widget.loket.com Open in urlscan Pro
2606:4700:10::ac43:1e46 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679
Submission: On October 21 via manual (October 21st 2022, 9:53:46 pm UTC) from ID — Scanned from DE

Summary HTTP 57 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 13 domains to perform 57 HTTP transactions. The main IP is 2606:4700:10::ac43:1e46, located in United States and belongs to CLOUDFLARENET, US. The main domain is widget.loket.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 19th 2022. Valid for: a year.

This is the only time widget.loket.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	2606:4700:10:... 2606:4700:10::ac43:1e46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
4	52.219.40.238 52.219.40.238	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
57	14

29 2606:4700:10::ac43:1e46 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.loket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.219.40.238 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1.amazonaws.com

s3-ap-southeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	loket.com widget.loket.com	239 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	263 B
4	amazonaws.com s3-ap-southeast-1.amazonaws.com	82 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	195 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 5017	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6045	564 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84	372 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	153 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 226	621 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 343	14 KB
1	gstatic.com www.gstatic.com	158 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 216	6 KB
57	13

	Domain	Requested by
29	widget.loket.com	widget.loket.com
6	www.facebook.com	widget.loket.com
4	s3-ap-southeast-1.amazonaws.com	widget.loket.com
3	connect.facebook.net	widget.loket.com connect.facebook.net
2	www.google.de	widget.loket.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	widget.loket.com www.googletagmanager.com
2	www.google-analytics.com	widget.loket.com www.google-analytics.com
2	www.google.com	widget.loket.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	widget.loket.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	cdnjs.cloudflare.com	widget.loket.com
57	14

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com

Subject Issuer	Validity	Valid
*.loket.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-19` - `2023-04-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.s3-ap-southeast-1.amazonaws.com Amazon	`2021-12-09` - `2022-12-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-31` - `2022-10-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679
Frame ID: 3CCD67EFB4CB286F30A5B690F5F009DC
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Widget — DuFan

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

57
Requests

100 %
HTTPS

79 %
IPv6

13
Domains

14
Subdomains

14
IPs

4
Countries

870 kB
Transfer

2543 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?phone=622121282127
Title: WhatsApp

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 1666371600 Show response
widget.loket.com/widget/3opbbalqnv3c5qvb/ 39 KB
14 KB 1506ms
1421ms Document
text/html 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

523a03b84dd288ed54ee0fc31f152a3ebdb63a0db7720550cd66e18550bd46cd

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 75dd3a2198b768fd-FRA
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
content-type: text/html; charset=UTF-8
date: Fri, 21 Oct 2022 21:53:38 GMT
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
referrer-policy: strict-origin
server: cloudflare
strict-transport-security: max-age=16000000; includeSubDomains; preload;
vary: Accept-Encoding
x-content-type-options: nosniff
x-upstream: 10.255.58.189:80
x-xss-protection: 1; mode=block

GET
H2 200 page.css
widget.loket.com/themes_1.0/css/ 104 KB
26 KB 805ms
801ms Stylesheet
text/css 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/css/page.css?_=2.1.5

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c4aa64b699b9259c931181128810c74abd7d63c6965e34f6e337c47bd054a8c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
cf-polished: origSize=146294
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
cf-bgj: minify
server: cloudflare
etag: W/"634f85c0-23b76"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2baa6768fd-FRA

GET
H2 200 jquery-ui.min.css
widget.loket.com/themes_1.0/css/ 28 KB
7 KB 742ms
736ms Stylesheet
text/css 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/css/jquery-ui.min.css

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9b57456c017115ce7d5d2597659fd470770ead016bc20fc625ee8a988afdb80

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
server: cloudflare
etag: W/"634f85c0-7051"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2bba7c68fd-FRA

GET
H2 200 jquery-ui.theme.min.css
widget.loket.com/themes_1.0/css/ 13 KB
3 KB 832ms
827ms Stylesheet
text/css 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/css/jquery-ui.theme.min.css

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4454b52b1c3f1316bb54501ded7343818d6a89b53ef8c1abb6b19112bf381374

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
server: cloudflare
etag: W/"634f85c0-35df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2bba8068fd-FRA

GET
H2 200 seating-chart.css
widget.loket.com/themes_1.0/css/ 861 B
1 KB 802ms
797ms Stylesheet
text/css 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/css/seating-chart.css?_=2.1.5

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c7d57058982492c46f3c2524e476e7a0350ff45621445bca04874d1684b730e

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
cf-polished: origSize=1757
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
cf-bgj: minify
server: cloudflare
etag: W/"634f85c0-6dd"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2bba8268fd-FRA

GET
H2 200 bootstrap-datepicker.css
widget.loket.com/themes_1.0/bootstrap/css/ 21 KB
3 KB 803ms
798ms Stylesheet
text/css 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/bootstrap/css/bootstrap-datepicker.css?v=1.1.5

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5f457960e942d944a48b5bc9f02019b0bf275fb189bb5563072d74516148172

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
cf-polished: origSize=21149
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
cf-bgj: minify
server: cloudflare
etag: W/"634f85c0-529d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2bba8368fd-FRA

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 167ms
74ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 1390620
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75dd3a2c3a769104-FRA
expires: Wed, 11 Oct 2023 21:53:39 GMT

GET
H2 200 jquery-2.1.1.min.js Show response
widget.loket.com/themes_1.0/js/vendor/ 82 KB
30 KB 805ms
800ms Script
application/javascript 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/js/vendor/jquery-2.1.1.min.js

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
server: cloudflare
etag: W/"634f85c0-14915"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2bba8968fd-FRA

GET
H2 200 jquery-ui.min.js Show response
widget.loket.com/themes_1.0/js/ 235 KB
64 KB 760ms
756ms Script
application/javascript 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/js/jquery-ui.min.js

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

709a8d05227dfdc05b8dcee9b38b009c3d10e4f5555e64255f2d379b8ac8aa24

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
server: cloudflare
etag: W/"634f85c0-3ab2b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2bba8b68fd-FRA

GET
H2 200 jquery.loketwizard.js Show response
widget.loket.com/themes_1.0/js/ 48 KB
14 KB 752ms
748ms Script
application/javascript 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/js/jquery.loketwizard.js?version=1.2.6

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ac51aba48c2c13e20a7d9b5b654d6d81867080de1557554b3311e725ca8ecba

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
cf-polished: origSize=72720
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
cf-bgj: minify
server: cloudflare
etag: W/"634f85c0-11c10"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2bba8d68fd-FRA

GET
H2 200 jquery.loketform.js Show response
widget.loket.com/themes_1.0/js/ 52 KB
11 KB 804ms
800ms Script
application/javascript 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/js/jquery.loketform.js?version=2.1.2

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d391a946cf0dbce22e7e67c36806073c8dee6d73ac518fd5d93153b04305402

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
cf-polished: origSize=94994
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
cf-bgj: minify
server: cloudflare
etag: W/"634f85c0-17312"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2bfae468fd-FRA

GET
H2 200 main_widget.js Show response
widget.loket.com/themes_1.0/js/ 38 KB
12 KB 821ms
816ms Script
application/javascript 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/js/main_widget.js

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e029759a88f9c0f7791577313ca5a76c37c03134517f95eda53599c06071506

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
cf-polished: origSize=47463
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
cf-bgj: minify
server: cloudflare
etag: W/"634f85c0-b967"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2bfae568fd-FRA

GET
H2 200 loketmd5.js Show response
widget.loket.com/themes_1.0/js/ 5 KB
3 KB 819ms
815ms Script
application/javascript 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/js/loketmd5.js

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07e1564dbb2dbe9d67c9cad4bdb506b8dae2ae57f90e63192990a5e3c57cb699

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
cf-polished: origSize=5481
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
cf-bgj: minify
server: cloudflare
etag: W/"634f85c0-1569"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2bfae768fd-FRA

GET
H2 200 ajaxfileupload.js Show response
widget.loket.com/themes_1.0/js/ 16 KB
4 KB 829ms
825ms Script
application/javascript 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/js/ajaxfileupload.js

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

010318c38a18f265d3a3634ddcf7c7990ffdcf6c21220aecd4f94e2d7bea34be

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
cf-polished: origSize=17843
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
cf-bgj: minify
server: cloudflare
etag: W/"634f85c0-45b3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2bfaea68fd-FRA

GET
H2 200 general.js Show response
widget.loket.com/themes_1.0/js/ 45 KB
11 KB 864ms
860ms Script
application/javascript 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/js/general.js?v=1.0.21

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e34d3d84b8e2c3526f19f45d44787fcabc9cf8b53c3cd6e3174fbb2c74b940b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
cf-polished: origSize=56460
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
cf-bgj: minify
server: cloudflare
etag: W/"634f85c0-dc8c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2bfaeb68fd-FRA

GET
H2 200 general_widget.js Show response
widget.loket.com/themes_1.0/js/ 16 KB
5 KB 865ms
861ms Script
application/javascript 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/js/general_widget.js?v=1.1.5

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3387aa047b8071ef3d0940da9edfe38b7d681008803f592ff572d4ee6983bfb9

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
cf-polished: origSize=19413
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
cf-bgj: minify
server: cloudflare
etag: W/"634f85c0-4bd5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2bfaee68fd-FRA

GET
H2 200 jquery.mask.min.js Show response
widget.loket.com/themes_1.0/js/ 6 KB
3 KB 829ms
826ms Script
application/javascript 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/js/jquery.mask.min.js

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ef803f8bb9cbe07f2407212c2422f87d48dbd08addb5bb994c5f485b2dcc6a

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
server: cloudflare
etag: W/"634f85c0-1788"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2bfaf068fd-FRA

GET
H2 200 jquery.maphilight.min.js Show response
widget.loket.com/themes_1.0/js/ 6 KB
3 KB 866ms
863ms Script
application/javascript 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/js/jquery.maphilight.min.js

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

025d147e080932ef2c87381448202100cc6a5d8aad452d370623c090f4ead4a7

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
server: cloudflare
etag: W/"634f85c0-1828"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2bfaf268fd-FRA

GET
H2 200 jscookie.js Show response
widget.loket.com/themes_1.0/js/ 3 KB
2 KB 831ms
827ms Script
application/javascript 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/js/jscookie.js

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a42bc2665485ce601662cc5273620f66a61b4a001b22b594d5acbb9cfe86bd45

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
cf-polished: origSize=3871
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
cf-bgj: minify
server: cloudflare
etag: W/"634f85c0-f1f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2bfaf368fd-FRA

GET
H2 200 bootstrap.datepicker.js Show response
widget.loket.com/themes_1.0/js/ 10 KB
4 KB 871ms
868ms Script
application/javascript 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/js/bootstrap.datepicker.js

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbbc998ed7b2a75e4b63f4b0d873098b558d6f8af2a22acc3098a39b0265b51e

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
cf-polished: origSize=16236
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
cf-bgj: minify
server: cloudflare
etag: W/"634f85c0-3f6c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2bfaf468fd-FRA

GET
H2 200 bootstrap.timepicker.js Show response
widget.loket.com/themes_1.0/js/ 20 KB
5 KB 865ms
862ms Script
application/javascript 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/js/bootstrap.timepicker.js

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f81d79fab97e936bcd663cac30ca6216820d56ac83a509f55a6eaa7b0bb98699

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
cf-polished: origSize=39570
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
cf-bgj: minify
server: cloudflare
etag: W/"634f85c0-9a92"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2bfaf668fd-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
968 B 145ms
38ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b52b34cf452e92654dd04036ab4a81c81e0b9a6958539752b050f0433f4b1ddd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Fri, 21 Oct 2022 21:53:39 GMT

GET
H2 200 jquery.rwdImageMaps.min.js Show response
widget.loket.com/themes_1.0/js/ 1 KB
1 KB 865ms
862ms Script
application/javascript 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/js/jquery.rwdImageMaps.min.js

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f48c9307dfb8dc03b4905966c82db98a664010c83ea952a6d1e3aaadc00703b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
server: cloudflare
etag: W/"634f85c0-468"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2bfaf768fd-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 453ms
32ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Oct 2022 21:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2263
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 21 Oct 2022 23:15:57 GMT

GET
H2 200 tooltip.css
widget.loket.com/themes_1.0/css/ 524 B
1 KB 736ms
734ms Stylesheet
text/css 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/css/tooltip.css

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d494fd4b14ec6f273c0ab1c444b6d6d5dbfe0f52e3fd04063104eb8242fcaf3

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
cf-polished: origSize=715
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
cf-bgj: minify
server: cloudflare
etag: W/"634f85c0-2cb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2bba8568fd-FRA

GET
H2 200 loket.payw.css
widget.loket.com/themes_1.0/css/ 807 B
1 KB 735ms
732ms Stylesheet
text/css 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/css/loket.payw.css

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70487e25f998cc39aca069800c46e7e6d703513f8149147c0306705a46193e16

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:39 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
cf-polished: origSize=1082
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
cf-bgj: minify
server: cloudflare
etag: W/"634f85c0-43a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a2bba8768fd-FRA

GET
H2 200 loading.gif
widget.loket.com/themes_1.0/img/ 4 KB
5 KB 800ms
797ms Image
image/gif 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.loket.com/themes_1.0/img/loading.gif

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

086b161aedd221e0a3fd1889023135b9223664f5cc6491c8649073618c6da37a

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:40 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
content-length: 4343
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
server: cloudflare
etag: "634f85c0-10f7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
accept-ranges: bytes
cf-ray: 75dd3a312d7768fd-FRA

GET
H2 200 check.png
widget.loket.com/themes_1.0/img/ 870 B
1 KB 815ms
813ms Image
image/png 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.loket.com/themes_1.0/img/check.png

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

358bf2905f7b636a7ddb4d413007d0e9f560a7e852dd43f37b493a9c8dbf6b62

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:40 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
content-length: 870
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
server: cloudflare
etag: "634f85c0-366"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
accept-ranges: bytes
cf-ray: 75dd3a312d7b68fd-FRA

GET
H/1.1 200
OK 20220818012626.jpeg
s3-ap-southeast-1.amazonaws.com/loket-production-sg/images/payment_logo/ 58 KB
59 KB 880ms
300ms Image
image/jpeg 52.219.40.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-1.amazonaws.com/loket-production-sg/images/payment_logo/20220818012626.jpeg
Requested by: Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.40.238 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 725318e42329406d9632d1da828abd3a4ae7c70de94f1e04cd9d4dc2b1ef9331

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 21 Oct 2022 21:53:41 GMT
Last-Modified: Thu, 18 Aug 2022 06:26:27 GMT
Server: AmazonS3
x-amz-request-id: NT063EGTBGHXF3QD
ETag: "8a86413608acdf226e58d75b43f438e5"
Content-Type: image/jpeg
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 59793
x-amz-id-2: RZNo6DZB0jWbBQeWqmC+NVqjewX8jqpCnw9oiyF0hkyCJlqFjh0eGYZ7ZbF8+LqQtEgqdzhndD4=

GET
H/1.1 200
OK 20220818012538.png
s3-ap-southeast-1.amazonaws.com/loket-production-sg/images/payment_logo/ 9 KB
9 KB 892ms
311ms Image
image/png 52.219.40.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-1.amazonaws.com/loket-production-sg/images/payment_logo/20220818012538.png
Requested by: Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.40.238 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cb8e9fdb9a97ad0c3054e98bae6c5e2ce9c6d41ac6c59506e53b2c9c7b25ec7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 21 Oct 2022 21:53:41 GMT
Last-Modified: Thu, 18 Aug 2022 06:25:39 GMT
Server: AmazonS3
x-amz-request-id: NT033WS1DB90H8S7
ETag: "4768f9e08030b196aadfe0e2f788b115"
Content-Type: image/png
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 9055
x-amz-id-2: mf/doBYpavHqSc5m9RMjCjHMCoG/wpTR7ZJgi93PF+ITAfC0WTU2osj0m7NPC5klbh4Bhn9PzDI=

GET
H/1.1 200
OK 20220818012905.png
s3-ap-southeast-1.amazonaws.com/loket-production-sg/images/payment_logo/ 5 KB
6 KB 1106ms
311ms Image
image/png 52.219.40.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-1.amazonaws.com/loket-production-sg/images/payment_logo/20220818012905.png
Requested by: Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.40.238 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2b162e9bf382956a6fc33dd73286d6246ad60e3bafcf86d19b4ba79ee61215fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 21 Oct 2022 21:53:41 GMT
Last-Modified: Thu, 18 Aug 2022 06:29:06 GMT
Server: AmazonS3
x-amz-request-id: NT0FDNBJ50M3G7P1
ETag: "d62dbacad04ea99e86b58aaba7f05e7c"
Content-Type: image/png
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 5288
x-amz-id-2: 9OvobhLN7KIYya5YXRbDhS0R7jDt4WDQ0y3SI9ojCAJFItqYkofAVRW4JWLprsy8PF2y0xVhJt0=

GET
H2 200 ic_cancel.png
widget.loket.com/themes_1.0/img/ 333 B
856 B 816ms
814ms Image
image/png 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://widget.loket.com/themes_1.0/img/ic_cancel.png

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23f2b50dcb1f5c73539e14dacdbaeed8ebb71e4cd590530c76cda50308dba713

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:40 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
content-length: 333
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
server: cloudflare
etag: "634f85c0-14d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
accept-ranges: bytes
cf-ray: 75dd3a312d8068fd-FRA

GET
H2 200 loket.payw.js Show response
widget.loket.com/themes_1.0/js/ 3 KB
2 KB 747ms
747ms Script
application/javascript 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/js/loket.payw.js

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ea199f660857c2a30dfae1fec0d983c57ecbfdc6d2b0bdabcc8365dd49223a8

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:40 GMT
strict-transport-security: max-age=16000000; includeSubDomains; preload;
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
cf-polished: origSize=4760
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
cf-bgj: minify
server: cloudflare
etag: W/"634f85c0-1298"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a311d3668fd-FRA

GET
H2 200 email-decode.min.js Show response
widget.loket.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
836 B 51ms
51ms Script
application/javascript 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Oct 2022 15:26:52 GMT
server: cloudflare
etag: W/"634ec5bc-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 75dd3a311d5068fd-FRA
expires: Sun, 23 Oct 2022 21:53:40 GMT

GET
H2 200 pym.min.js Show response
widget.loket.com/themes_1.0/js/ 4 KB
2 KB 816ms
814ms Script
application/javascript 2606:4700:10::ac43:1e46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.loket.com/themes_1.0/js/pym.min.js

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e46 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6eeb7773a6afdbb912d8298db17056211a17f9afcc5da76dada88e57485200e

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:40 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: REVALIDATED
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;, default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' *.loket.com *.loket.id go-tix.id *.go-tix.id gojek.com *.gojek.com persib.co.id *.persib.co.id persibstore.id *.persibstore.id;
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin, strict-origin
last-modified: Wed, 19 Oct 2022 05:06:08 GMT
server: cloudflare
etag: W/"634f85c0-1023"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
feature-policy: midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;, midi none;notifications none;push none;magnetometer none;gyroscope none;speaker self;vibrate none;
cf-ray: 75dd3a311d5d68fd-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ 396 KB
158 KB 180ms
83ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://widget.loket.com/
Origin: https://widget.loket.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 19:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161341
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 19:34:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 245 KB
78 KB 163ms
59ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NWLK6VF&gtm_auth=9HZTP1RzdB4PfL9eSgO5xA&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e43761d30f8864831c1f110ecd71e2eb55acb22cae701ab55ce9eba6c51a4fcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79454
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
27 KB 400ms
80ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Oct 2022 21:53:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27027
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: LLcxA4IBYWbJKjIQ78zD/lgjzVsgk6N33eYPPFnOfOs1eFCWB7/kfYJ8bnw7WKm9T8t9rec52YNJkuF7W6OK2Q==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-61V91N7CV6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWLK6VF&gtm_auth=9HZTP1RzdB4PfL9eSgO5xA&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f7311bce9c3acb46e81f295bf5c056fd784cea13b77d738ac38679d37aa518e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:53:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 Oct 2022 21:53:40 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
347 B 142ms
49ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-61V91N7CV6&gtm=2oeaj0&_p=1441477247&_gaz=1&cid=36253771.1666389220&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666389220&sct=1&seg=0&dl=https%3A%2F%2Fwidget.loket.com%2Fwidget%2F3opbbalqnv3c5qvb%2F1666371600%3Fref%3DInfluencerAncol%26uid%3D236679&dt=Widget%20%E2%80%94%20DuFan&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-61V91N7CV6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Oct 2022 21:53:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://widget.loket.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
347 B 147ms
46ms Ping
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-61V91N7CV6&cid=36253771.1666389220&gtm=2oeaj0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-61V91N7CV6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Oct 2022 21:53:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://widget.loket.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 130ms
50ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-61V91N7CV6&cid=36253771.1666389220&gtm=2oeaj0&aip=1&z=1309496627

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Oct 2022 21:53:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 127ms
41ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1441477247&t=pageview&_s=1&dl=https%3A%2F%2Fwidget.loket.com%2Fwidget%2F3opbbalqnv3c5qvb%2F1666371600%3Fref%3DInfluencerAncol%26uid%3D236679&ul=en-us&de=UTF-8&dt=Widget%20%E2%80%94%20DuFan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=2076787685&gjid=1985848468&cid=36253771.1666389220&tid=UA-38578959-4&_gid=1206122930.1666389220&_r=1&gtm=2wgaj0NWLK6VF&z=231386119

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://widget.loket.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Oct 2022 21:53:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://widget.loket.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 140ms
62ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-38578959-4&cid=36253771.1666389220&jid=2076787685&gjid=1985848468&_gid=1206122930.1666389220&_u=YADAAEAAAAAAACAAI~&z=1515476911

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://widget.loket.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 21 Oct 2022 21:53:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://widget.loket.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 108ms
40ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-38578959-4&cid=36253771.1666389220&jid=2076787685&_u=YADAAEAAAAAAACAAI~&z=110021973

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Oct 2022 21:53:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 106ms
38ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-38578959-4&cid=36253771.1666389220&jid=2076787685&_u=YADAAEAAAAAAACAAI~&z=110021973

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Oct 2022 21:53:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 452193075224918 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 124ms
93ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/452193075224918?v=2.9.87&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fa2c50dd2910409389787aebd02ec731722d9f9cd966fdba9953a363a422ff3a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Oct 2022 21:53:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: T9a7NDOm4hXuMfD913FQGEOjLDJHV9cMT6VDXdS5Kh5Vd0JLOmzfeOiNNuIg7MzEPStipXQMMUk3rc4AROb2FA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 20220815114026.jpg
s3-ap-southeast-1.amazonaws.com/loket-production-sg/images/tgroupbanner/ 8 KB
8 KB 384ms
326ms Image
image/jpeg 52.219.40.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-ap-southeast-1.amazonaws.com/loket-production-sg/images/tgroupbanner/20220815114026.jpg
Requested by: Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.40.238 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 05e3e8dc250fc8342c7048b7887317a1f02c4e2104140c3860aaa0754bbb4d68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 21 Oct 2022 21:53:42 GMT
Last-Modified: Mon, 15 Aug 2022 04:40:27 GMT
Server: AmazonS3
x-amz-request-id: 9E21R9FEEMFH2HY0
ETag: "8321e3d3b39a13caca643f90cfc413d0"
Content-Type: image/jpeg
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 8126
x-amz-id-2: VznEkMOTfiagTdPnFOFoTof6p6FkZ0IehuKRNLIJYh0F53imHk+LTmuA4nvjnalea/nVSwsUlLo=

GET
H3 200 129285724577628 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 162ms
161ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/129285724577628?v=2.9.87&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5d7fcc64c4f5222086e5aee695b60236ff952f39c377d5a485113892f5085310

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Oct 2022 21:53:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 1pZxo0JPUI6O0GoEP+HD3DUKl/B2Oni4GbmW/c++83J1CqvKNeHrM7U/V9DS26Mh08R220JRdnLuEJ6/Euq+cQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 137ms
72ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=452193075224918&ev=PageView&dl=https%3A%2F%2Fwidget.loket.com%2Fwidget%2F3opbbalqnv3c5qvb%2F1666371600%3Fref%3DInfluencerAncol%26uid%3D236679&rl=&if=false&ts=1666389221011&sw=1600&sh=1200&v=2.9.87&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1666389221009.274335212&it=1666389220802&coo=false&rqm=GET

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Oct 2022 21:53:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 53ms
24ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=129285724577628&ev=PageView&dl=https%3A%2F%2Fwidget.loket.com%2Fwidget%2F3opbbalqnv3c5qvb%2F1666371600%3Fref%3DInfluencerAncol%26uid%3D236679&rl=&if=false&ts=1666389221193&sw=1600&sh=1200&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666389221009.274335212&it=1666389220802&coo=false&rqm=GET

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Oct 2022 21:53:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 53ms
25ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=452193075224918&ev=ViewContent&dl=https%3A%2F%2Fwidget.loket.com%2Fwidget%2F3opbbalqnv3c5qvb%2F1666371600%3Fref%3DInfluencerAncol%26uid%3D236679&rl=&if=false&ts=1666389221195&sw=1600&sh=1200&v=2.9.87&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1666389221009.274335212&it=1666389220802&coo=false&rqm=GET

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Oct 2022 21:53:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 54ms
26ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=129285724577628&ev=ViewContent&dl=https%3A%2F%2Fwidget.loket.com%2Fwidget%2F3opbbalqnv3c5qvb%2F1666371600%3Fref%3DInfluencerAncol%26uid%3D236679&rl=&if=false&ts=1666389221195&sw=1600&sh=1200&v=2.9.87&r=stable&ec=1&o=30&fbp=fb.1.1666389221009.274335212&it=1666389220802&coo=false&rqm=GET

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Oct 2022 21:53:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 25ms
25ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=452193075224918&ev=Microdata&dl=https%3A%2F%2Fwidget.loket.com%2Fwidget%2F3opbbalqnv3c5qvb%2F1666371600%3Fref%3DInfluencerAncol%26uid%3D236679&rl=&if=false&ts=1666389221513&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5Ct%5CtWidget%20%E2%80%94%20DuFan%5Ct%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwidget.loket.com%2Fwidget%2F3opbbalqnv3c5qvb%22%2C%22og%3Atype%22%3A%22%22%2C%22og%3Atitle%22%3A%22DuFan%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fs3-ap-southeast-1.amazonaws.com%2Floket-production-sg%2Fimages%2Fbanner%2F20220815113818.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.87&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1666389221009.274335212&it=1666389220802&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Oct 2022 21:53:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 26ms
25ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=129285724577628&ev=Microdata&dl=https%3A%2F%2Fwidget.loket.com%2Fwidget%2F3opbbalqnv3c5qvb%2F1666371600%3Fref%3DInfluencerAncol%26uid%3D236679&rl=&if=false&ts=1666389221695&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5Ct%5CtWidget%20%E2%80%94%20DuFan%5Ct%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwidget.loket.com%2Fwidget%2F3opbbalqnv3c5qvb%22%2C%22og%3Atype%22%3A%22%22%2C%22og%3Atitle%22%3A%22DuFan%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fs3-ap-southeast-1.amazonaws.com%2Floket-production-sg%2Fimages%2Fbanner%2F20220815113818.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.87&r=stable&ec=2&o=30&fbp=fb.1.1666389221009.274335212&it=1666389220802&coo=false&es=automatic&tm=3&exp=c0&rqm=GET

Requested by

Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Oct 2022 21:53:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 118ms
25ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: widget.loket.com
URL: https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600?ref=InfluencerAncol&uid=236679
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
via: 1.1 varnish
date: Fri, 21 Oct 2022 21:53:42 GMT
x-amz-request-id: C0PM5183JTHZWH2D
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: tUMDyL0WmISarV+7o1NgKgWBtYzXNe+0EnfQp9GNw/ovvN9d9fmllP8gGX8Hwu2wvGQYXP+laxM=
x-served-by: cache-hhn4057-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1666389222.084021,VS0,VE0
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6912

GET
H/1.1 200
OK 2c15469c42 Show response
bam.nr-data.net/1/ 49 B
621 B 337ms
279ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/2c15469c42?a=369204646&v=1216.487a282&to=YlRRYEUEXEAFAhYIX1secldDDF1dSzYLBVdQRRxDXgFVVhA%2BDghDQQ%3D%3D&rst=4678&ck=1&ref=https://widget.loket.com/widget/3opbbalqnv3c5qvb/1666371600&ap=25&be=1691&fe=4546&dc=3383&perf=%7B%22timing%22:%7B%22of%22:1666389217436,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:15,%22c%22:15,%22s%22:46,%22ce%22:86,%22rq%22:86,%22rp%22:1507,%22rpe%22:1686,%22dl%22:1510,%22di%22:3383,%22ds%22:3383,%22de%22:3396,%22dc%22:4546,%22l%22:4546,%22le%22:4547%7D,%22navigation%22:%7B%7D%7D&fp=2600&fcp=2600&at=ThNSFg0eT04%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.loket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 21 Oct 2022 21:53:42 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 75dd3a3ea999bbfe-FRA

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.loket.com/	1970-01-20 06:54:35	Name: loket_waiting_room Value: 1666389218787-952147892846-000309-000-006684
widget.loket.com/	1970-01-20 06:53:16	Name: loket Value: a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2274e51b86cbc7c715a1e5470aae806eb2%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A23%3A%222001%3A1b60%3A2%3A240%3A3247%3A%3A6%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A116%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F106.0.5249.119+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1666389218%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dfc4138ee557176b134ca6425563dc04da1606eea
.loket.com/	1970-01-20 16:29:09	Name: option_language Value: ind
.loket.com/	1970-01-20 06:53:38	Name: widget_code Value: 3opbbalqnv3c5qvb
.loket.com/	1970-01-20 06:53:38	Name: widget_hash_3opbbalqnv3c5qvb Value: de7a3eec-e5e5-4628-aba4-f4beaff7fae4
.loket.com/	1970-01-20 16:29:09	Name: uid_de7a3eec-e5e5-4628-aba4-f4beaff7fae4 Value: 236679
.loket.com/	1970-01-20 09:02:45	Name: _gcl_au Value: 1.1.5934487.1666389220
.loket.com/	1970-01-20 16:29:09	Name: _ga_61V91N7CV6 Value: GS1.1.1666389220.1.0.1666389220.60.0.0
.loket.com/	1970-01-20 16:29:09	Name: _ga Value: GA1.2.36253771.1666389220
.loket.com/	1970-01-20 06:54:35	Name: _gid Value: GA1.2.1206122930.1666389220
.loket.com/	1970-01-20 06:53:09	Name: _gat_UA-38578959-4 Value: 1
widget.loket.com/	1970-01-20 06:53:09	Name: __cfwaitingroom Value: ChgyZmdEZGFjY0hrZk5lZ0JxT0xuaG5RPT0SlAJuT0NzYXF3SEYxMnI5VW9xOVVQSnhDQzJTSC9yTmd1RVNVeVRHY1lYazJ0SHVwcVJRSVZuOTNVQ3hvMGRmakRya003ZlZVUDFORXJlem5zRGJQSk1tMmZsNWJTb0ZPWVZmUDlOZFdJbE0yTHdDUVhkWWFYUWdYN2M4dmROMnVEMXlvRkU4S0ZnUFpSVmY4eHpaY0tMTEhveWdKRzNFNGpNRnBoVzMwdkxXbFRlYktSaENDRXV6R2ZsYUEwZlVPcHZ6TGZ2Z0lyRy9VZnRNZXFHdHFUay84M1JIRmVVMjVMNENGdzhxY0o4UWRYT3hzUWZKNEl3NG1ya1JqNVhUSUt3UFdQdUM4QWVrSmwxYjlaUnN4TT0%3D
.loket.com/	1970-01-20 09:02:45	Name: _fbp Value: fb.1.1666389221009.274335212
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 7afda51974a8c32c

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized origin: 'none'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'notifications'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'push'.
security	warning	Message: Error with Feature-Policy header: Unrecognized origin: 'none'.
security	warning	Message: Error with Feature-Policy header: Unrecognized origin: 'none'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'vibrate'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' .loket.com .loket.id go-tix.id .go-tix.id gojek.com .gojek.com persib.co.id .persib.co.id persibstore.id .persibstore.id;
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdnjs.cloudflare.com
connect.facebook.net
js-agent.newrelic.com
region1.analytics.google.com
s3-ap-southeast-1.amazonaws.com
stats.g.doubleclick.net
widget.loket.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
151.101.130.137
162.247.241.14
2001:4860:4802:32::36
2606:4700:10::ac43:1e46
2606:4700::6811:180e
2a00:1450:4001:803::2003
2a00:1450:4001:810::2008
2a00:1450:4001:827::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c06::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.219.40.238
010318c38a18f265d3a3634ddcf7c7990ffdcf6c21220aecd4f94e2d7bea34be
025d147e080932ef2c87381448202100cc6a5d8aad452d370623c090f4ead4a7
05e3e8dc250fc8342c7048b7887317a1f02c4e2104140c3860aaa0754bbb4d68
07e1564dbb2dbe9d67c9cad4bdb506b8dae2ae57f90e63192990a5e3c57cb699
086b161aedd221e0a3fd1889023135b9223664f5cc6491c8649073618c6da37a
0e029759a88f9c0f7791577313ca5a76c37c03134517f95eda53599c06071506
0ea199f660857c2a30dfae1fec0d983c57ecbfdc6d2b0bdabcc8365dd49223a8
1c7d57058982492c46f3c2524e476e7a0350ff45621445bca04874d1684b730e
1d494fd4b14ec6f273c0ab1c444b6d6d5dbfe0f52e3fd04063104eb8242fcaf3
1f48c9307dfb8dc03b4905966c82db98a664010c83ea952a6d1e3aaadc00703b
23f2b50dcb1f5c73539e14dacdbaeed8ebb71e4cd590530c76cda50308dba713
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b162e9bf382956a6fc33dd73286d6246ad60e3bafcf86d19b4ba79ee61215fe
3387aa047b8071ef3d0940da9edfe38b7d681008803f592ff572d4ee6983bfb9
358bf2905f7b636a7ddb4d413007d0e9f560a7e852dd43f37b493a9c8dbf6b62
3e34d3d84b8e2c3526f19f45d44787fcabc9cf8b53c3cd6e3174fbb2c74b940b
4454b52b1c3f1316bb54501ded7343818d6a89b53ef8c1abb6b19112bf381374
4ac51aba48c2c13e20a7d9b5b654d6d81867080de1557554b3311e725ca8ecba
4f7311bce9c3acb46e81f295bf5c056fd784cea13b77d738ac38679d37aa518e
523a03b84dd288ed54ee0fc31f152a3ebdb63a0db7720550cd66e18550bd46cd
5d391a946cf0dbce22e7e67c36806073c8dee6d73ac518fd5d93153b04305402
5d7fcc64c4f5222086e5aee695b60236ff952f39c377d5a485113892f5085310
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
70487e25f998cc39aca069800c46e7e6d703513f8149147c0306705a46193e16
709a8d05227dfdc05b8dcee9b38b009c3d10e4f5555e64255f2d379b8ac8aa24
725318e42329406d9632d1da828abd3a4ae7c70de94f1e04cd9d4dc2b1ef9331
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
9c4aa64b699b9259c931181128810c74abd7d63c6965e34f6e337c47bd054a8c
a42bc2665485ce601662cc5273620f66a61b4a001b22b594d5acbb9cfe86bd45
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b52b34cf452e92654dd04036ab4a81c81e0b9a6958539752b050f0433f4b1ddd
b5f457960e942d944a48b5bc9f02019b0bf275fb189bb5563072d74516148172
bbbc998ed7b2a75e4b63f4b0d873098b558d6f8af2a22acc3098a39b0265b51e
cb8e9fdb9a97ad0c3054e98bae6c5e2ce9c6d41ac6c59506e53b2c9c7b25ec7d
d9b57456c017115ce7d5d2597659fd470770ead016bc20fc625ee8a988afdb80
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0ef803f8bb9cbe07f2407212c2422f87d48dbd08addb5bb994c5f485b2dcc6a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43761d30f8864831c1f110ecd71e2eb55acb22cae701ab55ce9eba6c51a4fcb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6eeb7773a6afdbb912d8298db17056211a17f9afcc5da76dada88e57485200e
f81d79fab97e936bcd663cac30ca6216820d56ac83a509f55a6eaa7b0bb98699
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
fa2c50dd2910409389787aebd02ec731722d9f9cd966fdba9953a363a422ff3a

widget.loket.com Open in urlscan Pro 2606:4700:10::ac43:1e46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

100 %HTTPS

79 %IPv6

13 Domains

14 Subdomains

14 IPs

4 Countries

870 kBTransfer

2543 kBSize

14 Cookies

1 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

widget.loket.com Open in urlscan Pro
2606:4700:10::ac43:1e46 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

79 %
IPv6

13
Domains

14
Subdomains

14
IPs

4
Countries

870 kB
Transfer

2543 kB
Size

14
Cookies

57 HTTP transactions
0 data transactions