-4"
cache-status: HIT
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4
x-xss-protection: 1;mode=block

GET
H2 200 reviveavoc.js Show response
cdn.detik.net.id/commerce/revive/ Frame C143 45 KB
10 KB 386ms
386ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/commerce/revive/reviveavoc.js?v=2023121112

Requested by

Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/detik-vertical/js/jquery-3.6.0.min.js?v=haibunda.4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

74d42335413dfbd956d8593d043ce8486ad388bd0f8693d10729ff14e12f4538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:44 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 02 Nov 2022 10:03:16 GMT
server: st1
content-encoding: gzip
etag: W/"63624064-b3b0"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
x-xss-protection: 1;mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 video-hotspot.min.js Show response
cdn.detik.net.id/detikVideo/ Frame C143 238 KB
58 KB 386ms
386ms Script
application/javascript 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.detik.net.id/detikVideo/video-hotspot.min.js?v=2023121112

Requested by

Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/detik-vertical/js/jquery-3.6.0.min.js?v=haibunda.4.5.9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

668d8dc313b0147da354412d4296b99d1f0356632946ecb5a511ba4c82a59be2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:44 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 06:53:48 GMT
server: st1
content-encoding: gzip
etag: W/"655ef6fc-3b69c"
cache-status: HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1;mode=block

GET
H2 200 empty1x1.png
cdn.detik.net.id/detikVideo/img/ Frame C143 68 B
301 B 386ms
386ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.detik.net.id/detikVideo/img/empty1x1.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:44 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 12 Aug 2020 06:39:04 GMT
server: st1
etag: "5f338e88-44"
cache-status: HIT
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 68
x-xss-protection: 1;mode=block

POST
H2 204 rum Show response
www.haibunda.com/cdn-cgi/ Frame C143 0
60 B 10ms
10ms XHR
text/plain 2606:4700::6812:1c8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haibunda.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.haibunda.com/embed/video/322813?smartautoplay=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: application/json

Response headers

date: Mon, 11 Dec 2023 05:37:44 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.haibunda.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 833b609c7e4571bb-FRA

GET
H2 200 thumbnail-juara-cilik-anya-prameswari_169.jpeg
akcdn.detik.net.id/visual/2023/12/05/ Frame C143 42 KB
42 KB 188ms
188ms Image
image/jpeg 203.190.242.102
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://akcdn.detik.net.id/visual/2023/12/05/thumbnail-juara-cilik-anya-prameswari_169.jpeg?w=600&q=90

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.190.242.102 , Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s2-102-242.190.203.detik.com

Software

st8 /

Resource Hash

d3e1fec97691453275dc558cfa2fc2bc7b238379c7b9eac539e0eededce5778e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:44 GMT
middle-cache: HIT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
iresizer: ir-st9
server: st8
etag: W/"38da40ae86f440193a572ceeedf3b67cabee927a"
cache-status: HIT
vary: Accept-Encoding
content-type: image/jpeg; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 list Show response
mcs.tobsnssdk.com/ Frame C143 7 B
776 B 172ms
172ms XHR
application/json 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Requested by: Host: lf16-data.bytepluscdn.com
URL: https://lf16-data.bytepluscdn.com/obj/data-static-sg/log-sdk/collect/5.0/collect-rangers-v5.0.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash: fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678

Request headers

Referer: https://www.haibunda.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-akamai-request-id: 47862ecf
date: Mon, 11 Dec 2023 05:37:44 GMT
upstream-caught: 1702273064642968
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121105374381C81B1DE0735AEB934F-48BAF0D37575B9A7-00
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=9, cdn-cache; desc=MISS, edge; dur=0, origin; dur=165
content-length: 7
pragma: no-cache
server: TLB
x-tt-logid: 2023121105374381C81B1DE0735AEB934F
access-control-max-age: 1800
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haibunda.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 165,104.126.37.124
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134536f1c6955a817d45ede27532755ae3998989e55f2d1da7ca4756471d901a6134ee02bd564bbee3103a7d710e191e9bbdbaa091cb8cc796f9c24f03914d597de8
expires: Mon, 11 Dec 2023 05:37:44 GMT

OPTIONS
H2 200 list
mcs.tobsnssdk.com/ Frame 0
0 162ms
162ms Preflight 104.126.37.128
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcs.tobsnssdk.com/list
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.128 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-128.deploy.static.akamaitechnologies.com
Software: TLB /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haibunda.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin: https://www.haibunda.com
access-control-max-age: 1800
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Mon, 11 Dec 2023 05:37:44 GMT
expires: Mon, 11 Dec 2023 05:37:44 GMT
pragma: no-cache
server: TLB
server-timing: inner; dur=1 cdn-cache; desc=MISS, edge; dur=0, origin; dur=154
upstream-caught: 1702273064479647
x-akamai-request-id: 47862c37
x-cache: TCP_MISS from a104-126-37-124.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-origin-response-time: 154,104.126.37.124
x-tt-logid: 2023121105374381C81B1DE0735AEB9323
x-tt-trace-host: 01da038bc7c45874640ce7eae7eae3ea00ec63fe8bc5473783c8823a101c6b134536f1c6955a817d45ede27532755ae3998989e55f2d1da7ca4756471d901a6134fd22952f1d0fc3ebb6abc5f56572f6b7c47265b98e4deef07eb6c39f24a5ab70
x-tt-trace-id: 00-23121105374381C81B1DE0735AEB9323-48BAF0D37575B8DF-00
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn

GET
H2 200 __dtm.gif
stat.haibunda.com/detikanalytic/ Frame C143 32 B
145 B 355ms
305ms Image
image/gif 34.117.38.128
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.haibunda.com/detikanalytic/__dtm.gif?dtmwv=3.0&dtmn=910603788&dtmdt=Anya%20Prameswari%2C%20Peraih%20Puluhan%20Medali%20Olimpiade%20Matematika%20%26%20Sains%20di%20Kancah%20Internasional&dtmhn=www.haibunda.com&dtmp=/embed/video/322813?smartautoplay=true&dtmf=-&dtma=253724688.910603788.1702273065.1702273065.1702273065.1&dtmb=253724688.1.10.1702273065&dtmr=https://www.haibunda.com/&createddate=1701839366000&articleid=322813&kanalid=64&custom_title=anya+prameswari%2C+peraih+puluhan+medali+olimpiade+matematika+%26+sains+di+kancah+internasional&custom_type=detail&custom_pagetype=video&custom_siteid=6&dtmac=acc-detikhaibunda&dtmacsub=desktop&namakanal=parenting&custom_pagetype=singlepage&articledewasa=dewasatidak&articlehoax=default&publishdate=1701839366000&contenttype=singlepagevideo&video_id=322813&author=Tim%20Multimedia%20HaiBunda&keywords=juara%20cilik%2C%20anya%20prameswari%2C%20olimpiade%20matematika%2C%20parenting%2C%20anak%20cerdas%2C%20anak%20berprestasi&thumbnailUrl=https%3A%2F%2Fakcdn.detik.net.id%2Fvisual%2F2023%2F12%2F05%2Fthumbnail-juara-cilik-anya-prameswari_169.jpeg%3Fw%3D650&status=1&createddate_str=2023%2F12%2F06%2012%3A09%3A26&publishdate_str=2023%2F12%2F06%2012%3A09%3A26&createddate_ori=1701839366000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.38.128 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 128.38.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
content-type: image/gif

GET
H2 200 empty1x1.png
cdn.detik.net.id/detikVideo/img/ Frame C143 68 B
301 B 422ms
422ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.detik.net.id/detikVideo/img/empty1x1.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:45 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 12 Aug 2020 06:39:04 GMT
server: st1
etag: "5f338e88-44"
cache-status: HIT
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 68
x-xss-protection: 1;mode=block

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C143 367 KB
126 KB 173ms
32ms Script
text/javascript 2a00:1450:4001:808::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/libs/detik-vertical/js/jquery-3.6.0.min.js?v=haibunda.4.5.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

bda9ec230e9fd779256cde4a4b7687c6fbfab102624bed226faca3e27d255716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128901
x-xss-protection: 0
expires: Mon, 11 Dec 2023 05:37:46 GMT

GET
BLOB 206
Partial Content 9087abd7-9d14-4f6d-80fc-88ec8e275ee9
https://www.haibunda.com/ Frame C143 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.haibunda.com/9087abd7-9d14-4f6d-80fc-88ec8e275ee9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content bb6b6e90-bea0-44b0-9093-feb923344735
https://www.haibunda.com/ Frame C143 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.haibunda.com/bb6b6e90-bea0-44b0-9093-feb923344735
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
DATA 200
OK truncated
/ Frame C143 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://www.haibunda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 backward-button-10.png
cdn.detik.net.id/detikVideo/img/ Frame C143 13 KB
13 KB 185ms
185ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.detik.net.id/detikVideo/img/backward-button-10.png?v=2023121112

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

e56a8cc500f4cd82efab444010c3ed77047b48e549fb8ed8b9e63d8cc3678935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:46 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 06:53:46 GMT
server: st1
content-encoding: gzip
etag: W/"655ef6fa-324d"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block

GET
H2 200 forward-button-10.png
cdn.detik.net.id/detikVideo/img/ Frame C143 12 KB
12 KB 186ms
185ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.detik.net.id/detikVideo/img/forward-button-10.png?v=2023121112

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

99f41b4231a48b06a85bd1c1a2a06cf34e60cfb2ddf5d8dabda352b893fc128f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:46 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 06:53:46 GMT
server: st1
content-encoding: gzip
etag: W/"655ef6fa-2f5c"
cache-status: HIT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-xss-protection: 1;mode=block

GET
H2 200 empty1x1.png
cdn.detik.net.id/detikVideo/img/ Frame C143 68 B
301 B 186ms
186ms Image
image/png 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.detik.net.id/detikVideo/img/empty1x1.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:46 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 12 Aug 2020 06:39:04 GMT
server: st1
etag: "5f338e88-44"
cache-status: HIT
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 68
x-xss-protection: 1;mode=block

GET
H2 200 empty1x1.webp
cdn.detik.net.id/detikVideo/img/ Frame C143 74 B
308 B 186ms
186ms Image
image/webp 103.49.221.172
DETIK-AS-ID PT. D...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.detik.net.id/detikVideo/img/empty1x1.webp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.49.221.172 Depok, Indonesia, ASN24211 (DETIK-AS-ID PT. Detik Ini JUga, ID),

Reverse DNS

s221-cast-172-221-49-103.detik.com

Software

st1 /

Resource Hash

b5d621c696f2763e126b1668888961fe95f3cab2410d49da6096b2066edd59ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:46 GMT
middle-cache: HIT
x-content-type-options: nosniff
last-modified: Wed, 12 Aug 2020 06:38:56 GMT
server: st1
etag: "5f338e80-4a"
cache-status: HIT
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
content-length: 74
x-xss-protection: 1;mode=block

GET
H2 200 playlist.m3u8 Show response
vod.haibunda.com/mc/_definst_/smil:http/mc/video/detiktv/videoservice/Haibunda/2023/12/05/eeb39f9fa19e4a059bc07ab4f24a03b1.smil/ Frame C143 295 B
592 B 566ms
188ms XHR
application/vnd.apple.mpegurl 103.49.221.99

General

Check archive.org

Show headers Download Go to

Full URL: https://vod.haibunda.com/mc/_definst_/smil:http/mc/video/detiktv/videoservice/Haibunda/2023/12/05/eeb39f9fa19e4a059bc07ab4f24a03b1.smil/playlist.m3u8
Requested by: Host: cdn.detik.net.id
URL: https://cdn.detik.net.id/detikVideo/lib/videojs.v7.21.5.B.monolib.min.js?v=2023121112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.49.221.99 -, , ASN (),
Reverse DNS
Software: ngx_wz13 /
Resource Hash: 3d8cefc9062a4a67a7cb648d3462cf5b9d8f90dd3cc2a1f95b0c7a83fce79b27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 13:13:44 GMT
content-encoding: gzip
server: ngx_wz13
access-control-allow-methods: GET, OPTIONS
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Date, Server, Content-Type, Content-Length
cache-control: no-cache, public, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Range, Origin, X-Requested-With, Content-Type, Accept, Range
content-length: 165

GET
H2 200 bridge3.608.2_id.html Show response
imasdk.googleapis.com/js/core/ Frame BBD6 750 KB
241 KB 14ms
13ms Document
text/html 2a00:1450:4001:808::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.608.2_id.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

151ae61a345450aeb627c64f73ddaa0936f076e4a8498eb77baeba64cc37481c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haibunda.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 219569
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 246014
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 16:38:17 GMT
expires: Sat, 07 Dec 2024 16:38:17 GMT
last-modified: Thu, 07 Dec 2023 18:27:35 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame C143 44 KB
16 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.haibunda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Dec 2023 05:37:46 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2A1F 40 KB
14 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:23:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 11 Dec 2023 06:23:03 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame BBD6 2 KB
2 KB 120ms
49ms XHR
text/xml 2a00:1450:4001:806::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=640x360&iu=%2F4905536%2FHaiBunda_desktop%2Finstream_parenting&gdfp_req=1&env=vp&output=xml_vmap1&ciu_szs=300x250&ad_rule=1&cmsid=2496848&vid=322813&unviewed_position_start=1&url=https%3A%2F%2Fwww.haibunda.com%2Fembed%2Fvideo%2F322813%3Fsmartautoplay%3Dtrue&description_url=desktop-parenting-Anya%20Prameswari%2C%20Peraih%20Puluhan%20Medali%20Olimpiade%20Matematika%20%26%20Sains%20di%20Kancah%20Internasional&correlator=1184368979864872&vpa=auto&vpmute=1&sdkv=h.3.608.2&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.1.0&sdki=445&ptt=20&adk=155961742&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&media_url=blob%3Ahttps%253a%2F%2Fwww.haibunda.com%2Fc415298c-d5ef-473c-8816-879b04fcecf9&sid=44F758B6-3138-41F2-A2D1-A2B8B8681F75&a3p=EhwKDWNyd2RjbnRybC5uZXQYlv6Fu8UxSABSAghkEhkKCnB1YmNpZC5vcmcY8P6Fu8UxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJb-hbvFMUgAUgIIZBIXCghydGJob3VzZRi1_4W7xTFIAFICCGoSGQoKdWlkYXBpLmNvbRiW_oW7xTFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pZEZKUFZGZFNaVzVSYlU5NmFtUnpZMFpaVTJKelp6MDlJbjA9GLyBhrvFMUgAEhsKDGlkNS1zeW5jLmNvbRi2_4W7xTFIAFICCGo.&nel=0&eid=44730896%2C44772139%2C44777649%2C44781409%2C44804291%2C44804617&ref=https%3A%2F%2Fwww.haibunda.com%2F&top=https%3A%2F%2Fwww.haibunda.com%2F&loc=https%3A%2F%2Fwww.haibunda.com%2Fembed%2Fvideo%2F322813%3Fsmartautoplay%3Dtrue&dt=1702273066749&cookie=ID%3Da95cc6304a80debe%3AT%3D1702273056%3ART%3D1702273056%3AS%3DALNI_MaXdsiEg6sgUjHzVbnXrtXAgoM4uw&gpic=UID%3D00000d136da6425b%3AT%3D1702273056%3ART%3D1702273056%3AS%3DALNI_MZuGhX9m6Rg5W0dGSbzx1wt5aNjkw&scor=396086005995644&ged=ve4_td7_tt0_pd7_la7000_er2341.897.2341.897_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_id.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

64043351ade6e7804bdc89def63c0b93bc386df3fce0e4cb7944eba02be71be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 05:37:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1055
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET chunklist_w1242425692_b379304.m3u8
vod.haibunda.com/mc/_definst_/smil:http/mc/video/detiktv/videoservice/Haibunda/2023/12/05/eeb39f9fa19e4a059bc07ab4f24a03b1.smil/ Frame C143 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvW71EEk6siWuOSQ4J93ntGyGi6EEYDZhTGO4CFGmOrr1Gxl-xJ4AvSCm9Qg_BaTq6_xvDTl2Lf8GwsarEFjBPuBQxGeHxXfY1mpYL0PvpUwrUCvf3hkgKqnRmvFRc1cLqYpgVwO91mwskDrRPynTQ8uTFfWS-jdrzbUqns2a8VGBU3OaqV8wkptgKF-U4M4MrXSYc211OvPN-WnMVlDp8e8hdEbH3bJlK5AH92kDRRrSoMAjau63UsySZPUYIw3LO9l9lHvpMeRyFkpe4RQfLIDmrqbOn14L-5-fsvQwxry1MDN0NeMzt9Hs-fUJzNP-HB9l84U7lqhIH_0cwoZgOi42C42tJrw_rnTO017_4rcxAnv4AhHKMqc-fl-9REQmvHlShs8wY&sai=AMfl-YTfaNQINs5IEjrowbmFw0VwHINRzuyrYU10by7ITvIlsQy1Tr_5n1FMxtcV6xa8qdI8hasOjEvMwnhy1CS5t2rEOqA0ZiGZvNfXkmoceL3vf-uGqDJesQPT7nootHF8PEisrHRw-7J7pcG4ir9rodC_CW1BvKy30ajCmQ&sig=Cg0ArKJSzE1SdRLfyRICEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Domain: vod.haibunda.com
URL: https://vod.haibunda.com/mc/_definst_/smil:http/mc/video/detiktv/videoservice/Haibunda/2023/12/05/eeb39f9fa19e4a059bc07ab4f24a03b1.smil/chunklist_w1242425692_b379304.m3u8

Verdicts & Comments Add Verdict or Comment

328 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.haibunda.com/	1970-01-20 19:00:49	Name: _gcl_au Value: 1.1.571431742.1702273056
.haibunda.com/	1970-01-20 16:52:39	Name: _gid Value: GA1.2.1710171754.1702273057
.haibunda.com/	1970-01-20 16:51:13	Name: _gat_UA-891770-244 Value: 1
.haibunda.com/	1970-01-20 19:00:49	Name: _fbp Value: fb.1.1702273056715.804147843
.criteo.com/	1970-01-21 02:12:49	Name: uid Value: 1c6ac393-c2bb-49f8-a4cf-d58ada266ff9
.criteo.com/	1970-01-21 02:12:49	Name: receive-cookie-deprecation Value: 1
.haibunda.com/	1970-01-21 02:12:49	Name: cto_bundle Value: 8Pio7V9YUFJPU1FPNnR0ZGNicGcyRUUzeFhWTGN0QTFSRVh5bjZNRDZGYmtERU91cWI2WHpEdlZIaDFUTFpJcHAlMkZYaTA0cGhXJTJGeE16Zk5KS3BwRXhHJTJGUHFaQWFrUlFuQjNheUpSeVpqanN6VHhERmxMQ2tBRGNQUEhiamVOazVKU1p4RTNZJTJCNzZlSkRXUVVFeUd6aGtYbmZLUSUzRCUzRA
.openx.net/	1970-01-21 01:36:49	Name: i Value: b5139359-17a7-4263-b38d-db1c15849bb2\|1702273056
.doubleclick.net/	1970-01-21 02:12:49	Name: IDE Value: AHWqTUlmbQQ3eiFrItCANwxl5lXYrZr28dJMREOw1QoATfJneXxLx5pSppa2WDOP
.casalemedia.com/	1970-01-21 01:36:49	Name: CMID Value: ZXagIMQyfDFZP2f4ba9OYQAA
.casalemedia.com/	1970-01-20 19:00:49	Name: CMPS Value: 3253
.casalemedia.com/	1970-01-20 19:00:49	Name: CMPRO Value: 3253
.adnxs.com/	1970-01-20 19:00:49	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>zDM('[!@wnfH8K6pQK`!5=E<L5?%LY^ka916<L:J2do#7p0YT3C_L79AEh)BLCJ(bpRzqF1`b_17%KZy
.doubleclick.net/	1970-01-20 21:10:25	Name: APC Value: AfxxVi7-D8O7JxlYsvHxxKnEsKR_n1kuIVErpK8IYUZHoaQZEP6VNg
.adnxs.com/	1970-01-20 19:00:49	Name: uuid2 Value: 7892653896567926582
.insurads.com/	1970-01-21 01:38:15	Name: ___iat_gid Value: A4DB29AF5192A2DB
.haibunda.com/	1970-01-20 16:51:14	Name: ___iat_ses Value: A4DB29AF5192A2DB
.haibunda.com/	1970-01-20 21:10:25	Name: ___iat_vis Value: A4DB29AF5192A2DB.6d26e0850e76e598547ecb337151d9f4.1702273057168.a23e81c1559bad30a10d932d5b05345d.MMAUOBZIEB.11111111.1.0
.haibunda.com/	1970-01-21 02:20:01	Name: _cb Value: BO4Fl1BbB1WqBjshlh
.haibunda.com/	1970-01-21 02:20:01	Name: _chartbeat2 Value: .1702273057568.1702273057568.1.CL5UXtBokRYkCndh7DDdIN1NDhPVZ4.1
.haibunda.com/	1970-01-20 16:51:14	Name: _cb_svref Value: null
www.haibunda.com/	1970-01-20 17:34:25	Name: _pbjs_userid_consent_data Value: 6683316680106290
.haibunda.com/	1970-01-21 01:36:49	Name: _sharedID Value: 348fd632-7732-4b83-9544-0dfa15c4b822
.haibunda.com/	1970-01-21 02:12:49	Name: __gads Value: ID=a95cc6304a80debe:T=1702273056:RT=1702273056:S=ALNI_MaXdsiEg6sgUjHzVbnXrtXAgoM4uw
.haibunda.com/	1970-01-21 02:12:49	Name: __gpi Value: UID=00000d136da6425b:T=1702273056:RT=1702273056:S=ALNI_MZuGhX9m6Rg5W0dGSbzx1wt5aNjkw
.doubleclick.net/	1970-01-20 17:34:25	Name: ar_debug Value: 1
.redintelligence.net/	1970-01-20 19:00:49	Name: 8lcfmzhxc8d6_uid Value: dad8b51e36a52d85
.doubleclick.net/	1970-01-20 16:51:16	Name: DSID Value: NO_DATA
newrevive.detik.com/	1969-12-31 23:59:59	Name: OAGEO Value: DE%7C%7C%7C%7C51.2993%7C9.491%7C%7C%7C%7C%7C
.awin1.com/	1970-01-20 17:01:17	Name: awpv11601 Value: 113440\|1702273058\|64f4fa01-97e7-11ee-b1a8-22396ad6a5ca
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.office-partner.de/	1970-01-21 02:27:13	Name: source Value: {"webgains_webgains":{"timestamp":1702273058332,"clickCookie":false}}
.haibunda.com/	1970-01-21 01:36:49	Name: dtklucx Value: gen_4e981a55-ecc8-4d8e-7583-08381f0e8d1b
newrevive.detik.com/	1970-01-21 01:36:49	Name: OAID Value: 05c0eaeb34e863e0b904a076ba5c3fee
.haibunda.com/	1970-01-21 02:27:13	Name: _ga Value: GA1.1.1929531125.1702273056
.haibunda.com/	1970-01-21 02:27:13	Name: _ga_LW7SH9Y4G8 Value: GS1.1.1702273056.1.1.1702273063.53.0.0
.haibunda.com/	1970-01-20 16:52:39	Name: __dtmids Value: undefined,322813
.haibunda.com/	1970-01-21 02:27:13	Name: __dtma Value: 253724688.910603788.1702273065.1702273065.1702273065.1
.haibunda.com/	1970-01-20 16:51:14	Name: __dtmb Value: 253724688.1.10.1702273065
.haibunda.com/	1969-12-31 23:59:59	Name: __dtmc Value: 253724688

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://cdn.jsdelivr.net/npm/iframe-resizer@4.3.6/js/iframeResizer.min.js(Line 6) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://cdn.detik.net.id') does not match the recipient window's origin ('https://www.haibunda.com').
network	error	URL: https://recg.haibunda.com/article-recommendation/ Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cdn.detik.net.id/libs/detik-vertical/js/jquery-3.6.0.min.js?v=haibunda.4.5.9(Line 1) Message: Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains" always
X-Content-Type-Options	nosniff
X-Xss-Protection	'1;mode=block'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
a14db19c733178051250ab5bb3df3628.safeframe.googlesyndication.com
ad.doubleclick.net
adservice.google.com
adv.office-partner.de
akcdn.detik.net.id
analytics.webgains.io
api.webgains.io
applets.ebxcdn.com
bcp.crwdcntrl.net
cdn.ampproject.org
cdn.detik.net.id
cdn.haibunda.com
cdn.id5-sync.com
cdn.insurads.com
cdn.jsdelivr.net
cdn.optad360.net
cdn.prod.uidapi.com
cdn.track.production.webgains.team
cdnstatic.detik.com
cm.g.doubleclick.net
collent.haibunda.com
connect.detik.com
connect.facebook.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
editorial.femaledaily.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
get.optad360.io
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900021.redintelligence.net
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
invstatic101.creativecdn.com
kayumanis.detik.com
lf16-data.bytepluscdn.com
mab.chartbeat.com
mcs.tobsnssdk.com
mug.criteo.com
newrevive.detik.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
ping.chartbeat.net
pubads.g.doubleclick.net
pv.medialead.de
r3---sn-4g5lzne6.c.2mdn.net
recg.haibunda.com
region1.analytics.google.com
s0.2mdn.net
securepubads.g.doubleclick.net
services.insurads.com
stat.haibunda.com
static.adsafeprotected.com
static.chartbeat.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
toblog.tobsnssdk.com
tpc.googlesyndication.com
track.webgains.com
vod.haibunda.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.haibunda.com
securepubads.g.doubleclick.net
vod.haibunda.com
103.49.221.172
103.49.221.99
104.126.37.128
142.250.181.230
142.250.185.130
142.250.185.226
142.250.185.66
144.76.238.55
162.19.138.116
163.181.56.215
172.217.16.198
172.64.151.101
18.210.2.56
18.239.50.47
18.65.39.98
185.89.211.116
2.23.68.89
2001:4860:4802:34::36
203.190.242.102
203.190.242.244
23.55.163.57
2400:52e0:1e00::1082:1
2600:1f13:800:7780:e000:f538:bd2d:cf42
2600:9000:211e:4800:f:a31d:75c0:93a1
2600:9000:2250:6a00:a:e047:753:a221
2600:9000:225e:1800:11:a4de:2580:93a1
2600:9000:2611:d200:8:48e:53c0:93a1
2600:9000:2646:5c00:18:1fcd:353:c61
2606:4700:10::6816:3456
2606:4700:3037::6815:25c1
2606:4700::6810:3965
2606:4700::6810:5914
2606:4700::6812:1c8e
2a00:1450:4001:12::8
2a00:1450:4001:803::2003
2a00:1450:4001:806::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2008
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:400c:c00::9b
2a02:2638:3::3
2a02:2638:3::c
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::714
2a0b:4d07:101::1
3.10.29.13
3.11.198.160
34.102.146.192
34.107.217.180
34.117.205.94
34.117.38.128
34.120.107.143
34.149.209.250
34.227.121.59
34.96.70.87
34.98.64.218
52.76.29.240
54.220.142.223
63.35.106.187
65.9.66.68
78.46.23.46
91.121.248.44
015c6dd52952e8805142ba09e0f20848d6b6eb54f6119fac32ab84ecfefe6ad0
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
05d20b8b8b5db9ad1794d810f11803a59fbda373d04d313deeb842d388aac6c8
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
090272d3a2460b68374878cc71d3901c0a5c30aa88364fea75da2bbee81f0200
09c4a499c263c79321dd444b925b53a876bf544ebd877ada013587d1099fdd26
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f5ece39e94279c1f438c935eb4003eeebb18b805a2f2806fe055e4cf29f8ad0
115f4854ff657ac1c116497f31f64731ccf9c7e9b7ef89226bd4dd06ae00a982
123e563660832a5d32f4df8cab340a9534a6717f263942e021219a916260ec99
13e2687882065f87ebe1c4671c63e321a6c5145f8f693ced2812e5bf71e3c09c
147abcd981f7939f14184e96ef62d2d08885057b34e1aaea210bebb2dcfc02ea
151ae61a345450aeb627c64f73ddaa0936f076e4a8498eb77baeba64cc37481c
152973decff63c8c310e218fb2d74576f80a975a6bea168d044b5eb844f5f5c2
172faf4180ed8403d5f26b69c215718865bdbde4a5d7a93bc7b723f9665d60c9
18125a81c865f393739c975d9bf4e10cf43ba6c90111e5e2712ea920900121bd
187a1db2cecd6c8f786600f46f3c5d1782c2900e0f7259483b435c921fd850ad
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1dcce424db633ec2784ab9d60a1e5c0e92eae95abf270a6a77e17046c2bad2f5
1e5acfc48e52770c811481b9e607951c08396918d694881420b8e544b5adf936
1eba471c48a167451577cc2c6c1fff0cad74fe4e8e06e4463a74abead36cf705
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
2202fa796324f006c0b5b3ec0416e66573ef71ae3c2a4d0d18fa898e84f7231a
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
2359620ddb79388c996214727ad274476bc18b9dee875d6f3bf70361bfa85bc7
243169a0b5779c2430fe4e12cbe2ac7ad4aedd22addace394e57a5d1f78bd28b
24b0a3453e05cc95d9da378b01565b5d1f592b01104bcb45bb99ca015f233f52
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27b6e7880d8ec59b516645f3f8984d2365e85e827a95fc032c63d34ce31b1ef4
27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a
2a85dde05c7944389d658145eb29ff453e1b75f046fc7929d5c5f1e9057c42a1
2b7d06c75454ca3a04aafa9d6110fbbbe7a07c9c1f7b89ba2a8c925b2c471986
2ca252b1ec28d3fc04078a3a87894fea0cb9d5ee81f0bbc5a66ff8c5ecaab333
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2f1c6677e58c633ce01ee52f7c00f0ca50d0c6bb01875498eb3643243b02148b
30172fc770b2624d5a2a75f0367804ac23ad348ae43b9590585be3f8b50a3111
3143257f68ce1f7f3581f23e7b05f3d3969e238272b62d5526e9b33d4ebf49a1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
32d9252c1f88d4e358a09f37a32d37dd14a1d8e1da2984d9a1a90c28c6960843
344c23ba1cbc2b819add73db2c6dce106bbf7f4a06c59b1030677cffe3ee668e
3687af2d3788e734fd5019b7b3b5b632045377270277f6ce4fab4c11ef862b24
36ab4f5165cb8011c0d41590d2f97a714b1a0672ffb9c05307c1186e3ae126c0
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
387378d2f231edbd6785e3f202b24462b68838ebee494bdb23d5c713be9a5923
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3a0a7bbb6080642db26b792d41d2cb6bf7123ecee3247e2fbcde39e5498851f9
3b64444ca542f3bd5be8aba927bbf319f8924845d2cf99c053a9a0bc93771302
3bed9c2ec853cd0af23ad80fe0ad52fcd569b76351ea4d0cabfd8aee07f0cb95
3c2d3bf051e5ceab46b67776c86b075de1e755aa34ec5a08fc7fc70e6a93e9d6
3d490bc201c366e2121b60ba924dc4535142aaea0b8d87c4c1b53df4aeaca5f2
3d8cefc9062a4a67a7cb648d3462cf5b9d8f90dd3cc2a1f95b0c7a83fce79b27
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3fd1c4933aefeb81416d2ce45a7ea8f032a5fd637ef04eadc1a8c89adc7d2d06
41f256772529dd56ce2f8bdd006e6a2cec7736283344f1e4dd677bb0ccc9e01f
42b448c8c5f67a9c48b021dfd6676e0c1aa3146b1513d18cad8ba2ad7be9df8c
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
470c3f9b9d534ef1c763871c932a51bc33c6b08029318e4ed4ab863fde764a5c
47f6d44e65ea780e0e2a75250a8e322dad1203220ab1109750d2da700beaddab
4871a0b9c15975aadd71635853aa642aee7d193f32232838447cab31592eebcf
49a540e3ef91f246b1226bd70950b9c6b121b9bad40d7ab4292c7a9b9e697d5b
4a9b77851826caeb54c0bed97fc20fab4c1c697bbc210adb08aa47ca82f1c295
4b09bec3a1a9e9ce38d267677e90bd46d23ecf364494ccb43b0392385fc5530d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d533f38bae7bae6d71d6d9be3b8a5663ec4f02b0bfaabcad38a1c96ba07d130
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ead2bd6c769b87d010407b5bea2b3b642b1d5bcfea1d9103e5044f9c02195fa
4f80281f458217d3879bc58f0785b342f2585072df5fb45f53afd3d0dd7ecca4
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
521b85d1f469b065e20cf6f4cef8ba702fa2995fccefbc845626fdfbb76cbe83
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54cbab9227fd1905a544309be2fad4fb0b43fb698b16f9b1d83c2e416f5450bb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
571cb945330d422ea3e7f7ff0d72818ed2cd717097a0d46e673425adb552b430
5b44d673c9f04283b7424a61005b34394ba22ef7f397c42a5758941ac4714a72
5d7d237a12bb896701b8a81375907d4894236027eb112d6908c13aa5571c6b91
5f16cbd61c5063eee06064df8697819fbb972df80a1f022fdf59954c6b1f533e
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
625bc84e4cb23db18926786e7b43681dc875397800cf02ebac341bf2e44ae671
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
64043351ade6e7804bdc89def63c0b93bc386df3fce0e4cb7944eba02be71be4
6515a1567b1770ae5401a7ca4253151880beae199598f425d6201ff1f4a9b6f3
659f8a09b5e97b0ef2caae50d9cdde63f390010ac8c35f95c62cb5fde23c7b7d
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
65f27c76f5123caea75ae9ae1621b275caabcaba213ff41a6e9678e24acb8298
66172b688b7e5f7c3425f2b23e24388c17a6cc3b1b32272bed772c2bd2b0525d
668d8dc313b0147da354412d4296b99d1f0356632946ecb5a511ba4c82a59be2
68b105c42735f17cc78f509aee362507f90f41aca245bc81fc53eddcd7f787a9
6d0a94daeed6fb13bff4a040ee8a19cf4e987f9425b42dc2c116f4c7b2717039
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
74d42335413dfbd956d8593d043ce8486ad388bd0f8693d10729ff14e12f4538
7559ba45677beff9ea485d64ab945d4a29a460c9319f20f8b131051629a1a67a
75c564b11819eb6c2df664507cdea1ad5bfdfde6ac23a67581da88dd4de66835
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7b5812cff4887b15fb1c6356a442a44106ae4f6d0b3453f83d110a7bc8ed1819
7bf6fd0bbc99a050aa915152a3ece84bfead60c932e3416a3f9b2899f67ba6e5
7d34a47e164ee62fd8fee4fd775d37c36575b412369ade3dbe8afe1a5e20d3c4
7eb9868191a83bed3e358853c3da36f500286d86e7187f83be6359687333ed27
7eca0fe7087d47bf8bba5ab355c02dc00bd403498edcdf259cb8eced59e8db45
7fd9a8a8925e61a98a80214ba14b5daccc0c5b0759cb090674d6a9cbd0622b1f
80f1fbeb1e95f186e1ef324d132860cc499bec297a2ef4b673c73478f21692b7
80f4e592fb822c98ea06e6553fbb20d8c6161644a39de94baaa9c448c6aba20a
8457e02b611eaa79766fadb8497b525d44a797e702317a034b8ae6a1cd2ce4a9
84b3ca0638ff50ab947f966f489414aefd831865c8ab0145af74d4bbbfba3ab6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8503ca172b8449f786f7ded80bde785489ebd41c172190b741c65f5f16f7bd83
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
85a9869a96e93e6ab2df4e9f1eab7bf897ac15193a9bf54dfcbe239619c9fcaf
85be195f91e505379a7746129e887d1929b93b449ca651e3045dec5fed055879
8761a8589ecc3689d3b8d70efab8bfe58d337c3d575d75aa91c92eaaeccbdd19
878c37b1d5044029b15db9b77c5e96be34385d5f832a6ae9c539a842b4c786e1
8819eb4f77e1935b576b698e1bdc9c11569359f8a9b3abfb0e8cf7b561d48a64
889ed0f48c04d82f2bd820be3891c084083bd88f253a8e4018227e8c7d81f21b
89095ca11eae7b644fac81b99bdef7f8b08ceff77a67bee52c295cb46ef3abfb
892cbed999e182e677a982593b4a2b1054156fb5730cad5f14e26467119e062d
8ad3e1be1b9cb15ea3c9379f994f99e8c97af5a04f894299e1999ed2582ad62e
8baf641907db0884113fac6a39941e595322dbca8da51411bf8a17d489577c25
8c22f613281c06566d5c3e4b4719907ddf71ba50fb8a0471ecfbe613708077d6
8c4263213f1d4d432c983029e4fbd114e8c16b333e9374d95af995aeaaa8e33c
8fd3e69d29bfaad07b5b7a0da28711326d2851e53a7744da030fc2e2521cab3d
93a3fb5e5c49bf236583ced8b20c06d3b0f53572e6465df0606fc13a65ff36e1
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
958bbcf9bfa5175d4f900d794cadb5576c865a56f8643b6e00c2a6963ecd03bc
95ea4f9b70f2ca3ad7bab58bc9dc7ef03450b206e493bd6da1a9878d7e0b9f16
963e58beab597778b19955449f5bbb26ccc583603477243dc3f31504d646bafb
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
99f41b4231a48b06a85bd1c1a2a06cf34e60cfb2ddf5d8dabda352b893fc128f
9a4e79834ffdb71cb10babcae620e49c29ff20bcfddfdf1a1f0671594b008a2a
9e76d2faaefde354bf999b737a43e9627bd1312daded2bd329dd1edef398eb39
9fc69b28a4c6631ebf4940a88feddfca4ec33fd5744d3b5955b80c6c4e36195d
9fdeeace260c539ba397a75bc354082e64925c327e07d1fb4ff788f5f053781a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a07ca75e85cde4d1afb84980d870cc0d9ca8e93e4a26d65a58c31821ecc01a34
a4750878e466fd6d0b024c731f94e59499aa0056bf258505ce37f1c171c7a81d
a4ad0a169308b00cb006a1a6a91dae5d80a1b892cc33cfd14d6190280f847c95
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a650d3922ecaa39dc316c8fc225409d9568918866bb7d37054caf775b538c9e1
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
aa1c613a81da8d0b86714f655b56e5a026a6041003b8a3655edf3dd56491fa65
ac326f6781dff803f38b680f6a65d2a2d7d24849de123ed05630dae5407f4be2
ad04c06e7bfd1056c2f5870ba16c2f2c24ec1f2b28d57d887fcdb26db9093865
ad2181475c22168eef94675ffd44c0b3aeed926c3390d64a95be8d042d965fef
ae204700d844b5119226f09d1573017f6838a59f632fc8d2db64c6cd95494208
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af0280c8646154adb38a8e059fd0c5cfb21b954eb38031fcba65240da35061ff
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b05831cefcbe7bd3df947cb7d1b88b0c1604bcb04227b23b77b2396ac986f267
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2be998af7bc5c3d0c2404d79aac315f7827ad228c20a2e282e5088b5d05d09a
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b5bed69914098073139a473972c831c73ac758564a3ee6a8fa6d7f0f0e2a7868
b5d621c696f2763e126b1668888961fe95f3cab2410d49da6096b2066edd59ca
b983d5376ac2f5b7cb2ffbf9640ffe96d4a73d175d5116651f9c5cb00cdad711
ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bbd58a1c832602875a0b34aba97d954d24dfa30ff69f95559ef675047b48a190
bc68f41f5d8aebea1af7b2267280fd9381b2262e2179292c7b45297cd6176822
bd1bc694aea3c3b894329e733eee326bd26493c0cf7f338fba60bae54b445d58
bda2b2b3fe408efaec1312cdc117f353a14e6d1717f1846d827c319c5836bbff
bda9ec230e9fd779256cde4a4b7687c6fbfab102624bed226faca3e27d255716
c0997b6ac6ae7b9432fdef4fe85abb03e095c45ffb36bd1071304d2606e8d47d
c0dfe0904eef3bda20161c0d9c4e09937650d0272db5ea6cbbee23789e4b992b
c12803520c7a797de6491d1f3630c4abca9996fe513fc26535a1643cb925184e
c2b126f8cf108b0b24da09947ec0f6ae3d55df120a87e1dd9ab6527fee53fe55
c47a3fc99dac7796a8041a5cd5dfbe7075591a26c89caaa1eddfef27f4584459
c54d5d4d0ab6332548945e7c2989a8e7bebee9fc4f80c75f5edd76bb2816f566
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c6b125c8dc7b6c653f8b83247885e3ebb9f92ffe94a32efa224302737eb0174d
c7250395f87e5a28fc6401a6782a5a0a8211bb6efcc9722bd6821fa48d2cda98
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c99825de0ccd22fd57d3938b950361269d982a204a487087905db129256c3e20
ca1f8d01f8e97b305403ba92eb765ec47ea35aaaf088ffd40a934e35401d0c5e
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d118a84feb11debf2c46ecca1ec1014205c1c369de317df3f217fa92b92eb423
d29092b1c9a8c715fed5f389f9d077a8b76fb80885912ad7a322b9b5353ed678
d291ea326fd2d8b5f194ae98b2891b6aec54f066adddd6ab99ffaccde0bc0685
d3e1fec97691453275dc558cfa2fc2bc7b238379c7b9eac539e0eededce5778e
d45b32cf6bd6e88742ffe7e217493a27513dfb56613b6dc7f69855fb4364267b
d4f8572b20f37e1bcc8faa6354d4223227164c82792fdb2cd0048d3c46e74d64
d6cd0567de90117a36966d71f4cd44e4a23b7cf717e18dd4bfdd3bfef394407d
d7f8499000f0bc1d83a98757bf2b85689e8a2277b1f2d20500ec4aa2d96853f1
d83129bfd8ba1d595280732060c1987dcb8ad35381cfdcbe7bbf8144b0e04e7f
d83e9935695c996946bfad955752b483ff58fc2ce589b50990ac44ecbceeeae6
d8cb32ad4280e70dcd9168e2ea3a7b3c1cf2f5955959b69f9648aae9485ba576
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfbfedb314daba594ef58afe599c84d874060c861cbc49163c3c95e395a504cf
e0fc243e9972387fa20dd5e96d09d80caad5e113434d4a01c61f8b0030cf09ac
e1dcf927c0e7e3c645c3835ea2bc4164fe76b80b1f509ee58ee30c736fa02d98
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e26d387ec0dec7a7f61e21dbe3194546e00a112e2b82376d23434ae269b3066a
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42c48eaa0f6cff2fabe511e0ebaf0f37dd83d9082030256c2dd0ddd71a8fdf2
e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba
e565233aaf9bebf16449491ec075f722883713b606e89f7c62c96f9a50ba5654
e56a8cc500f4cd82efab444010c3ed77047b48e549fb8ed8b9e63d8cc3678935
e61f6e0372b681226a456b9f8bf621708e402ea5f082fb8af4ad2efe4b7a3d66
e63f81694b0c09a8e3e503520cd64e8cb1fcb1c0f6d2d46038ec858bc617c6e9
e6997f451bbf8012dea5fb3b9f2e974a2f86861364126915097d81096392c800
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb46a46f643895746cfe3e2e199278b0154edfb75cecb1132df74f47b84d67b5
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb97d0bf8cc813f1a88fedac9dac9fa58bb1d541200ecdeb36c4ce7e0b3b800d
ebeb832ec1665102de92372c87d679759182e0d45bc533f704d56bec6865eb6a
ecf5938e74b5b2a3aa509c3e71a53fc0b44bb1a32f8d2a9af145d26ff027e470
eea3668c05671273723d5e06b6e6661aee47d89a54b732347bd9ed70b7fa0bbf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f5a84e4039b50c9c4053ebd8991aec14d5cdcec168bfaa2f27d4d5fcbd1255
f25cf1a788fd845ec9fd9612d636207ad7db744aa99624c76fb6c8ecd379e92f
f3a17dbeb1279ddd9aa45595a39b0dc40ada6fa4fc2f4e3c7cf3e460e3410c76
f3b23f3995257725895e59383cf54ebf2a175fec5ee42767e52bbca6cf1b4bc2
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
faa9e3a73fbbde0ef5e5e330b6fe619fd136a5c8dc677dc9d8c8b98c66efa330
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678
fc11dd076da3f54de838ecc446e03acd286599095a7b4e880af2a34a6caf69a1
fd4882e87c37b0ce91b1c7fbebca9af1489952b69dfd352eadb86071166477f4
fe8d3068bac35e92c6414cb5209a4554b669b8dad39d8a3115e0c69c1f343fca
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.haibunda.com Open in urlscan Pro 2606:4700::6812:1c8e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

396 Requests

95 %HTTPS

51 %IPv6

46 Domains

81 Subdomains

76 IPs

9 Countries

8715 kBTransfer

19890 kBSize

40 Cookies

29 Outgoing links

Redirected requests

396 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.haibunda.com Open in urlscan Pro
2606:4700::6812:1c8e Public Scan

Screenshot
Live screenshot

Full Image

396
Requests

95 %
HTTPS

51 %
IPv6

46
Domains

81
Subdomains

76
IPs

9
Countries

8715 kB
Transfer

19890 kB
Size

40
Cookies

396 HTTP transactions
4 data transactions