updatenews.id Open in urlscan Pro
2606:4700:3031::ac43:a8c7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://updatenews.id/
Submission: On May 29 via automatic, source certstream-suspicious (May 29th 2022, 1:36:41 am UTC) — Scanned from DE

Summary HTTP 137 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 18 domains to perform 137 HTTP transactions. The main IP is 2606:4700:3031::ac43:a8c7, located in United States and belongs to CLOUDFLARENET, US. The main domain is updatenews.id.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 29th 2022. Valid for: a year.

This is the only time updatenews.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
39	2606:4700:303... 2606:4700:3031::ac43:a8c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	2800:3f0:4001... 2800:3f0:4001:826::2003	15169 (GOOGLE) (GOOGLE)
1	64.233.166.154 64.233.166.154	15169 (GOOGLE) (GOOGLE)
3 9	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3 5	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:6f::6	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
137	24

39 2606:4700:3031::ac43:a8c7 (United States)

ASN13335 (CLOUDFLARENET, US)

updatenews.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2800:3f0:4001:826::2003 (São Paulo, Brazil)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.166.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.236.247 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:6f::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5ednsk.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	updatenews.id updatenews.id	820 KB
36	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	444 KB
22	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 bid.g.doubleclick.net — Cisco Umbrella Rank: 473 cm.g.doubleclick.net — Cisco Umbrella Rank: 191 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 271	128 KB
17	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 886 r1---sn-4g5ednsk.c.2mdn.net — Cisco Umbrella Rank: 380907 s0.2mdn.net — Cisco Umbrella Rank: 242	155 KB
6	gstatic.com fonts.gstatic.com csi.gstatic.com	91 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 518 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 494	5 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42 imasdk.googleapis.com — Cisco Umbrella Rank: 381	127 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	3 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8526	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 564	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1735	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	84 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1375	297 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 306	459 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1376	351 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 936	463 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 768	645 B
137	18

	Domain	Requested by
39	updatenews.id	updatenews.id
19	pagead2.googlesyndication.com	updatenews.id pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
17	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
14	s0.2mdn.net	updatenews.id s0.2mdn.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com updatenews.id googleads.g.doubleclick.net
9	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net updatenews.id
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	fonts.googleapis.com	updatenews.id googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	updatenews.id
2	image6.pubmatic.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	r1---sn-4g5ednsk.c.2mdn.net	updatenews.id
2	csi.gstatic.com	imasdk.googleapis.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	ssum-sec.casalemedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
137	28

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-29` - `2023-05-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-05-17` - `2022-07-26`	2 months	crt.sh

This page contains 17 frames:

Primary Page: https://updatenews.id/
Frame ID: 3D032FF5D7ED8B204D50465F40522474
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/zrt_lookup.html
Frame ID: 354600198C5ABD34AD3A05E23380C7FA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3972249001339247&output=html&adk=1812271804&adf=3025194257&lmt=1653788192&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fupdatenews.id%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653788192365&bpp=3&bdt=2087&idt=97&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6890659654981&frm=20&pv=2&ga_vid=783390416.1653788192&ga_sid=1653788192&ga_hid=922045170&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761043%2C31067749%2C44763950&oid=2&pvsid=784991219963846&pem=894&tmod=1117710739&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=118
Frame ID: 9571CB400DC34218787FEA4DD6F185DC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3972249001339247&output=html&h=250&adk=17116639&adf=2478591300&pi=t.aa~a.764659304~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1653788192&rafmt=1&to=qs&pwprc=8692580054&psa=0&format=324x250&url=https%3A%2F%2Fupdatenews.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653788192900&bpp=3&bdt=2622&idt=3&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8573e1105ce60ecf-222f15aea1cd00a2%3AT%3D1653788192%3ART%3D1653788192%3AS%3DALNI_MbWcq1Gv02wPm-eDfn6Kz2UMSiMgA&prev_fmts=0x0&nras=2&correlator=6890659654981&frm=20&pv=1&ga_vid=783390416.1653788192&ga_sid=1653788192&ga_hid=922045170&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761043%2C31067749%2C44763950&oid=2&pvsid=784991219963846&pem=894&tmod=1117710739&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jSN2ALv9nA&p=https%3A//updatenews.id&dtd=39
Frame ID: 00289FE347FD1C88C51169EE31F29BAD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1
Frame ID: 893A5F53B7B43234325A01E01819A31F
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1
Frame ID: E9A9BF16B3797E1C280D6860C972274F
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite_fy2019.js
Frame ID: A310D85CD0DDD7F2072B305426A49893
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6BBA4BB479531ED712F618B72149B80F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiRtNHKATAB&v=APEucNW_-d9ZaAj0-IVl9MvNewmu6OBzPN7Ovw7hlkqFnI7yeQTCJJQDCcugCGBiFBY892n8DPugMg1C3WYL5Lwsngku5o6m_bX2-Ipy2jwrejB0pK9TcEXb7rIS6m4--_dsmV2-kf3F4bFGtOh7hj6RSdQxL4Qr5YKg9UgfjySgejfNZZVhpWA
Frame ID: 3A9CBBD182C8A80DDD51816678B9C0A0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Beq5hhVsdq3pNUdTg4zHFJoGRX-ZOo52Yyq3du0zSdLeq1_pxPMFFg-qYJgVme0SvGnx_f7F3U2Bspfjm-Yq-rQyt6-ctpSS0m9UfviOG8J62qVL6XU5oTeqO3E5kWYmgUl0gknDpic1yH1Kjj1-xUjw-QQA&dbm_d=AKAmf-CceaGhBmGrex63OFDUcBqH31CRpLFkKc7w73DPKaoHL2oeSQSfpiKzFIaPT-zG3bDkFl7AUDdno1aaLtoSpcfdTCFDRYXfeLx1ZCPG9cCBTraxvVuY94we_uq-w__zvvyDghCaemVVpTddZxHM6EdV0G9RiPMeq1qxdQ8ZHPp3F5U_ucPNBJRmkfFsLGUQQGskWqvZlT_epr0-aV0W5IwsF7qpAbbNJTMCkHKmWbXmNVnZUFXG-QxfvdG8wXu2w-FycPZ1eDyQ6GxSsbvKPV9CeHvRSQSMyO73ORt4fKKxrBj-2SmpwfchdeR61VNQ9w1P10Jl3KUDHCXAEsiOuXcOkWzoFJIJoqdFuWm_5Po14GOns_pFgtflwiEYm_HDdQPE-dRSrJDxSBVP7S8ZRO5wCzs5eGpKqturqrZebnZLffPEjxCKlrujSQtsOXiDweBSPYEoRKGF8Z449GqWeecCrRWGsBk8XtaW2MNrKSwnGuVvyIn7jcYtN3Dsj9_wEkWrXDq-CIcNAe-06Da37olam92H6q8A-4bKXvnrwr8JPFDU3VB8caqjydn3LvJ8ta15qNeCuxNXCdib10iakVIso95RWAHzegnoItH22lVNsLNKH-sv3OnZGi8SCjZLq2PTxeNcXlGfMbxE5WenfAJhtycaeKbmtPxW7gp0SGjuA5xx7qfPc01MmmAutaz-tHrVQTcVZ_O_0jgf99yhAD8oYuO0SrLel5KEXrrK9H1TRnxqlBM0V4f9qW5IJmqbadf7aCwk_0UvoMqdirJMaqtYamjBCqymwtzOskrYvCMeYSMU-_0NVLAXS_AsNxR46Wm07FDVHU0vHZcVP-Q5D70tho7HZ3WZ0gAbymHBIAFIWaasVhYBM9Tgvpu51aU-pCtyyCXvSbMh9X2OxwlSwtO_PMpfNEd43x9nwxH9NsreM8dwkCtyvDpOmmY1fRaT_J8-Fw3lDWAfBtzDdey91tJKG_eFn2-T-FCq2OM0QdIcqKQuT1q1s5BzL8s_iyPMXwpQkF--mMyoj5YD_99sEYWQT0J7aL8EbLhet4Zkv1v5puFFPKc9_hWK1xdPZMpoGAWEnKIAB3VW79baAJ7i2MlCn3Qb2NWZzvFQ5qLl-2-JIcFiLufiNU90VMCqKaBkMo0657hRyWbGi4U-tXHEbMD3aGL0xjdqITqRwGN3l4b9U_d-67N8sH-sOBe3VPgYuPFP0m9LZc7yl1PBMPS6nriA43AGRl8weva5YutgKekhL5GD23HGLAbkXFNVIAegZbpif8c2SRVkxZRQPNnjEqGzMVEo6JYlhq2R0F3TZ-WlBoNEPT229DGkWhn-Qmyuz-1NlzDiaE2J7mXlOSk3WEK0zoL_vYKXYQrUDt0FqC7Zk-vIjS6Ycv1K3RLsKrTVm1_u0kgzGOhiGiSjUqD2GgrlCdSj0StHczIVRALf1U5mLNq44Xo0Bd41AHqtvlOWGtNZ1d1JwpWipTbn_CDoxkD_lS-WrHOkZOKTV3syInXeFN7X9KIgUpTJMmdxtFNaORqw7K12lnRnwmmHJOVUp95T0hzdpTQg69wQLiG-TMnppaFhKE2xoLw0ODX3rda9bOtW8MnUFpmvKzZT730iZvC9WsloCalNitO334KPZV-7xKpxyTNcJfno5_w-h-iwdn_FvTLgeRKR5Mvi5MEOsTpbo-mftfcyIIqCF5yfCLPoWhJ04QOwa5pmQOgHYPs19GyFdBSwsRMPP2LvxOjd6wj6b_v2UwYjjgXPYt8aMPwNZE5z8mW5QnCdPeXxcbbrqMjKucoAq68EkpYk_0OC6uSPORZja5qiJ4zf-0wvUZtYrhETSfu2EvOd_mV0HWDgTzQ8uXQvdeDisgSvHw3YeDoM5MbJy_9iWz4kSfBct9HPsOEIbZN4tMrkbOtZwt9GBq_A1U77IzTcbLufhl97bIrwpwSHZWSAdMk8oWu3YbgDsLNFvlDcNyzHt9OXpYZKfzTJiFjqyCk6miQr9PfcC_om0U75opZTmWniLCJDY9-ldPrTJ-2ar9ASAc4A-J9lLhJI6ZVrDk1Kk51RX0w7708WV94WwLxd44vyZ4_xIV9HkMXa_tmnx4FaCoDjbEiwIomVwdICDyVpelEIewM_FftqKRvF8WbNdJKfbumdbA0uha7NFIcDMXAJUt9dH4LNNhzy2o2kAThObfcKE_aadzQrXuP1XNWQ5VlIQJL2bnRUwHtaMVWOe4RFgrRUkTniFS9bDFU3_c8K43488oxYb4VqKOXf9ClzQDYLmq1fimaTe40VEr3ujuf3iJQuRcp93-ZnjOVGLzsIdQOEoZxgc77H37ZbvsIhAuf4MawPq2H_rKwvWKVwj5vgpImT7J_uRjaExE9njfNdpGhtLna4AgEEJdBaMjCj_B-6HQr6gEakTaDeqhWVVYLuRECCuS788PB5ACzOG-HYChX4MtcpA902rL705iJPnfUmGDPye4pBIH6E6gtJpMweqDVuGZ1RUVY0gO5lsDtVJ0nsT_xW0mWhueeITT2WsDzrK2vPkjtd6-rEWL8YnN65uDhmrDGykHxX11ZN6cMaI49HU7R9Vt5SpnfPO6oOwVrGWtAHHnGQ8Njt_diJxXGLymJ5KH56l0kw79vlys7Jn_pKCEEvgqwCW3lZzm3XqoyjPmCWsjH2Ee98ELdAx4PHVnNxpq03KJhO09zgImrEUraz4GlNfdIA9Rq9_UvuNXH4hNahWV3QRpSJylAvUo6f-tSsJNotupJL4WNddE-b-NJ8xBQeT_MNuR6h6DdKhZclF39WfZ62Lr5hE7_U-4kNV1NmlBdDN5U2TXz-VkjNldGYeYDo8m182BoIalCha60u2J4R9a6z04GRoQlzU45paT6WIxZTKRXxZqYjCN46IsgIhxzdd-pQKDdMqkr9PmkW-8MuRJwpoZ_uLR_7vxnpCb8JlWSWmD3AzcbB16JG2uZ2vXaNLH_RQCIHUYCZ-BosVIKdxWyf5DXPjESOShNqqPv0IHXGrtSyAZQOMWSuP7diplsz2fNiAtuOBpwd9579hkzyTGNHrz3YGrfTGku86NJwZ70av5caT9_QFJ0bitm3FdK_amVyLs5B9HM-howf4YcSwUsHypYon5RkGc7t8AHhOh4xI6EFkMfMYIL3_SY6XFAIntOh0djQCnccYgVnuStQoCQ75OaKv0ZdAi4edJFMZSiW_NfouW0e1wJcOTsEMPAaBwTUf0mqUQ&cid=CAASJeRo_42PNAzHimZdWpNnDyoTdM4kupwYVqR2JBn_6LBmm6Q_AvI&rfl=2%2Chttps%253A%252F%252Fupdatenews.id%252F%240
Frame ID: 2F20F19E1107CD3A5B5E5D897612FB37
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js
Frame ID: A3B8F5BC2649E0E554BC0F3C057E435A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 56E77D6A32EC37B9C4C100B431C6AC53
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6C6394C961439EADECDCCBBA28F13A69
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D3559CB59A91D08F2AE5AA6418DDFFF8
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html
Frame ID: 9B3AD72B385DEC04ADDE1FDE7733E1E6
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 550400D121BEDCA49E3265F466200C69
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DEBDECE0BCD64D39E17F2626D2D0AB8B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - updatenews.id

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

137
Requests

93 %
HTTPS

63 %
IPv6

18
Domains

28
Subdomains

24
IPs

4
Countries

1854 kB
Transfer

5151 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5dcwSzrwphLmP47L1Mm30&google_cver=1

Request Chain 68

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpLOIQsj332V5ryRp3ZHTgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5dcwSzrwphLmP47L1Mm30&google_cver=1

Request Chain 69

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIlpXMhFwxyq23AN96JNScI&google_cver=1

Request Chain 70

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM1NzM0OTc2Nzg2OTE5NjAz

Request Chain 73

https://gcdn.2mdn.net/videoplayback/id/8ec0eab31682fee8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685324193/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/0BE9D24F1D2D38A4B5DAF69FF5F1A593172DBDC5.638FA6A17AF4B683CE2442B3B2E0C37D842FA93B/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5ednsk.c.2mdn.net/videoplayback/id/8ec0eab31682fee8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685324193/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6F2AE93B967ACF335068BFEA642F760AA6703F93.15C28C7690F2F0FCF30AB612A6189FD919DD6A5D/key/cms1/cms_redirect/yes/mh/fH/mip/2a02:6ea0:c71b:0:1012:c7fa:aa7d:641/mm/42/mn/sn-4g5ednsk/ms/onc/mt/1653787575/mv/u/mvi/1/pl/43/file/file.mp4

Request Chain 83

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKEPhEhFFqQmmUO4j5NU214g0SdRMMMuQbJSCM3WqByUluvnY-IsWXW8ndWiwJGi1yR971JlaMJWq5XooWZl5FQXgvxwHE&google_gid=CAESELwBrg2k0epifo5VKEmwp7E&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKEPhEhFFqQmmUO4j5NU214g0SdRMMMuQbJSCM3WqByUluvnY-IsWXW8ndWiwJGi1yR971JlaMJWq5XooWZl5FQXgvxwHE&google_gid=CAESELwBrg2k0epifo5VKEmwp7E&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjkwMTM2MzMwMDA3NzE3Mjg5NDY1NQ%3D%3D&google_push=AYg5qPKEPhEhFFqQmmUO4j5NU214g0SdRMMMuQbJSCM3WqByUluvnY-IsWXW8ndWiwJGi1yR971JlaMJWq5XooWZl5FQXgvxwHE

Request Chain 85

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHNHpP8i3d-3jF3lW0buZms&google_cver=1&google_push=AYg5qPLR7WkxvWF5--A4_FhgvupYW6a4SxfxfPIqq7ysiNfq3pARLpZvtbMqegBZFcAB4om84TKoPtc9wKPRp3bfBOj9av9r-N0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHNHpP8i3d-3jF3lW0buZms&google_cver=1&google_push=AYg5qPLR7WkxvWF5--A4_FhgvupYW6a4SxfxfPIqq7ysiNfq3pARLpZvtbMqegBZFcAB4om84TKoPtc9wKPRp3bfBOj9av9r-N0&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7dXGx3BbT825tWm3ypqnyw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLR7WkxvWF5--A4_FhgvupYW6a4SxfxfPIqq7ysiNfq3pARLpZvtbMqegBZFcAB4om84TKoPtc9wKPRp3bfBOj9av9r-N0

Request Chain 86

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO6RppAkyvzd4s9I6GTuC2Y&google_cver=1&google_push=AYg5qPIrK2reiZ6GUtphvBspCHtrp3RL0WX4mdXFl_aLsHsuXC6SErwMhWTxfh4Q07BKt7Z0xEaUNFs6mRGxqAfXL0-E6IfrBA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNRTVNHWkQtMVotSlBJVQ==&google_push=AYg5qPIrK2reiZ6GUtphvBspCHtrp3RL0WX4mdXFl_aLsHsuXC6SErwMhWTxfh4Q07BKt7Z0xEaUNFs6mRGxqAfXL0-E6IfrBA

Request Chain 87

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP1RcXOxRrCFdGKXP4taiBE&google_cver=1&google_push=AYg5qPIj5kY4zBhQ_qcMkBrpTRpt3t9jnUT-c_NzE6lQLXQBKUUvg76sgErgXN4gpYAXjmcEZd2fMBQmqns7kCJz6qWEpU58ag HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpLOIQsj332V5ryRp3ZHTgAABJIAAAAB&google_gid=CAESEP1RcXOxRrCFdGKXP4taiBE&google_push=AYg5qPIj5kY4zBhQ_qcMkBrpTRpt3t9jnUT-c_NzE6lQLXQBKUUvg76sgErgXN4gpYAXjmcEZd2fMBQmqns7kCJz6qWEpU58ag&google_cver=1

137 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
updatenews.id/ 162 KB
20 KB 3175ms
3093ms Document
text/html 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://updatenews.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.26

Resource Hash

b5842e48157b370f643aed9b5a1e9e453017650bb735519da5255fbdfb519280

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 712b7fc9eb9491e9-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sun, 29 May 2022 01:36:30 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://updatenews.id/wp-json/>; rel="https://api.w.org/" <https://updatenews.id/wp-json/wp/v2/pages/736>; rel="alternate"; type="application/json" <https://updatenews.id/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNqhM4mctvwKDOTRo%2BtfgFFWoOPPzYU9Zt6shnxTqXDPymXSBRJDwwyqQumyHsn6MEkjpP%2FsqVv6WU0XYcqURnarHmPbHjgLEA5gYgvhz7qryoyz0oAhRfln4olSIhDkMAibt0XI%2F5wWMNc0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.26
x-turbo-charged-by: LiteSpeed

GET
H2 200 style.min.css
updatenews.id/wp-includes/css/dist/block-library/ 87 KB
12 KB 1798ms
1796ms Stylesheet
text/css 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://updatenews.id/wp-includes/css/dist/block-library/style.min.css?ver=6.0

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:32 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 26 May 2022 13:23:20 GMT
server: cloudflare
etag: W/"15b26-628f7f48-285b0159930b689e;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEAQWhVjty%2BimxdQ1LHdIqOJE9rWhdtPOuxqUAhrV4ycA1QqbhIOhPtWrFvRyPbZWYJ0is3kUn5POhDMJQcivlbNOz5MUuNh2m34AhryXjey70LrDV%2BAEsr4I46DcvU46kUY3n9FccGAiG%2BZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 712b7fdd48cd91e9-FRA
expires: Sun, 05 Jun 2022 01:36:31 GMT

GET
H2 200 style.css
updatenews.id/wp-content/plugins/td-composer/td-multi-purpose/ 36 KB
5 KB 802ms
801ms Stylesheet
text/css 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://updatenews.id/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=78be34af347704c29acc8080ee49e259

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d227e31ec93027f2b903fe5011b6ef0d67fd1fd8e0105843a2f56626e74f4322

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:31 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 17 Jul 2021 12:45:20 GMT
server: cloudflare
etag: W/"91a4-60f2d0e0-4ae440299c245a1b;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXH3uOAdyNNmxNxi1YmQ1d60PoZ1S4wkvexKwKVsPAK2piiY%2F5KmDkzOkPwSsS4WMXrwVSgT8ryk4hsPAeY%2BSEXm0dQz4JsriscS0XqZa7P3fb9Adc2v6cL7suswwNyC8gJXg25YZD9oae4E"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 712b7fdd48cf91e9-FRA
expires: Sun, 05 Jun 2022 01:36:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.4

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb0149a0344276400daf7612dd80aa1cb8496f0cf389399435eb4ef20872999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 29 May 2022 01:36:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 29 May 2022 01:36:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 May 2022 01:36:30 GMT

GET
H2 200 style.css
updatenews.id/wp-content/themes/Newspaper/ 145 KB
26 KB 1798ms
1797ms Stylesheet
text/css 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://updatenews.id/wp-content/themes/Newspaper/style.css?ver=10.4

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f9ce710d5a6b3d5561a358aa787adc26fb02aed068ab385dfce0beb1908d207

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:32 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 13:56:15 GMT
server: cloudflare
etag: W/"24313-60db267f-7cc77772465f53dc;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgqnYpshrDHNWBb4DXx%2BqpqNiDDN45jbU2qY8I8pdgANmkwR0iWBS2x2L8IVhn%2FuEXEYTe%2BqrdJzkWyQbLpivSKWrJfnVGy%2Fy1JRIM6sAEPNnd9RUeW1OzNEX1h%2FnahgkmSc8cSpIdwIwEIN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 712b7fdd48d091e9-FRA
expires: Sun, 05 Jun 2022 01:36:31 GMT

GET
H2 200 td_legacy_main.css
updatenews.id/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 158 KB
24 KB 1799ms
1798ms Stylesheet
text/css 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://updatenews.id/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=78be34af347704c29acc8080ee49e259

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb6845235e01e747416824c40ea0122d7df3e5fb96301ccebb8da8a0f55d64d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:32 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 17 Jul 2021 12:45:12 GMT
server: cloudflare
etag: W/"2766e-60f2d0d8-fefc333e96e98732;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wE53q70pfit%2B46pwWA%2BiORPGJ5nvJYtdUGurJcSKqRA%2FrB%2BWnZ8bfohZtPNpBRjyNXD1D%2Foj5iY6TkRvmraK%2BciFnyRw79kVoh%2FoNyvBQ3RXkWmh1xQ0%2BXrnXexaFoeRpImTarJCKBf3321M"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 712b7fdd48d291e9-FRA
expires: Sun, 05 Jun 2022 01:36:31 GMT

GET
H2 200 td_standard_pack_main.css
updatenews.id/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 715 KB
64 KB 1904ms
1903ms Stylesheet
text/css 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://updatenews.id/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=eccb2c408442ac58c2bcf4360ad09738

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:32 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 14:06:12 GMT
server: cloudflare
etag: W/"b2ccc-60db28d4-b91474a792c94199;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Udl3y9bIV0NxPBJIfn%2FWahcg41bALbIHEAn0HnwFsHTacRoXn8uSSY4uCi6C1OtyU7gux8JQqV%2BbGAZsX8x%2BXC0yNBFqwOIocavUI5ndIFJecy6Q1SZ1%2B9qK3umCxxY2PE%2FgC1dG3Ta%2BDyKm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 712b7fdd48d391e9-FRA
expires: Sun, 05 Jun 2022 01:36:31 GMT

GET
H2 200 jquery.min.js Show response
updatenews.id/wp-includes/js/jquery/ 87 KB
32 KB 1889ms
1889ms Script
application/x-javascript 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://updatenews.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:32 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 29 Oct 2021 07:06:55 GMT
server: cloudflare
etag: W/"15db1-617b9d8f-b4a0e84046d18877;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udrG8q1CyVWNqgNyiapJIxDcCLQEC6o2RMmCIMGvu9hmvzUPE0QY9xYgoOhH%2Bu9rgwJctp9NSeWzgYoeadhVUcm9PDfGcBfcDDDGmT8E5YgjDSyUTZrrmrlUaK5d%2F01hSGRv0bW88BVUKMZD"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 712b7fdd48d491e9-FRA
expires: Sun, 05 Jun 2022 01:36:31 GMT

GET
H2 200 jquery-migrate.min.js Show response
updatenews.id/wp-includes/js/jquery/ 11 KB
5 KB 1795ms
1795ms Script
application/x-javascript 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://updatenews.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:32 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 13:20:38 GMT
server: cloudflare
etag: W/"2bd8-60db1e26-9dcef312e7702e1d;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZrfmaQDL9HpL5993gH1rqGKrrTAAJBoTYsv9wVuVUvGjFOup4oG42JFRrrr%2FeF1uUSjh2qNsMSInpQj4cuBp%2B%2BsnT2HYNCi2RCbqEI1a92ZBIYLBWJlAsp9x6n1ppM5FQS%2BUDA0SG00sdHBk"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 712b7fdd48d791e9-FRA
expires: Sun, 05 Jun 2022 01:36:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
56 KB 63ms
27ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3972249001339247

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed70712ab60f7ed92a61e676ee4a51d04bf7da58e8b7189c808004f65e9582cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updatenews.id/
Origin: https://updatenews.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56316
x-xss-protection: 0
server: cafe
etag: 11755142318748236097
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 29 May 2022 01:36:32 GMT

GET
H3 200 LOGO-NEW-UPDATENEWS.png
updatenews.id/wp-content/uploads/2021/06/ 12 KB
13 KB 1453ms
1452ms Image
image/png 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2021/06/LOGO-NEW-UPDATENEWS.png

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

498e1d80eec515e1bb577e802e149e044b924fc09abfa1b9ec3d96cde77bb377

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:33 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12638
last-modified: Wed, 30 Jun 2021 13:54:31 GMT
server: cloudflare
etag: "315e-60dc7797-2340a493480a1e7f;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTcugWem7ccYib%2FxMXePgsNrJt2rkdM0eDjMSXD%2BqHvtjzd0RLy2QETQDVaE88wLe09EaF2BtgG%2FtmEr%2FqI2563zQEKbCX293IxBdSiw2m2v8XDTscp2k1gKT2CxT3%2BNhOaYBdgvL70hJycA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b7fe96fbe9bb8-FRA
expires: Sun, 05 Jun 2022 01:36:33 GMT

GET
H3 200 wp-emoji-release.min.js Show response
updatenews.id/wp-includes/js/ 18 KB
5 KB 1461ms
1461ms Script
application/x-javascript 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://updatenews.id/wp-includes/js/wp-emoji-release.min.js?ver=6.0

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:33 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 26 May 2022 13:23:20 GMT
server: cloudflare
etag: W/"48b9-628f7f48-a961a953e4253be6;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvmNxmuqNDYyiIMU32iyHpfI9SjL3Jb7629DPz5MMWHB7LkHmCsr5lE4VO4Tf4Wvz%2FAE81EmLB22EkEIOVRxD1KoIqNKsEOgy3CueoQdqwVammWG4pdovedUego0AUE6H8bAxLGUwFi15M3t"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 712b7fe96fc19bb8-FRA
expires: Sun, 05 Jun 2022 01:36:33 GMT

GET
H3 200 sekolah-demostran.jpeg
updatenews.id/wp-content/uploads/2021/07/ 124 KB
124 KB 1630ms
1630ms Image
image/jpeg 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2021/07/sekolah-demostran.jpeg

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

002f42a9cdf6823589b7057ba956284185369609961a4c246c0988505fcf90c3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:33 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 126808
last-modified: Fri, 09 Jul 2021 06:08:10 GMT
server: cloudflare
etag: "1ef58-60e7e7ca-28671f1e37f32558;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cml47iTb1nOBryKJmbLV8QPnMC1l5Ll6T7N%2BQmVfehTOfHwUnQ6NppgsOhsitx2JZ8pWBsHuMAf0Y8jqUF4rTgSDFIqQjgKop6njYOmyXAIiNk1w2wG0nvFZjn2WEIZkYnoJZUq36JRZ1wi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b7fe96fc29bb8-FRA
expires: Sun, 05 Jun 2022 01:36:33 GMT

GET
H3 200 underscore.min.js Show response
updatenews.id/wp-includes/js/ 18 KB
8 KB 2902ms
2902ms Script
application/x-javascript 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://updatenews.id/wp-includes/js/underscore.min.js?ver=1.13.3

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:35 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 26 May 2022 13:23:20 GMT
server: cloudflare
etag: W/"49df-628f7f48-f6d52934608996d4;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2l4uC%2BzsRYvi6A5K21uGVYl5X0MSJn3%2FYgCxjwgtgpUDdr%2B7TpVpgOKGHma1ROCViPSkSLERVcVIBK%2BbEVzVXOxx%2F48YqbwN8LJ0Kp2kY2eiBhLuXs%2BTMK6wxmKuT7JSx5nIk6XrhEZZ%2BMQv"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 712b7fe92f5f9bb8-FRA
expires: Sun, 05 Jun 2022 01:36:34 GMT

GET
H3 200 js_posts_autoload.min.js Show response
updatenews.id/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
3 KB 1499ms
1498ms Script
application/x-javascript 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://updatenews.id/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=9cac60bff796053a9968481412a5897a

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dd95d9bfc689b8862a9dd8ae8166ca21df149fb24f3d0830423b66ae00d426e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:33 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 13:58:10 GMT
server: cloudflare
etag: W/"1428-60db26f2-d38bd7eef8a107f2;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PISTx6jip6LAavx0IUqFj1oT%2FNLetBrahoGC946FlbMWQnHU0vi4SvFQv0DjRA1gbBCMnCtTAsc0aK%2FXblcw3DFY4XSeyWG2qvmhQ0pHlP5BhAXiVMatGRH%2BBfFP2RC9ThPdDI9JpVZNeO9h"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 712b7fe93f789bb8-FRA
expires: Sun, 05 Jun 2022 01:36:33 GMT

GET
H3 200 tagdiv_theme.min.js Show response
updatenews.id/wp-content/plugins/td-composer/legacy/Newspaper/js/ 256 KB
60 KB 3046ms
3045ms Script
application/x-javascript 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://updatenews.id/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=10.4

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fbd125fd5fe62fb74b3392cb3b0f23c69697d0c314d3db386b126e00dec7fb0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:35 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 17 Jul 2021 12:45:12 GMT
server: cloudflare
etag: W/"401ab-60f2d0d8-7829c7683a2e612c;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IY9L2CpxI4lNqI2puxuLT7znCpaw29fhHqY6zA3BesgHNJAOqcNHRqDt2vkr3r55Yh06BwWipvlPL15FJ3APB4SudBb%2B5JiSHoPsrrgRXfbv6FEd4n%2FJelje1rY5fwzKjnt9a0bo8IdUFP22"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 712b7fe96fba9bb8-FRA
expires: Sun, 05 Jun 2022 01:36:34 GMT

GET
H3 200 comment-reply.min.js Show response
updatenews.id/wp-includes/js/ 3 KB
2 KB 1461ms
1460ms Script
application/x-javascript 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://updatenews.id/wp-includes/js/comment-reply.min.js?ver=6.0

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:33 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 26 May 2022 13:23:20 GMT
server: cloudflare
etag: W/"ba5-628f7f48-4677a7cd3b820aea;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWn4auKAOVZ7lEtfDgkudUjE%2F4DocufcG75AmNl3liFV82lgbV38EQDJnlj5tO1jLTEB%2B8JTNomciOIBhmGRzn5FUfZiJowhWiN7DNm2poF1JqyQGPS2qRBV7AgmTvyam%2FTOqmsye1%2Bec2JF"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 712b7fe96fbb9bb8-FRA
expires: Sun, 05 Jun 2022 01:36:33 GMT

GET
H3 200 js_files_for_front.min.js Show response
updatenews.id/wp-content/plugins/td-cloud-library/assets/js/ 34 KB
9 KB 2854ms
2853ms Script
application/x-javascript 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://updatenews.id/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=9cac60bff796053a9968481412a5897a

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4802468ac5765eaeaba478c94dcf0ed809eda836befde3519c337062df21711

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:35 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 13:58:10 GMT
server: cloudflare
etag: W/"87b7-60db26f2-1f247493af5c5a59;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPWl%2B5Xv9tng%2BlJ1%2B9SqyFRi8vYZ6uGwp1yx0ARy%2BqqfOu0MuvGxsF90OaBr78Q%2FRxmW7kWhWVkD9OpgHwVdgLH4gDhOnzy%2FlP7FYSxtt6twMkGEkNDXX2d1nGhqy7pwP2%2Be2%2FN0iycTkeMs"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 712b7fe96fbd9bb8-FRA
expires: Sun, 05 Jun 2022 01:36:34 GMT

GET
H3 200 newspaper.woff
updatenews.id/wp-content/themes/Newspaper/images/icons/ 24 KB
17 KB 1454ms
1454ms Font
application/font-woff 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://updatenews.id/wp-content/themes/Newspaper/images/icons/newspaper.woff?19

Requested by

Host: updatenews.id
URL: https://updatenews.id/wp-content/themes/Newspaper/style.css?ver=10.4

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://updatenews.id/wp-content/themes/Newspaper/style.css?ver=10.4
Origin: https://updatenews.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:33 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 13:56:15 GMT
server: cloudflare
etag: W/"6120-60db267f-8ab0f05c38b06fa9;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9H0tGJeH4v7QAOLtnd%2BPqWLkfBar18lMGoZFLqBTuKaVRZU1RUtrvojW31SufS7%2FXQZG4nxclfE7w59IN1Dh2tSf638VScGth3RLbaLJDovUGh%2BsWjAWkExfzv3uRZiVhxrIW%2F%2Fnks3pfyk"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 712b7fe97fca9bb8-FRA

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://updatenews.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 23 May 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 455317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 19:07:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 22ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://updatenews.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 406250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 08:45:42 GMT

GET
DATA 200
OK truncated
/ 111 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 23ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://updatenews.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 23 May 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 479994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 12:16:38 GMT

GET
DATA 200
OK truncated
/ 140 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed0e4b4604fb8e4f9098ee174009b27431bf69b82afe4ad2b907cb6fa03d9294

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 99 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20d5956cbfc7535eb22b3962b7abbb4c6ebe8de2ae72cabceae90179e0e84a24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://updatenews.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 23 May 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 477627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 12:56:05 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/ 310 KB
110 KB 54ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3972249001339247&plah=updatenews.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3972249001339247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4a3035309c1425085440990309c3457a8ca8c97884801b636b10f63c909073a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113097
x-xss-protection: 0
server: cafe
etag: 17012267419082062271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 29 May 2022 01:36:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/ Frame 3546 10 KB
5 KB 33ms
7ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3972249001339247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updatenews.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18748
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 20:24:04 GMT
etag: 1327746537699501093
expires: Sat, 11 Jun 2022 20:24:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 217 B
645 B 75ms
15ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=updatenews.id&callback=_gfp_s_&client=ca-pub-3972249001339247

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3972249001339247&plah=updatenews.id

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

8e4aaf7cfb9bbe2d4a8c7435e8b72a0031a9f0a8e8326e3bcf5aa2f984d3644a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 39ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=updatenews.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 May 2022 01:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 39ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=updatenews.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 May 2022 01:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9571 204 KB
54 KB 380ms
365ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3972249001339247&output=html&adk=1812271804&adf=3025194257&lmt=1653788192&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fupdatenews.id%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653788192365&bpp=3&bdt=2087&idt=97&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6890659654981&frm=20&pv=2&ga_vid=783390416.1653788192&ga_sid=1653788192&ga_hid=922045170&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761043%2C31067749%2C44763950&oid=2&pvsid=784991219963846&pem=894&tmod=1117710739&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=118

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c365b61b9c47f45fe218a2c1f4925570e48a22873d9b0a87f1bb34b69c28b3cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updatenews.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 55182
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 May 2022 01:36:32 GMT
expires: Sun, 29 May 2022 01:36:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/ 147 KB
52 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

435f85396dda9cbd4c88acc29816df315ec4dd59b687a9d8d6d918b3415273f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53681
x-xss-protection: 0
server: cafe
etag: 2947892636647201469
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 May 2022 01:36:32 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 33ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=updatenews.id

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 May 2022 01:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 34ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=updatenews.id

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 May 2022 01:36:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0028 21 KB
10 KB 299ms
299ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3972249001339247&output=html&h=250&adk=17116639&adf=2478591300&pi=t.aa~a.764659304~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1653788192&rafmt=1&to=qs&pwprc=8692580054&psa=0&format=324x250&url=https%3A%2F%2Fupdatenews.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653788192900&bpp=3&bdt=2622&idt=3&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8573e1105ce60ecf-222f15aea1cd00a2%3AT%3D1653788192%3ART%3D1653788192%3AS%3DALNI_MbWcq1Gv02wPm-eDfn6Kz2UMSiMgA&prev_fmts=0x0&nras=2&correlator=6890659654981&frm=20&pv=1&ga_vid=783390416.1653788192&ga_sid=1653788192&ga_hid=922045170&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761043%2C31067749%2C44763950&oid=2&pvsid=784991219963846&pem=894&tmod=1117710739&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jSN2ALv9nA&p=https%3A//updatenews.id&dtd=39

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2f09ae1f7edaaade15d62e403ef90fda92888330c38f93fdd9e9aa086d551bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updatenews.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 10298
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 May 2022 01:36:33 GMT
expires: Sun, 29 May 2022 01:36:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=updatenews.id

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 May 2022 01:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=updatenews.id

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 May 2022 01:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/ Frame 893A 10 KB
4 KB 23ms
22ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updatenews.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15664
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 21:15:29 GMT
etag: 1327746537699501093
expires: Sat, 11 Jun 2022 21:15:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/ Frame E9A9 10 KB
4 KB 18ms
17ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updatenews.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15664
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 21:15:29 GMT
etag: 1327746537699501093
expires: Sat, 11 Jun 2022 21:15:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 893A 4 KB
633 B 33ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 28 May 2022 23:37:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 29 May 2022 01:36:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 May 2022 01:36:33 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/ Frame 893A 19 KB
9 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:31:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 1405619832300133377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 01:31:54 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E9A9 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKer7IM6SYt_xIdft3wO6gI3ABIO3q4dqrIObsI4Q2Mfdrp0wEAEg4NarP2CVAqABy8K7jwPIAQKpAhOQBwxQArI-qAMByAPJBKoEyAFP0Kx5cm595lZSj3XAYd_nOf7z49WGq2f3pZRea3-kfIGyLNeCByBPtpkXKfd9nFHhF76Hf52LnxIAXnnd7jks6fgq-G4hCrLn_cXboAccQrSIcCg9Myx5-tqsqsd-VNOEUEl41K2SjsJuGtP7TnYXrTAf3ELeFXt-hLR5zyCXe0n1-VGFhxiBTQgww6BsjlyfNVJDRQO3sfSQjLvVWi7fSOM1232e0sezejeG0VXp_NI5hYEGFWn_l8r4DzLsJCqNvqnxCoaKYsAEsofRm_sDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB529xHCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDNxFbSCAkIgOGAEBABGB-ACgHICwHYEwLQFQGAFwGyFxwKGggAEhRwdWItMzk3MjI0OTAwMTMzOTI0NxgA&sigh=eDVWt5kbjyw&uach_m=[UACH]

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 29 May 2022 01:36:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 29 May 2022 01:36:33 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame E9A9 21 KB
9 KB 28ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4cb688258440ab067c4dd9f03f80b8bcc2eae563f3fa57f1266216a7f3d6814

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:31:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8674
x-xss-protection: 0
server: cafe
etag: 502080994137221277
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 01:31:00 GMT

GET
H2 200 16853999283049679942
tpc.googlesyndication.com/simgad/ Frame E9A9 25 KB
25 KB 35ms
17ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16853999283049679942?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnroJJIBCoSM8GFtpLSWzGCtB6CmQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bfd711bb7618b82a67c0363d7f878ee5aa0dc0be9e0709e4c2f70258834e51d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 20:39:47 GMT
x-content-type-options: nosniff
age: 363406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25618
x-xss-protection: 0
last-modified: Tue, 24 May 2022 15:13:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 24 May 2023 20:39:47 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame E9A9 3 KB
1 KB 32ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 01:34:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E9A9 136 KB
42 KB 54ms
31ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42680
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 May 2022 01:36:33 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame E9A9 17 KB
7 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 00:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 8365041023519634061
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 00:38:15 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame E9A9 32 KB
13 KB 33ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

170aba10d06d97475a89f9e6a41fd239eccdc9b66321b123a9579740ea9e2b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 22:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13007
x-xss-protection: 0
server: cafe
etag: 15107675193488962307
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Jun 2022 22:47:02 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame A310 21 KB
8 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4cb688258440ab067c4dd9f03f80b8bcc2eae563f3fa57f1266216a7f3d6814

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:31:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8674
x-xss-protection: 0
server: cafe
etag: 502080994137221277
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 01:31:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A310 8 KB
714 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b3f0a6d6a59d8015a0f304089d399067747d2618e48cce61474983bf0e76f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 29 May 2022 00:17:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 29 May 2022 01:36:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 May 2022 01:36:33 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/ Frame A310 14 KB
3 KB 35ms
7ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 13:23:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 25 May 2022 10:47:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 May 2023 13:23:36 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/ Frame A310 351 KB
121 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1fbf1df681e20b8e52867b4ec3504b6bf9c5a1c7af6fe38c80f67e2f693de4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 25 May 2022 13:23:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123888
x-xss-protection: 0
last-modified: Wed, 25 May 2022 10:47:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 May 2023 13:23:36 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame A310 17 KB
7 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 00:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 8365041023519634061
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 00:38:15 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6BBA 143 B
163 B 10ms
10ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3049
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 29 May 2022 00:45:44 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6BBA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

39ms
38ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 29 May 2022 01:36:33 GMT
expires: Sun, 29 May 2022 01:36:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 29 May 2022 01:36:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame A310 0
327 B 781ms
274ms Ping
image/gif 2800:3f0:4001:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l3qmsgr8&c=7252914034180&slotId=3626457017090&qqid=CN6BgY7Jg_gCFdf2dwodOkADSA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:826::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 01:36:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A310 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CaQjRIM6SYt7xIdft3wO6gI3ABMm6qotqpJCXyNIP8C4QASDg1qs_YJUCyAEFqAMByAObBKoE7wFP0EE-tMb6MshGGHoiIbF5d6cvtFqsd-J17o4TU-gELKqBzP4-q_EjhsYrZiUgaE1Nng6rnL4DAsb78MPs1ykOrW-mTY33R0UCGkaWd7UZX-NOn8QEYDLzPxxfPxSi1QCU58KMPGX-Tgncw14M3Hnc0SwKOOP3cFUIOQR0zMMRuximhYjEVzJLo1yTufkrHRMfBTHHJy4O3Jcw9maUne7zTjqogc8nNcfdAksdabR1pb31oEHqsyQzh_mAjptpg91Ere5a_FCDlJSRqf1iOfj5evGQJzoNOfSmtCHrhfH_19q_2To9BEPj8IHRwZ7axsAEmfW-soIE4AQDkAYBoAZ2gAfpvoXIAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYH4AKAcgLAeALAYAMAbATwKaaD8gT7NCd4APQEwDYEwqIFALYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1653788193242&ai=CaQjRIM6SYt7xIdft3wO6gI3ABMm6qotqpJCXyNIP8C4QASDg1qs_YJUCyAEFqAMByAObBKoE7wFP0EE-tMb6MshGGHoiIbF5d6cvtFqsd-J17o4TU-gELKqBzP4-q_EjhsYrZiUgaE1Nng6rnL4DAsb78MPs1ykOrW-mTY33R0UCGkaWd7UZX-NOn8QEYDLzPxxfPxSi1QCU58KMPGX-Tgncw14M3Hnc0SwKOOP3cFUIOQR0zMMRuximhYjEVzJLo1yTufkrHRMfBTHHJy4O3Jcw9maUne7zTjqogc8nNcfdAksdabR1pb31oEHqsyQzh_mAjptpg91Ere5a_FCDlJSRqf1iOfj5evGQJzoNOfSmtCHrhfH_19q_2To9BEPj8IHRwZ7axsAEmfW-soIE4AQDkAYBoAZ2gAfpvoXIAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYH4AKAcgLAeALAYAMAbATwKaaD8gT7NCd4APQEwDYEwqIFALYFAHQFQH4FgGAFwE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 01:36:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame A310 26 KB
15 KB 122ms
54ms XHR
text/xml 64.233.166.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CNC0JtUfuob4hhGEl3dGDGQj8i10U_tpAcjGoblWxdFyMY3R7RvWlHfDjDb1vMZzL2sG_0RQcy-LZgKhjeKwGsUUFiig&cry=1&dbm_d=AKAmf-CflxjfcbHj32oBRjhZSjjzKkOUlyvytgdg3RS9yBirJbiOL1jthVzClYdnRiZVNUIucCeTjuSFwwQ9RKihp2HPL3Md_-WcWoBURM0yEO3okhnmuzPb-9oe2d6CpyiC116OVODW_s6NnU3NqXgWKB5oIX5AtqmdryWuQMC-TUgq_JIGkdURcFe2JGDc9NfCwVCp5qt5jaV-ZSwqakBZTOTB9gkU7XVC57eCg6SnCgg_6SzGH47LaYBFv9TXRFFjtlYS8oItOELAxCdrIJXodscXHbg8u-NPWsR_Q64yvvLkQXjFekBTjdbFwLx4UOIVDksQphDC1bhmGtRGWCEPMvAIKyIUUnDlLxEaQs3EmUEW1UJQqF1Az39mMszjoTy0AB56fk0yvO3FhRn8J8D-oKLaBUsBJAWdvaqjTNL2qn_YLbdETCAaBEFWGqykwnzbD3nF1sQBlpfD6ycTjGqHihA1UZSyBFcrDouuoZ29iOUCXcAPqekVzsZ0rARfqHSuCpTwLngCgPVyHLiUP6dsNq8N23C3DbGs7rOtv-DgIyGMEVgcoyhVAOqSx-U06zue-Sq_m5jS2aBZzHJO9d2oQNLpbi4ITpXAyqF6AiJYGqPvH3ugrtjaFIE6ZRlTI0EwYBiYZzfehx2jXaM-w5TUUqPBaKhaQkLMOBQ3IRJFOo14BNXm5ZF2JZXz-fSmik1rM9Drsr28QRfmzcslUTBWmWPHKmO-scAct2_ElZ2IfDetyVgXF7V_fMnRw4lw2QW6DyTeJRHs1GKzvu9B42DIexkvdNOeGW-VsJCMaY0UsvD6Tde1qrDthnLsx1HQMfG9DKV2XQ-7k4o5AaKSl26rFv8qYHrzdeMts-Tcf307s6pIrjalu6dMYyt9tEqItMp9fWwWo8hpgNoEpWn0naJhvhEzn2754Kllq7-yQpU37CUhhchrOwvnQGfYbR1_Kf5s06QsPITPSgcPRZtds785oksFiJgaLPZu9aKWdNhmfuwVIHVwK7_TLgmdIBys5_QEVjdeU2PfrmeVkN2eh_93BZFcGTIjbo-yC0_A4qZLB4wDCULR9ng475Ho-kT-h1GZfTRc_E3HyrgYPqNttBvhcQHspnxrJBitZPZ06gIZZrU2vCCb71LA4y7rUXhsXqaSt7vzNxQ9S030FzafrjJvj6n6qhmQwHkIL2LQZghC4mgUMEszSIZJfepzfHpIUeoky7ZmMnFgMQ7T33zzEYo7ydEMZbZ5cHNn4bj9NdMknMiL0P15iovbCa42x6lHcX8aELvEslOn9aCx7PAagKAZ4bAFLDtq2h-qr-zWeNFiAHCFpel0C4sFdZe0vvwUnGDlbgN63IO5a4XHTDdbGBBh-ws83rlmS_eila-juKJ4kU8Wtx3Cai1tb76gMLB2eKfwJx3PyjUshBwwQP6Elk_oXIT_2xa2HjF1zLL8m9zRu3lP2zN9eDd-rjv8NSfiVGiwbsgiexBZasp0Y3rQ1cKixyv-2LGPf7ybdjbyy1WKaPvKqmAyV6mQl8_SGmOpP1NJOfc-079_Fw1N1unfmkY4yQO8VY3vikYPbU5mVXf5Tr-1_gi-BBmHU-HEIt1wWCspbHlx_LY5pA3zGwzltfDZcI-72vhL5-XC7Bgodz0P1njEgaUliClm5qPg1y03Lx-hU7JooBLTch8mOYHMNAngc6F4x-w0Fw3ANnjpRvBxSBJQWRJ0rC7g0fOjoodcvY6vRasoQDx4BkOogR8076VlruW_7ExgF6YXjZoLZFpjp-HBLyndUepm1i-ipg4evLmKu9FkukK4HzIt-oDIUC7TV2XagnZWudVhHYnmppkjP_LN7cXxB-XZhf_J0AdjHxIgqWzoPIN96Gsxa0rlAlssgxSvGpHALj3OG2mLyaEtL7KaVWR1YkQ2T2W-LBAwYsVPMrG50C52EEAEVSH696oiAC1BClyWH_tbCkFkMuvpLklMG1BrkjyvepF8UKDc4Kp04rkJIKnrwAR3jyfkLC8TLZ6Cdj7lhj8yhYfknHg87dCw_9sxm52fWNffZdscHsW_L20L4MDSqUzLYcLSMfVFJobo4ZLIitciSDgBGWGmR3yokrUlbPnzoQVzQpC6ZDNF5BhztxJHOYrUB-ZqlwOgfxgQgj3LslXYppMUnZUtF5vifdHu62TfU5m876kRl5IFYgobgaZpqIqAfHSn0HvhU4VocTBIACk1a1BIOYxf0TvF_ZUbWnMljJW0KgITUg0uyiDBojzTbvqoS3nfJIELHRkt5dtVtybTRSFZRxJjkVTMfgYGksxHEWMmkxPww8YvuF9KXv7Bf3oaoZVniDQxc_Y0uuauN5T-7ZEA2efOP6PC4Dpa3UPPqzhzpawq_mSfMV8Om5QGohhojOmFeqP6KoT6W37Qeiie-7ep3Qq5d9PpasI2cJCG14TqgDBmchEeabb91ktnIDoSUu_vPStvEHkaFx1HPR2ZT4YOsplqDneSQg-iFM8N2Ay_TBaTTjUF2Cl4elIQ-HMoAZZFMU3ZuQBSw9FEaAQEbYJ1Xb2hXWuMMEfmhl68bKQStQDjFCjEcS9bxO85NYasFqk5KDaWV5weCV8jzEKKv_heZOJ7cRqhH-0rPe0pPK930Y1mrzI0T2_5KHj-yY7c2CAxqwCXnGmzYlOzpT9_lbIhU9tI4ZZjR2IHr1cTkfMx-LJbnsaTOo4crc4TcDeL6k4kGrTYu7ak-eTuyIPRj5od6dBij8uUpEuwXq-iJmEeOI8zziw3Gub4QVrPnH2eITZtW7Z2SQ5y2x3XGuSY8IXR84ZsaHZhprR9cSxrBMBnuai53drsfPMgOgwrY2jefV-xnzJVIk9ud65pf37qsqthjVaJ-LIrT5ExoYe8_9A9IO3mr-R88dn1Cuq-kMClQhU2Vxcjt1W1-6vEXAn5zFN3HnZJXKHaNPXW-qovxb48nFkexlUgSQLbvMR_pL7m7G21v7nLU2qD1sA6j0Cu75Ve7T3ozWW7p-AkSs2YO5NtbEXRyc_BfUx_xv3fB01VbJ3luPCE8ws8dn7Yfh8nJ7EJ4n9lL9VodJBzs8Po7k7QfqJfLqc-gL4vqLErNykvGyNn3qWnRA9alOFCrLuS20877KXpPKPbxFc3NbSzZkCWCcV8Tz9waKZZNPTP3JimIPn30CFvRqKSFMU7rYD7gm2d3nmEZjTBNBVCeCXmxMsv4rLYt4FiFinbbBFqvaXXhps59vbrTrLwbfOKR1SADdyAIpFAMM0PupI89t20JYht5tERcHQchZvRh64fy90otFbjollj1AUfjeLC-r6XPPrVPO14MwwbflLbPg0Z7XDjpyHXBxkx70C61Au8dMakxnEgZl6FKfWTiT3k-2puwhaqsO2AeioxYM7_XpSTqob1HZxZWHzwl2OcU2ceeCmSj8dzeDXFMMkGq0cQ9ckHhAo3i1gc8hasA399xktePSFvB_ew1z07Lj8JFw4B_lkEfvXvUfLog_IP-yIkwVbDryL-8wHsbxmqHaNIqykoeNQgdC5LQHTBe7wdz2OIb-nJasVsO0p5zrzncuU1MkgF9_3VlfaegEXMvfdIElk5lEf1nSsANTm-b-KAcsxi&cid=CAASBORoXtk&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.166.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wm-in-f154.1e100.net

Software

cafe /

Resource Hash

8b655c4eb6749ddf38f33a9b1d9ce0f87d1651e2d82d26993355eb33b12cbe39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15057
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E9A9 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e36f857188532536bf21c385da51b350dc4c25e0787c9635812c93074142bb93

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3A9C 624 B
297 B 19ms
19ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiRtNHKATAB&v=APEucNW_-d9ZaAj0-IVl9MvNewmu6OBzPN7Ovw7hlkqFnI7yeQTCJJQDCcugCGBiFBY892n8DPugMg1C3WYL5Lwsngku5o6m_bX2-Ipy2jwrejB0pK9TcEXb7rIS6m4--_dsmV2-kf3F4bFGtOh7hj6RSdQxL4Qr5YKg9UgfjySgejfNZZVhpWA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3972249001339247&output=html&h=250&adk=17116639&adf=2478591300&pi=t.aa~a.764659304~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1653788192&rafmt=1&to=qs&pwprc=8692580054&psa=0&format=324x250&url=https%3A%2F%2Fupdatenews.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653788192900&bpp=3&bdt=2622&idt=3&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8573e1105ce60ecf-222f15aea1cd00a2%3AT%3D1653788192%3ART%3D1653788192%3AS%3DALNI_MbWcq1Gv02wPm-eDfn6Kz2UMSiMgA&prev_fmts=0x0&nras=2&correlator=6890659654981&frm=20&pv=1&ga_vid=783390416.1653788192&ga_sid=1653788192&ga_hid=922045170&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761043%2C31067749%2C44763950&oid=2&pvsid=784991219963846&pem=894&tmod=1117710739&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jSN2ALv9nA&p=https%3A//updatenews.id&dtd=39

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3972249001339247&output=html&h=250&adk=17116639&adf=2478591300&pi=t.aa~a.764659304~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1653788192&rafmt=1&to=qs&pwprc=8692580054&psa=0&format=324x250&url=https%3A%2F%2Fupdatenews.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653788192900&bpp=3&bdt=2622&idt=3&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8573e1105ce60ecf-222f15aea1cd00a2%3AT%3D1653788192%3ART%3D1653788192%3AS%3DALNI_MbWcq1Gv02wPm-eDfn6Kz2UMSiMgA&prev_fmts=0x0&nras=2&correlator=6890659654981&frm=20&pv=1&ga_vid=783390416.1653788192&ga_sid=1653788192&ga_hid=922045170&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761043%2C31067749%2C44763950&oid=2&pvsid=784991219963846&pem=894&tmod=1117710739&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jSN2ALv9nA&p=https%3A//updatenews.id&dtd=39
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 May 2022 01:36:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2F20 76 KB
32 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Beq5hhVsdq3pNUdTg4zHFJoGRX-ZOo52Yyq3du0zSdLeq1_pxPMFFg-qYJgVme0SvGnx_f7F3U2Bspfjm-Yq-rQyt6-ctpSS0m9UfviOG8J62qVL6XU5oTeqO3E5kWYmgUl0gknDpic1yH1Kjj1-xUjw-QQA&dbm_d=AKAmf-CceaGhBmGrex63OFDUcBqH31CRpLFkKc7w73DPKaoHL2oeSQSfpiKzFIaPT-zG3bDkFl7AUDdno1aaLtoSpcfdTCFDRYXfeLx1ZCPG9cCBTraxvVuY94we_uq-w__zvvyDghCaemVVpTddZxHM6EdV0G9RiPMeq1qxdQ8ZHPp3F5U_ucPNBJRmkfFsLGUQQGskWqvZlT_epr0-aV0W5IwsF7qpAbbNJTMCkHKmWbXmNVnZUFXG-QxfvdG8wXu2w-FycPZ1eDyQ6GxSsbvKPV9CeHvRSQSMyO73ORt4fKKxrBj-2SmpwfchdeR61VNQ9w1P10Jl3KUDHCXAEsiOuXcOkWzoFJIJoqdFuWm_5Po14GOns_pFgtflwiEYm_HDdQPE-dRSrJDxSBVP7S8ZRO5wCzs5eGpKqturqrZebnZLffPEjxCKlrujSQtsOXiDweBSPYEoRKGF8Z449GqWeecCrRWGsBk8XtaW2MNrKSwnGuVvyIn7jcYtN3Dsj9_wEkWrXDq-CIcNAe-06Da37olam92H6q8A-4bKXvnrwr8JPFDU3VB8caqjydn3LvJ8ta15qNeCuxNXCdib10iakVIso95RWAHzegnoItH22lVNsLNKH-sv3OnZGi8SCjZLq2PTxeNcXlGfMbxE5WenfAJhtycaeKbmtPxW7gp0SGjuA5xx7qfPc01MmmAutaz-tHrVQTcVZ_O_0jgf99yhAD8oYuO0SrLel5KEXrrK9H1TRnxqlBM0V4f9qW5IJmqbadf7aCwk_0UvoMqdirJMaqtYamjBCqymwtzOskrYvCMeYSMU-_0NVLAXS_AsNxR46Wm07FDVHU0vHZcVP-Q5D70tho7HZ3WZ0gAbymHBIAFIWaasVhYBM9Tgvpu51aU-pCtyyCXvSbMh9X2OxwlSwtO_PMpfNEd43x9nwxH9NsreM8dwkCtyvDpOmmY1fRaT_J8-Fw3lDWAfBtzDdey91tJKG_eFn2-T-FCq2OM0QdIcqKQuT1q1s5BzL8s_iyPMXwpQkF--mMyoj5YD_99sEYWQT0J7aL8EbLhet4Zkv1v5puFFPKc9_hWK1xdPZMpoGAWEnKIAB3VW79baAJ7i2MlCn3Qb2NWZzvFQ5qLl-2-JIcFiLufiNU90VMCqKaBkMo0657hRyWbGi4U-tXHEbMD3aGL0xjdqITqRwGN3l4b9U_d-67N8sH-sOBe3VPgYuPFP0m9LZc7yl1PBMPS6nriA43AGRl8weva5YutgKekhL5GD23HGLAbkXFNVIAegZbpif8c2SRVkxZRQPNnjEqGzMVEo6JYlhq2R0F3TZ-WlBoNEPT229DGkWhn-Qmyuz-1NlzDiaE2J7mXlOSk3WEK0zoL_vYKXYQrUDt0FqC7Zk-vIjS6Ycv1K3RLsKrTVm1_u0kgzGOhiGiSjUqD2GgrlCdSj0StHczIVRALf1U5mLNq44Xo0Bd41AHqtvlOWGtNZ1d1JwpWipTbn_CDoxkD_lS-WrHOkZOKTV3syInXeFN7X9KIgUpTJMmdxtFNaORqw7K12lnRnwmmHJOVUp95T0hzdpTQg69wQLiG-TMnppaFhKE2xoLw0ODX3rda9bOtW8MnUFpmvKzZT730iZvC9WsloCalNitO334KPZV-7xKpxyTNcJfno5_w-h-iwdn_FvTLgeRKR5Mvi5MEOsTpbo-mftfcyIIqCF5yfCLPoWhJ04QOwa5pmQOgHYPs19GyFdBSwsRMPP2LvxOjd6wj6b_v2UwYjjgXPYt8aMPwNZE5z8mW5QnCdPeXxcbbrqMjKucoAq68EkpYk_0OC6uSPORZja5qiJ4zf-0wvUZtYrhETSfu2EvOd_mV0HWDgTzQ8uXQvdeDisgSvHw3YeDoM5MbJy_9iWz4kSfBct9HPsOEIbZN4tMrkbOtZwt9GBq_A1U77IzTcbLufhl97bIrwpwSHZWSAdMk8oWu3YbgDsLNFvlDcNyzHt9OXpYZKfzTJiFjqyCk6miQr9PfcC_om0U75opZTmWniLCJDY9-ldPrTJ-2ar9ASAc4A-J9lLhJI6ZVrDk1Kk51RX0w7708WV94WwLxd44vyZ4_xIV9HkMXa_tmnx4FaCoDjbEiwIomVwdICDyVpelEIewM_FftqKRvF8WbNdJKfbumdbA0uha7NFIcDMXAJUt9dH4LNNhzy2o2kAThObfcKE_aadzQrXuP1XNWQ5VlIQJL2bnRUwHtaMVWOe4RFgrRUkTniFS9bDFU3_c8K43488oxYb4VqKOXf9ClzQDYLmq1fimaTe40VEr3ujuf3iJQuRcp93-ZnjOVGLzsIdQOEoZxgc77H37ZbvsIhAuf4MawPq2H_rKwvWKVwj5vgpImT7J_uRjaExE9njfNdpGhtLna4AgEEJdBaMjCj_B-6HQr6gEakTaDeqhWVVYLuRECCuS788PB5ACzOG-HYChX4MtcpA902rL705iJPnfUmGDPye4pBIH6E6gtJpMweqDVuGZ1RUVY0gO5lsDtVJ0nsT_xW0mWhueeITT2WsDzrK2vPkjtd6-rEWL8YnN65uDhmrDGykHxX11ZN6cMaI49HU7R9Vt5SpnfPO6oOwVrGWtAHHnGQ8Njt_diJxXGLymJ5KH56l0kw79vlys7Jn_pKCEEvgqwCW3lZzm3XqoyjPmCWsjH2Ee98ELdAx4PHVnNxpq03KJhO09zgImrEUraz4GlNfdIA9Rq9_UvuNXH4hNahWV3QRpSJylAvUo6f-tSsJNotupJL4WNddE-b-NJ8xBQeT_MNuR6h6DdKhZclF39WfZ62Lr5hE7_U-4kNV1NmlBdDN5U2TXz-VkjNldGYeYDo8m182BoIalCha60u2J4R9a6z04GRoQlzU45paT6WIxZTKRXxZqYjCN46IsgIhxzdd-pQKDdMqkr9PmkW-8MuRJwpoZ_uLR_7vxnpCb8JlWSWmD3AzcbB16JG2uZ2vXaNLH_RQCIHUYCZ-BosVIKdxWyf5DXPjESOShNqqPv0IHXGrtSyAZQOMWSuP7diplsz2fNiAtuOBpwd9579hkzyTGNHrz3YGrfTGku86NJwZ70av5caT9_QFJ0bitm3FdK_amVyLs5B9HM-howf4YcSwUsHypYon5RkGc7t8AHhOh4xI6EFkMfMYIL3_SY6XFAIntOh0djQCnccYgVnuStQoCQ75OaKv0ZdAi4edJFMZSiW_NfouW0e1wJcOTsEMPAaBwTUf0mqUQ&cid=CAASJeRo_42PNAzHimZdWpNnDyoTdM4kupwYVqR2JBn_6LBmm6Q_AvI&rfl=2%2Chttps%253A%252F%252Fupdatenews.id%252F%240

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d28909d6a3c10ed79ad6f425cc0e8a5492c75706a6fbfa16d72b371a12d63353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3972249001339247&output=html&h=250&adk=17116639&adf=2478591300&pi=t.aa~a.764659304~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1653788192&rafmt=1&to=qs&pwprc=8692580054&psa=0&format=324x250&url=https%3A%2F%2Fupdatenews.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653788192900&bpp=3&bdt=2622&idt=3&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8573e1105ce60ecf-222f15aea1cd00a2%3AT%3D1653788192%3ART%3D1653788192%3AS%3DALNI_MbWcq1Gv02wPm-eDfn6Kz2UMSiMgA&prev_fmts=0x0&nras=2&correlator=6890659654981&frm=20&pv=1&ga_vid=783390416.1653788192&ga_sid=1653788192&ga_hid=922045170&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761043%2C31067749%2C44763950&oid=2&pvsid=784991219963846&pem=894&tmod=1117710739&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jSN2ALv9nA&p=https%3A//updatenews.id&dtd=39
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 01:36:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32971
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 2F20 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 01:34:49 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 2F20 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 00:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 8365041023519634061
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 00:38:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F20 136 KB
42 KB 40ms
24ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42680
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 May 2022 01:36:33 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F20 42 B
63 B 40ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cy9_2vc190sSgMVgx5OduCa0zGRmuLvcQLy5AJN_cEX4Aqhz2tuEv_fODYg9jeB9EvL_17nzhfiwTFNLRRYwI5nAJQaAZErhbDim7K-RSTitzHSGw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 01:36:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E9A9 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=loadimgad&it=bdt.2087,req.118,bpp.3,fb.678,e2e.949,fs.660,reqs.661,ress.678,rese.679&srt=19&e=&id=csi_pagead&gqid=IM6SYu-iIYiPgAf_xZygDQ&qqid=CN-BgY7Jg_gCFdf2dwodOkADSA&rt=ol.271

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 01:36:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3A9C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5dcwSzrwphLmP47L1Mm30&google_cver=1

43 B
1014 B

25ms
11ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5dcwSzrwphLmP47L1Mm30&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiRtNHKATAB&v=APEucNW_-d9ZaAj0-IVl9MvNewmu6OBzPN7Ovw7hlkqFnI7yeQTCJJQDCcugCGBiFBY892n8DPugMg1C3WYL5Lwsngku5o6m_bX2-Ipy2jwrejB0pK9TcEXb7rIS6m4--_dsmV2-kf3F4bFGtOh7hj6RSdQxL4Qr5YKg9UgfjySgejfNZZVhpWA
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 May 2022 01:36:33 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 29 May 2022 01:36:33 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 May 2022 01:36:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5dcwSzrwphLmP47L1Mm30&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3A9C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpLOIQsj332V5ryRp3ZHTgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5dcwSzrwphLmP47L1Mm30&google_cver=1

43 B
894 B

13ms
12ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5dcwSzrwphLmP47L1Mm30&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiRtNHKATAB&v=APEucNW_-d9ZaAj0-IVl9MvNewmu6OBzPN7Ovw7hlkqFnI7yeQTCJJQDCcugCGBiFBY892n8DPugMg1C3WYL5Lwsngku5o6m_bX2-Ipy2jwrejB0pK9TcEXb7rIS6m4--_dsmV2-kf3F4bFGtOh7hj6RSdQxL4Qr5YKg9UgfjySgejfNZZVhpWA
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 May 2022 01:36:33 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 29 May 2022 01:36:33 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 May 2022 01:36:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5dcwSzrwphLmP47L1Mm30&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3A9C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIlpXMhFwxyq23AN96JNScI&google_cver=1

43 B
1017 B

17ms
7ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIlpXMhFwxyq23AN96JNScI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiRtNHKATAB&v=APEucNW_-d9ZaAj0-IVl9MvNewmu6OBzPN7Ovw7hlkqFnI7yeQTCJJQDCcugCGBiFBY892n8DPugMg1C3WYL5Lwsngku5o6m_bX2-Ipy2jwrejB0pK9TcEXb7rIS6m4--_dsmV2-kf3F4bFGtOh7hj6RSdQxL4Qr5YKg9UgfjySgejfNZZVhpWA

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 May 2022 01:36:33 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 58f6e8c7-e45e-4d00-ba3a-219c070d01c2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 May 2022 01:36:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIlpXMhFwxyq23AN96JNScI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A9C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM1NzM0OTc2Nzg2OTE5NjAz

170 B
188 B

34ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM1NzM0OTc2Nzg2OTE5NjAz

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 01:36:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 29 May 2022 01:36:33 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3a4e88e3-9ba0-4aad-8e43-8552e32568b9
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM1NzM0OTc2Nzg2OTE5NjAz
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js Show response
pagead2.googlesyndication.com/bg/ Frame A3B8 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06557c9472869e4d37c14ca11d6960f5f5780a22b6e82aecf1d2e8edb41b0ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 13:15:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13861
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 May 2023 13:15:37 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame A310 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 23 May 2022 11:13:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 483776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 May 2023 11:13:37 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-4g5ednsk.c.2mdn.net/videoplayback/id/8ec0eab31682fee8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685324193/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame A310
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/8ec0eab31682fee8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685324193/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-4g5ednsk.c.2mdn.net/videoplayback/id/8ec0eab31682fee8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685324193/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

65ms
7ms

Fetch
video/mp4

2a00:1450:4001:6f::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5ednsk.c.2mdn.net/videoplayback/id/8ec0eab31682fee8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685324193/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6F2AE93B967ACF335068BFEA642F760AA6703F93.15C28C7690F2F0FCF30AB612A6189FD919DD6A5D/key/cms1/cms_redirect/yes/mh/fH/mip/2a02:6ea0:c71b:0:1012:c7fa:aa7d:641/mm/42/mn/sn-4g5ednsk/ms/onc/mt/1653787575/mv/u/mvi/1/pl/43/file/file.mp4

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

HTTP/1.1

Server

2a00:1450:4001:6f::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 29 May 2022 01:36:33 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 7187024
Last-Modified: Wed, 16 Feb 2022 00:43:22 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sun, 29 May 2022 01:36:33 GMT

Redirect headers

date: Sun, 29 May 2022 01:36:33 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r1---sn-4g5ednsk.c.2mdn.net/videoplayback/id/8ec0eab31682fee8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685324193/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6F2AE93B967ACF335068BFEA642F760AA6703F93.15C28C7690F2F0FCF30AB612A6189FD919DD6A5D/key/cms1/cms_redirect/yes/mh/fH/mip/2a02:6ea0:c71b:0:1012:c7fa:aa7d:641/mm/42/mn/sn-4g5ednsk/ms/onc/mt/1653787575/mv/u/mvi/1/pl/43/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 2F20 106 KB
38 KB 54ms
18ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 13:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43098
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 May 2022 13:38:15 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/ Frame 2F20 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Beq5hhVsdq3pNUdTg4zHFJoGRX-ZOo52Yyq3du0zSdLeq1_pxPMFFg-qYJgVme0SvGnx_f7F3U2Bspfjm-Yq-rQyt6-ctpSS0m9UfviOG8J62qVL6XU5oTeqO3E5kWYmgUl0gknDpic1yH1Kjj1-xUjw-QQA&dbm_d=AKAmf-CceaGhBmGrex63OFDUcBqH31CRpLFkKc7w73DPKaoHL2oeSQSfpiKzFIaPT-zG3bDkFl7AUDdno1aaLtoSpcfdTCFDRYXfeLx1ZCPG9cCBTraxvVuY94we_uq-w__zvvyDghCaemVVpTddZxHM6EdV0G9RiPMeq1qxdQ8ZHPp3F5U_ucPNBJRmkfFsLGUQQGskWqvZlT_epr0-aV0W5IwsF7qpAbbNJTMCkHKmWbXmNVnZUFXG-QxfvdG8wXu2w-FycPZ1eDyQ6GxSsbvKPV9CeHvRSQSMyO73ORt4fKKxrBj-2SmpwfchdeR61VNQ9w1P10Jl3KUDHCXAEsiOuXcOkWzoFJIJoqdFuWm_5Po14GOns_pFgtflwiEYm_HDdQPE-dRSrJDxSBVP7S8ZRO5wCzs5eGpKqturqrZebnZLffPEjxCKlrujSQtsOXiDweBSPYEoRKGF8Z449GqWeecCrRWGsBk8XtaW2MNrKSwnGuVvyIn7jcYtN3Dsj9_wEkWrXDq-CIcNAe-06Da37olam92H6q8A-4bKXvnrwr8JPFDU3VB8caqjydn3LvJ8ta15qNeCuxNXCdib10iakVIso95RWAHzegnoItH22lVNsLNKH-sv3OnZGi8SCjZLq2PTxeNcXlGfMbxE5WenfAJhtycaeKbmtPxW7gp0SGjuA5xx7qfPc01MmmAutaz-tHrVQTcVZ_O_0jgf99yhAD8oYuO0SrLel5KEXrrK9H1TRnxqlBM0V4f9qW5IJmqbadf7aCwk_0UvoMqdirJMaqtYamjBCqymwtzOskrYvCMeYSMU-_0NVLAXS_AsNxR46Wm07FDVHU0vHZcVP-Q5D70tho7HZ3WZ0gAbymHBIAFIWaasVhYBM9Tgvpu51aU-pCtyyCXvSbMh9X2OxwlSwtO_PMpfNEd43x9nwxH9NsreM8dwkCtyvDpOmmY1fRaT_J8-Fw3lDWAfBtzDdey91tJKG_eFn2-T-FCq2OM0QdIcqKQuT1q1s5BzL8s_iyPMXwpQkF--mMyoj5YD_99sEYWQT0J7aL8EbLhet4Zkv1v5puFFPKc9_hWK1xdPZMpoGAWEnKIAB3VW79baAJ7i2MlCn3Qb2NWZzvFQ5qLl-2-JIcFiLufiNU90VMCqKaBkMo0657hRyWbGi4U-tXHEbMD3aGL0xjdqITqRwGN3l4b9U_d-67N8sH-sOBe3VPgYuPFP0m9LZc7yl1PBMPS6nriA43AGRl8weva5YutgKekhL5GD23HGLAbkXFNVIAegZbpif8c2SRVkxZRQPNnjEqGzMVEo6JYlhq2R0F3TZ-WlBoNEPT229DGkWhn-Qmyuz-1NlzDiaE2J7mXlOSk3WEK0zoL_vYKXYQrUDt0FqC7Zk-vIjS6Ycv1K3RLsKrTVm1_u0kgzGOhiGiSjUqD2GgrlCdSj0StHczIVRALf1U5mLNq44Xo0Bd41AHqtvlOWGtNZ1d1JwpWipTbn_CDoxkD_lS-WrHOkZOKTV3syInXeFN7X9KIgUpTJMmdxtFNaORqw7K12lnRnwmmHJOVUp95T0hzdpTQg69wQLiG-TMnppaFhKE2xoLw0ODX3rda9bOtW8MnUFpmvKzZT730iZvC9WsloCalNitO334KPZV-7xKpxyTNcJfno5_w-h-iwdn_FvTLgeRKR5Mvi5MEOsTpbo-mftfcyIIqCF5yfCLPoWhJ04QOwa5pmQOgHYPs19GyFdBSwsRMPP2LvxOjd6wj6b_v2UwYjjgXPYt8aMPwNZE5z8mW5QnCdPeXxcbbrqMjKucoAq68EkpYk_0OC6uSPORZja5qiJ4zf-0wvUZtYrhETSfu2EvOd_mV0HWDgTzQ8uXQvdeDisgSvHw3YeDoM5MbJy_9iWz4kSfBct9HPsOEIbZN4tMrkbOtZwt9GBq_A1U77IzTcbLufhl97bIrwpwSHZWSAdMk8oWu3YbgDsLNFvlDcNyzHt9OXpYZKfzTJiFjqyCk6miQr9PfcC_om0U75opZTmWniLCJDY9-ldPrTJ-2ar9ASAc4A-J9lLhJI6ZVrDk1Kk51RX0w7708WV94WwLxd44vyZ4_xIV9HkMXa_tmnx4FaCoDjbEiwIomVwdICDyVpelEIewM_FftqKRvF8WbNdJKfbumdbA0uha7NFIcDMXAJUt9dH4LNNhzy2o2kAThObfcKE_aadzQrXuP1XNWQ5VlIQJL2bnRUwHtaMVWOe4RFgrRUkTniFS9bDFU3_c8K43488oxYb4VqKOXf9ClzQDYLmq1fimaTe40VEr3ujuf3iJQuRcp93-ZnjOVGLzsIdQOEoZxgc77H37ZbvsIhAuf4MawPq2H_rKwvWKVwj5vgpImT7J_uRjaExE9njfNdpGhtLna4AgEEJdBaMjCj_B-6HQr6gEakTaDeqhWVVYLuRECCuS788PB5ACzOG-HYChX4MtcpA902rL705iJPnfUmGDPye4pBIH6E6gtJpMweqDVuGZ1RUVY0gO5lsDtVJ0nsT_xW0mWhueeITT2WsDzrK2vPkjtd6-rEWL8YnN65uDhmrDGykHxX11ZN6cMaI49HU7R9Vt5SpnfPO6oOwVrGWtAHHnGQ8Njt_diJxXGLymJ5KH56l0kw79vlys7Jn_pKCEEvgqwCW3lZzm3XqoyjPmCWsjH2Ee98ELdAx4PHVnNxpq03KJhO09zgImrEUraz4GlNfdIA9Rq9_UvuNXH4hNahWV3QRpSJylAvUo6f-tSsJNotupJL4WNddE-b-NJ8xBQeT_MNuR6h6DdKhZclF39WfZ62Lr5hE7_U-4kNV1NmlBdDN5U2TXz-VkjNldGYeYDo8m182BoIalCha60u2J4R9a6z04GRoQlzU45paT6WIxZTKRXxZqYjCN46IsgIhxzdd-pQKDdMqkr9PmkW-8MuRJwpoZ_uLR_7vxnpCb8JlWSWmD3AzcbB16JG2uZ2vXaNLH_RQCIHUYCZ-BosVIKdxWyf5DXPjESOShNqqPv0IHXGrtSyAZQOMWSuP7diplsz2fNiAtuOBpwd9579hkzyTGNHrz3YGrfTGku86NJwZ70av5caT9_QFJ0bitm3FdK_amVyLs5B9HM-howf4YcSwUsHypYon5RkGc7t8AHhOh4xI6EFkMfMYIL3_SY6XFAIntOh0djQCnccYgVnuStQoCQ75OaKv0ZdAi4edJFMZSiW_NfouW0e1wJcOTsEMPAaBwTUf0mqUQ&cid=CAASJeRo_42PNAzHimZdWpNnDyoTdM4kupwYVqR2JBn_6LBmm6Q_AvI&rfl=2%2Chttps%253A%252F%252Fupdatenews.id%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 00:46:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 00:46:24 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame 2F20 27 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10525
x-xss-protection: 0
server: cafe
etag: 5993959114622819781
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Jun 2022 01:36:12 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 56E7 23 KB
9 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 482100
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 11:41:33 GMT
expires: Tue, 23 May 2023 11:41:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2F20 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 11:48:01 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6C63 1 KB
749 B 8ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 13:26:12 GMT
etag: 48472445140208031
expires: Sun, 29 May 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2F20 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd8e6430e4107d22e59da2762096144446c5f1e47e3bedf5a7b4eb2d61b985d6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D355 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 395312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 May 2022 11:48:01 GMT
expires: Wed, 24 May 2023 11:48:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 6C63 35 B
463 B 34ms
9ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGMcbxQboNNJP9KcA6QSjAU&google_cver=1&google_push=AYg5qPIZKwtB2BHHGMD5g-NoMcpW-JdAOZuVTmAwqmYN_es1HFmuwerHVLDSvJgN9Gm-dW-37qnh7GMipj4gjG7xwltkkUvN_i4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 01:36:33 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C63
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKEPhEh...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKEPhEh...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjkwMTM2MzMwMDA3NzE3Mjg5NDY1NQ%3D%3D&google_push=AYg5qPKEPhEhFFqQmmUO4j5NU214g0SdRMMMuQbJSCM3WqByUluvnY-IsWXW8ndWiwJGi1...

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjkwMTM2MzMwMDA3NzE3Mjg5NDY1NQ%3D%3D&google_push=AYg5qPKEPhEhFFqQmmUO4j5NU214g0SdRMMMuQbJSCM3WqByUluvnY-IsWXW8ndWiwJGi1yR971JlaMJWq5XooWZl5FQXgvxwHE

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 01:36:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjkwMTM2MzMwMDA3NzE3Mjg5NDY1NQ%3D%3D&google_push=AYg5qPKEPhEhFFqQmmUO4j5NU214g0SdRMMMuQbJSCM3WqByUluvnY-IsWXW8ndWiwJGi1yR971JlaMJWq5XooWZl5FQXgvxwHE
pragma: no-cache
date: Sun, 29 May 2022 01:36:33 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sun, 29 May 2022 01:36:33 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 6C63 43 B
351 B 54ms
23ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEM_Q4C7HZk2A0j5eQRuv9DQ&google_cver=1&google_push=AYg5qPK4MjFORL-rbWypswdC1mcFwf6qgt2PqA9kznQUzEmHtNZRwIUQpwniAtnDmzBipAbTK9GAUtfi3RQrv3XwfR5zqNfYp80
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3972249001339247&output=html&h=250&adk=17116639&adf=2478591300&pi=t.aa~a.764659304~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1653788192&rafmt=1&to=qs&pwprc=8692580054&psa=0&format=324x250&url=https%3A%2F%2Fupdatenews.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653788192900&bpp=3&bdt=2622&idt=3&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8573e1105ce60ecf-222f15aea1cd00a2%3AT%3D1653788192%3ART%3D1653788192%3AS%3DALNI_MbWcq1Gv02wPm-eDfn6Kz2UMSiMgA&prev_fmts=0x0&nras=2&correlator=6890659654981&frm=20&pv=1&ga_vid=783390416.1653788192&ga_sid=1653788192&ga_hid=922045170&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761043%2C31067749%2C44763950&oid=2&pvsid=784991219963846&pem=894&tmod=1117710739&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jSN2ALv9nA&p=https%3A//updatenews.id&dtd=39
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 01:36:32 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: a3iotpv06dao6kkrqb5jcq8lugror4lg

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C63
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7dXGx3BbT825tWm3ypqnyw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7dXGx3BbT825tWm3ypqnyw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLR7WkxvWF5--A4_FhgvupYW6a4SxfxfPIqq7ysiNfq3pARLpZvtbMqegBZFcAB4om84TKoPtc9wKPRp3bfBOj9av9r-N0

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 01:36:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7dXGx3BbT825tWm3ypqnyw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLR7WkxvWF5--A4_FhgvupYW6a4SxfxfPIqq7ysiNfq3pARLpZvtbMqegBZFcAB4om84TKoPtc9wKPRp3bfBOj9av9r-N0
date: Sun, 29 May 2022 01:36:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C63
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO6RppAkyvzd4s9I6GTuC2Y&google_cver=1&google_push=AYg5qPIrK2reiZ6GUtphvBspCHtrp3RL0WX4mdXFl_aLsHsuXC6SErwMhWTxfh4Q07BKt7Z0xEa...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNRTVNHWkQtMVotSlBJVQ==&google_push=AYg5qPIrK2reiZ6GUtphvBspCHtrp3RL0WX4mdXFl_aLsHsuXC6SErwMhWTxfh4Q07BKt7Z0xEaUNFs6mRGxqAfXL0-E6IfrBA

170 B
188 B

17ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNRTVNHWkQtMVotSlBJVQ==&google_push=AYg5qPIrK2reiZ6GUtphvBspCHtrp3RL0WX4mdXFl_aLsHsuXC6SErwMhWTxfh4Q07BKt7Z0xEaUNFs6mRGxqAfXL0-E6IfrBA

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 01:36:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNRTVNHWkQtMVotSlBJVQ==&google_push=AYg5qPIrK2reiZ6GUtphvBspCHtrp3RL0WX4mdXFl_aLsHsuXC6SErwMhWTxfh4Q07BKt7Z0xEaUNFs6mRGxqAfXL0-E6IfrBA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C63
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP1RcXOxRrCFdGKXP4taiBE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpLOIQsj332V5ryRp3ZHTgAABJIAAAAB&google_gid=CAESEP1RcXOxRrCFdGKXP4taiBE&google_push=AYg5qPIj5kY4zBhQ_qcMkBrpTRpt3t9jnUT-c_NzE6lQLXQBKUU...

170 B
188 B

16ms
16ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpLOIQsj332V5ryRp3ZHTgAABJIAAAAB&google_gid=CAESEP1RcXOxRrCFdGKXP4taiBE&google_push=AYg5qPIj5kY4zBhQ_qcMkBrpTRpt3t9jnUT-c_NzE6lQLXQBKUUvg76sgErgXN4gpYAXjmcEZd2fMBQmqns7kCJz6qWEpU58ag&google_cver=1

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 01:36:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 29 May 2022 01:36:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpLOIQsj332V5ryRp3ZHTgAABJIAAAAB&google_gid=CAESEP1RcXOxRrCFdGKXP4taiBE&google_push=AYg5qPIj5kY4zBhQ_qcMkBrpTRpt3t9jnUT-c_NzE6lQLXQBKUUvg76sgErgXN4gpYAXjmcEZd2fMBQmqns7kCJz6qWEpU58ag&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 458
Expires: Sun, 29 May 2022 01:36:33 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 6C63 43 B
297 B 119ms
21ms Image
image/gif 2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEBPujaBKbrvOSiyNpsgUWss&google_cver=1&google_push=AYg5qPJ4ZugPqeKLjIGKQcJwLGCN8QiFJRGt64imV6iBKYfsiYXHFPJIJGH1heztrZoU8vXuxJ0T3ICy-81ARRZ0sPRMilX0f9w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3972249001339247&output=html&h=250&adk=17116639&adf=2478591300&pi=t.aa~a.764659304~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1653788192&rafmt=1&to=qs&pwprc=8692580054&psa=0&format=324x250&url=https%3A%2F%2Fupdatenews.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653788192900&bpp=3&bdt=2622&idt=3&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8573e1105ce60ecf-222f15aea1cd00a2%3AT%3D1653788192%3ART%3D1653788192%3AS%3DALNI_MbWcq1Gv02wPm-eDfn6Kz2UMSiMgA&prev_fmts=0x0&nras=2&correlator=6890659654981&frm=20&pv=1&ga_vid=783390416.1653788192&ga_sid=1653788192&ga_hid=922045170&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=2487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44763507%2C44761043%2C31067749%2C44763950&oid=2&pvsid=784991219963846&pem=894&tmod=1117710739&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jSN2ALv9nA&p=https%3A//updatenews.id&dtd=39
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 01:36:33 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6C63 0
12 B 15ms
14ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IH3qZPgK42jmHXiFMJOK6uEQ8BDuS-VKLyh-OHPNU8kFtHnnsXGsD_K2crqQ4cnBTZxlAi

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response
pagead2.googlesyndication.com/bg/ Frame 56E7 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 19:22:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13882
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 May 2023 19:22:11 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/ Frame 9B3A 10 KB
3 KB 23ms
7ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed47b446e91e5bab9de6c89dc828bc03b27ade7292591b93149e40ef8e91bdc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 37042
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 3211
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 15:19:11 GMT
expires: Sun, 29 May 2022 15:19:11 GMT
last-modified: Fri, 13 May 2022 13:39:31 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2F20 0
622 B 89ms
53ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSc0l33hY_p8ZujF2IFgHkwCf-g42z-a3X9eCiQsMaeR98TE_updrl6I4P77C_aJhj6qV_WlcAfjxvHIotN6E9fSCVs28kZaxopnHra62U9HNTHa1cgYCZb7kb6WoltQljAsde0lYQLpvP9EB-e3dpeGrvAMf43S-lK8qNAksRonbjxselhPaxpwqX2no8SZVV-C54Q-vzIIM-9nHHzUmdmvDocpYLYChr8vqTRqWyoEBg4gabgFPCh8O9nyrYigYN4cjDrI6WsK_xE8a0LCXqpC68GNe3wsmlX2r7W-RA3JfgJusWE1zSbJ2IxjFBuVoVEqsJIbl8kLgdvvh5Lc8PkD-TsKXFD7dYNUMU8-SjiWqclDL_TwoKCyBdtYWQ1hO1X_NVHFpwR5T7IGCmQO4-K-aHkLlko7cdHBIL2NoeFZRYoXs0BxdZIV1pBxNCPeI_LdyiyLLiFUiXUINWrrQ4GYf4cF72SLIjPmfTxpIDu4KIvuyCRqRmXjpel9WQ4Dcqd1UhVIBAvNYTlw98rKWxv2rUzRzta3XYoesJZJ_AB_CmIz_lsbmjxJKgRclktm08FiUcEKrzK1om6odIL70rfyG0c7SRU6x1Rbo0ue6eHPs1HffulnU6G6_DnAjeKM_YoJO6wCWBA08-H3Tiohk-eIY_W7EiBdxlF_hmYUr5-rE6COYdHkEQMM_DF7zSkck99c9cPSez7MhBHIfN1mA45HIhIRURadOjGm56OC3sGhJblA_GB1v7nx4FZ-g21fRTnrRBF-gKoJSk-z1JKG38sBSdrH8MnjqS-kAOaHjarnZZEu3MCso6IB3Bt103g6obUzDw3vh3X4V0aKFrYogznvokdSmA164NZN-AczObk-BTKUc6NOb_NrTKLpGgvRX-_0ACoXdejsWSD0kG7gB0EdW8fqLlDFdkM-rOH6cQ-R0La7hPzLsCATxadMRB8_N5-Jqvnu5226BNKx7X5QjM5pomb3n539OGYqk9vw3g-NfyI44-tHftE4Xxdj3w4Lj5ZHlA9RRHuCkI6yPIjmV_Ca-2Xy3ei2KYhq9UQXHJggsjDrEXst0jHiqMUMWz-534Z6h5lc0FpB484cmiAnGnwwn4p80mEfWoFyCOZWc1EhHN5FIoTCmQTLuoiFYclOIm1YENABxI54pnFCOIvoQ_02-TGsf4_MKXo_LQyvqxGT3YfbQCKB69oXK2BtWU4dVB8JPhg4ZXiTUC7Jsu&sai=AMfl-YR3Besyme_oGlHjNH97-RhPtBQkY8C0WwqYrqnmO4PX16d28RfahBU_2Ke8LywnWViQ7K2JxDPsJKvQRSkM4CpiCU8UffYADaJM2g-e9UEwNJ-AuYohLyP7S_UFOyJs5_FaalCtE1aINafd5ByvV7Vap1YCatRKQOc1QsoxgAKPageyNTYBjGHP9ezyahR9CVfWEuops3SRCBmGGhdVcGnS&sig=Cg0ArKJSzPbm1GgYqqMTEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=93&cbvp=1&cstd=90&cisv=r20220525.87361&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 29 May 2022 01:36:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js Show response
pagead2.googlesyndication.com/bg/ Frame D355 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06557c9472869e4d37c14ca11d6960f5f5780a22b6e82aecf1d2e8edb41b0ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 13:15:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13861
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 May 2023 13:15:37 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/ Frame 9B3A 41 KB
41 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa53d0b0ffeeda282e45361043ca8815dd8608055c87175c4a340e7ee37a6504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 15:19:07 GMT
x-content-type-options: nosniff
age: 37046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41645
x-xss-protection: 0
last-modified: Fri, 13 May 2022 13:39:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 May 2022 15:19:07 GMT

GET
H3 200 text1.png
s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/ Frame 9B3A 2 KB
2 KB 9ms
9ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/text1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0f4967fc7c16660db52c4d63d7d6aa858f6a2087700e53994a8162c7bf570ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 15:19:07 GMT
x-content-type-options: nosniff
age: 37046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1686
x-xss-protection: 0
last-modified: Fri, 13 May 2022 13:39:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 May 2022 15:19:07 GMT

GET
H3 200 text2.png
s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/ Frame 9B3A 2 KB
2 KB 10ms
8ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/text2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34eab3dfb8e7edc06708039a789d2e5044f19b35eec8b09a3518b107e3908aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 15:19:08 GMT
x-content-type-options: nosniff
age: 37045
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2498
x-xss-protection: 0
last-modified: Fri, 13 May 2022 13:39:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 May 2022 15:19:08 GMT

GET
H3 200 text3.png
s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/ Frame 9B3A 3 KB
3 KB 12ms
10ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/text3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8173abee27c37344ae6b12dbedb09cbaae9a0140fbbe38e1fa5358d74c52b644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 15:19:08 GMT
x-content-type-options: nosniff
age: 37045
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3015
x-xss-protection: 0
last-modified: Fri, 13 May 2022 13:39:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 May 2022 15:19:08 GMT

GET
H3 200 text4.png
s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/ Frame 9B3A 3 KB
3 KB 11ms
9ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/text4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16e23bf68ae2b6ca620499188342fe1a9adc3eb3d68e0ddb18e58e3eca94748b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 15:19:08 GMT
x-content-type-options: nosniff
age: 37045
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2959
x-xss-protection: 0
last-modified: Fri, 13 May 2022 13:39:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 May 2022 15:19:08 GMT

GET
H3 200 legal1.png
s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/ Frame 9B3A 19 KB
19 KB 15ms
14ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/legal1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e038b4e28fbd821825e505ea5c05e23086eb98d54b4785b75f8cda40c30fd8ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 15:23:23 GMT
x-content-type-options: nosniff
age: 36790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19674
x-xss-protection: 0
last-modified: Fri, 13 May 2022 13:39:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 May 2022 15:23:23 GMT

GET
H3 200 cta.png
s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/ Frame 9B3A 596 B
620 B 14ms
12ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee4e8100a691c4992a9a434e402379d53f1eca4ff489a83564c381ba9ad2e48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 15:19:08 GMT
x-content-type-options: nosniff
age: 37045
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 596
x-xss-protection: 0
last-modified: Fri, 13 May 2022 13:39:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 May 2022 15:19:08 GMT

GET
H3 200 logo.png
s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/ Frame 9B3A 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

168569b93fb309aa05252baa0279555a2c25a83eb52fc8d4370029bf9ea8c91d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 15:19:08 GMT
x-content-type-options: nosniff
age: 37045
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1984
x-xss-protection: 0
last-modified: Fri, 13 May 2022 13:39:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 May 2022 15:19:08 GMT

GET
H3 200 klimaneutral.png
s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/ Frame 9B3A 2 KB
2 KB 13ms
11ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/klimaneutral.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9666c1dc3f770c8c7153bd19d6a4bcc6d1a520fad9ece28c70d4edda2777baec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 15:19:08 GMT
x-content-type-options: nosniff
age: 37045
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2129
x-xss-protection: 0
last-modified: Fri, 13 May 2022 13:39:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 May 2022 15:19:08 GMT

GET
H3 200 logo2.png
s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/ Frame 9B3A 701 B
725 B 13ms
11ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/logo2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f265ae600594e6177fe026dd2279b45e556b84848a1f4d7c8fbebcdd815ce49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 15:19:08 GMT
x-content-type-options: nosniff
age: 37045
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 701
x-xss-protection: 0
last-modified: Fri, 13 May 2022 13:39:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 May 2022 15:19:08 GMT

GET
H3 200 stoerer.png
s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/ Frame 9B3A 2 KB
2 KB 12ms
10ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/img/stoerer.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04f0316bafa3b54df24922d9119407c2ba0469cc3c91ac8ce82899eee3c7f9ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 15:19:08 GMT
x-content-type-options: nosniff
age: 37045
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1625
x-xss-protection: 0
last-modified: Fri, 13 May 2022 13:39:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 May 2022 15:19:08 GMT

GET
H3 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9B3A 109 KB
37 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1652449171298/31-IWE-eSUV3-Mrec-300x250-Zukunft1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 29 May 2022 01:36:33 GMT

GET
H3 206 file.mp4
r1---sn-4g5ednsk.c.2mdn.net/videoplayback/id/8ec0eab31682fee8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685324193/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame A310 317 KB
0 18ms
7ms Media
video/mp4 2a00:1450:4001:6f::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:6f::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 29 May 2022 01:36:33 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-7187023/7187024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 7187024
expires: Sun, 29 May 2022 01:36:33 GMT
last-modified: Wed, 16 Feb 2022 00:43:22 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2F20 0
26 B 82ms
44ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSc0l33hY_p8ZujF2IFgHkwCf-g42z-a3X9eCiQsMaeR98TE_updrl6I4P77C_aJhj6qV_WlcAfjxvHIotN6E9fSCVs28kZaxopnHra62U9HNTHa1cgYCZb7kb6WoltQljAsde0lYQLpvP9EB-e3dpeGrvAMf43S-lK8qNAksRonbjxselhPaxpwqX2no8SZVV-C54Q-vzIIM-9nHHzUmdmvDocpYLYChr8vqTRqWyoEBg4gabgFPCh8O9nyrYigYN4cjDrI6WsK_xE8a0LCXqpC68GNe3wsmlX2r7W-RA3JfgJusWE1zSbJ2IxjFBuVoVEqsJIbl8kLgdvvh5Lc8PkD-TsKXFD7dYNUMU8-SjiWqclDL_TwoKCyBdtYWQ1hO1X_NVHFpwR5T7IGCmQO4-K-aHkLlko7cdHBIL2NoeFZRYoXs0BxdZIV1pBxNCPeI_LdyiyLLiFUiXUINWrrQ4GYf4cF72SLIjPmfTxpIDu4KIvuyCRqRmXjpel9WQ4Dcqd1UhVIBAvNYTlw98rKWxv2rUzRzta3XYoesJZJ_AB_CmIz_lsbmjxJKgRclktm08FiUcEKrzK1om6odIL70rfyG0c7SRU6x1Rbo0ue6eHPs1HffulnU6G6_DnAjeKM_YoJO6wCWBA08-H3Tiohk-eIY_W7EiBdxlF_hmYUr5-rE6COYdHkEQMM_DF7zSkck99c9cPSez7MhBHIfN1mA45HIhIRURadOjGm56OC3sGhJblA_GB1v7nx4FZ-g21fRTnrRBF-gKoJSk-z1JKG38sBSdrH8MnjqS-kAOaHjarnZZEu3MCso6IB3Bt103g6obUzDw3vh3X4V0aKFrYogznvokdSmA164NZN-AczObk-BTKUc6NOb_NrTKLpGgvRX-_0ACoXdejsWSD0kG7gB0EdW8fqLlDFdkM-rOH6cQ-R0La7hPzLsCATxadMRB8_N5-Jqvnu5226BNKx7X5QjM5pomb3n539OGYqk9vw3g-NfyI44-tHftE4Xxdj3w4Lj5ZHlA9RRHuCkI6yPIjmV_Ca-2Xy3ei2KYhq9UQXHJggsjDrEXst0jHiqMUMWz-534Z6h5lc0FpB484cmiAnGnwwn4p80mEfWoFyCOZWc1EhHN5FIoTCmQTLuoiFYclOIm1YENABxI54pnFCOIvoQ_02-TGsf4_MKXo_LQyvqxGT3YfbQCKB69oXK2BtWU4dVB8JPhg4ZXiTUC7Jsu&sai=AMfl-YR3Besyme_oGlHjNH97-RhPtBQkY8C0WwqYrqnmO4PX16d28RfahBU_2Ke8LywnWViQ7K2JxDPsJKvQRSkM4CpiCU8UffYADaJM2g-e9UEwNJ-AuYohLyP7S_UFOyJs5_FaalCtE1aINafd5ByvV7Vap1YCatRKQOc1QsoxgAKPageyNTYBjGHP9ezyahR9CVfWEuops3SRCBmGGhdVcGnS&sig=Cg0ArKJSzPbm1GgYqqMTEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=225&vt=11&dtpt=132&dett=3&cstd=90&cisv=r20220525.87361&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 May 2022 01:36:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 56E7 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bu7EuIc6SYvfNFJTS1wbElpHgBwAAAAA4AeAEAg&bg=!7O-l76vNAAao8wy8iPM7ACkAdvg8Ws1e_ENCKhRZDlRoOyhaX-3zRJMmMf90a8TyC4JdRP50ibR-jwIAAAC-UgAAAAJoAQeZAunMj_pJQo1YHW3l44Au0ki3iPhOkT82q09lYvZ7GXP37CZ9uM3tq4CCUZmqSmHvGelbsQqP88syZp-xetiVMwd0C8EnhBctGdpYeo1FeWGUD5ORgu9LMCsEBKj5NP84q_796J7TYm_4NpBz0UMDSQiM9GDwqV6oLzk4MBOdY5jKQdcjTsqk39E5uceYmr48TcqgwubUih7vcg2xK6sTexP0Q0cOcVh4Rt34qMrXtNa8EzU9sGAwVUaKuCSRuIWF5ak8jrynP2YgBJkDvB-6wr2XUBiMOlCKTsV9jlQWvkHJqHSyQndjsFu2wS6vGKSf-l7nAmtvXfU69zvnCXRKyYa4S5UX_NCU8LKtYDAoop8iCEj6vIC4z7nUQ44E3sybJV8gZBW8wfSTtMq45xP3vboPmuZoHpSg41lnIFJuK_RaiIqEXqX5GU1UB-HfyC6OsIboqljzQ84luTEfR_SvOVcP2v7Btk1GwEGXimO7wvWH5xL0vck6_57PspfA6gMLHXtg5u0Qsgd7zs4P6MNu78H9DLinLU8OWS6eZd64tUmcLTs33ddOcxiv-CMbQDhykUgKq7Hz6dLFgZw8_nLkBJCuZVPT3a2QFuPylcb2SehhT9H1GqIB8lYJ-aNfAlglbKMMK8OANF6YsWf-H3Gk-U5BcaXjvOjO_j4tRlEmGpWTCdE38oSj9UvWPNlz4-ek5kg3VmVSJlMASgLONqalXXHBKkNSx7E-_N5XlmfsAK0a-5MkkxWvf6xzi_aPjGxb4Pn_pU5jNcNZSMMhwKKTnGDq1hLGnzjB8e5sNW2kVyTEZnA4KU3qzY_PnOCtvP4oaHl8eh67vF77na8NLBR876tKmkRtteBOKZt4lR1bOqte6sCbIrbOgF09GFSsroNjDDnZQH_5H_CthQ-3gdg91-yIfe4EbzpuuMfaMMr5ODjXpEzd0BQ17OZTi5tD6MxXsKCs81oDeRf35-Vt1l8a42R9GXtP8-5OQain

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 01:36:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D355 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEKEyIc6SYpaoE5PAx_APq7-r-AkAAAAAOAHgBAI&bg=!3N-l35vNAAao8wy8iPM7ACkAdvg8Wj08FaTeMbmbItnhA-n7oX73K8SOiG_c3dr45SdL8VK_Qd13hwIAAACoUgAAAANoAQeZAurxlNo_wJ9bWw0L7hzgxtOneF-dD3a7YSuZYCDXQ2_wboPpy6ITqh4yqIbbS7wQyIXYdBwH2gQSr86NGAn7zezYyJqAfIJbPi_xfS81K7TwZpOBFJsf_tCSaZKS5E4U7ZGDjMZ5o2cNVrM7zhWW-Pu3OLh_kTndsgsJTuCwlEEnW1QAQPFM9DBbTdWOjFp3bjdrIZ75LCCNHHnAhJI-M1qUjHotblog9-i2NUGqdLmL_xgXvPooM9vnS-RZnvOSNi1qvpGbUCYQ0UPx2CoEnDva23JI8ARxWMJt4NQTzEQ_UYVSAFRYmymkUDvbkcNiIOi662YfUfmN80kAAiH7nbPseoecdJ0V6dj9EEe2yHjuykyLGmE-uEYsocFcCVU1VirVCN7uM9L9x7PZB1N3ORBfoqelVw-9hzEFyfBrEp1YB6OkAQWeNap8e-Sg2aTO5cdYhTQAUvP3sVhgKIe4xkQd3oEwL9Eh6-_lm0Vh_UtvFheaqD_SKf_bw0EvQYBrARUzOHbrfnoJYEIAhH56kBi6NDRTUF7PSEN9VnoH12qFY63XjulsLDeFZwQy-hdFVIGOeHmRyqEF90nyzFS0AIwDabBdBu5oc9n82dYqJCqS_oXafAbccvTh7ZKI6BoPGabwwi4PjzTHW4j3hkkiKuDfSMLcLFO-MbI_2ERYLXBX8nU4vMmIezD26R2umu05VxJ9Qrf32XaPfsA-OO2T9J_OqiGqAZM63I7KaUKJy4nsbHX4Gm_MS9e4AQht4IH4h-qHVD8lF5yWOG-WuunACNLCqT4Bu8NRS6ZTmtC4t4jY5k79PH3d9OaAffl1V7uuxNXlD86ZldKmvGP3U9yZST6Scc8ljTN3Q7ZgqkZLVZ_-fVjVUrWU2Te_oZS3rDkK5VPSwUW2RssDLHx-Ros1tunEE5r0nFqohVHofs73J4gyGnmQXrE22D6U9Ce_D178a6eSwRpbMV-9PnDpVLxhH76VH6DVURgYjgGcBQ

Requested by

Host: updatenews.id
URL: https://updatenews.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 01:36:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame A310 0
54 B 577ms
274ms Ping
image/gif 2800:3f0:4001:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l3qmsgrf&c=7252914034180&slotId=3626457017090&qqid=CN6BgY7Jg_gCFdf2dwodOkADSA&fb=outstream-lima&gpm_i=7&gpm_c=7&gpm_a=7&smb=1000&br=874&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=9&vhc=0&msm=1&aits=0%2C18%2C692%2C59%2C342%2C343%2C344%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:826::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 01:36:34 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E9A9 42 B
64 B 65ms
44ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunXpToK1BjnFVGJsO8vkKsYiWhlWzkUjNLW8Z408EeTMWULxEmNMoSaikoYyozGvd-Ri8dCJLHzr3Rk3wckgBZZvlMN5v5tDoWfQAxZ2JPXZEn39NO1f78qtjHRr4GvR-dHw&sai=AMfl-YTyZZ3u8E0IBLKyJrwotBdCkg_wYrn32KapCfNh5O1spjd3i39VV6Ng9z6ofxeiPXgRsfVEBC1eqR4q&sig=Cg0ArKJSzBHEUFwz-TcOEAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=102,772,1001,1126,1172&tos=102,670,229,125,46&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653788193024&rpt=203&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 May 2022 01:36:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 21ms
20ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220525&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19fff9327659e48b0ebbea4d3ff394a512f2f4f6ea74001101f7cad6b24352f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 May 2022 01:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10680
x-xss-protection: 0

GET
H3 200 tata-cara-dalam-mengurus-jenazah-yang-baik-dan-benar-218x150.png
updatenews.id/wp-content/uploads/2022/05/ 26 KB
27 KB 773ms
772ms Image
image/png 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/05/tata-cara-dalam-mengurus-jenazah-yang-baik-dan-benar-218x150.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

803a4d37eeb39124d5cc7e39d440a02642d6af5545f9876bc88d4e438fa66021

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26629
last-modified: Sun, 22 May 2022 16:03:09 GMT
server: cloudflare
etag: "6805-628a5ebd-cade4b7191005dc3;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h86iuw%2BAqiQEpKdttKJAIpLQN02VGQcT24cR3NveKCG3dAoo7xf7ZvqBZzBDp8nkl44nKPj4xIse6xh3wo1kMvK8HwmDRtF8vnk4jlDRehaA%2BFGDCRKqu5C%2By%2Fzwa%2FaJuJwx88hUldLilRwZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b7ffd2a5c9bb8-FRA
expires: Sun, 05 Jun 2022 01:36:35 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 138ms
138ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 29 May 2022 01:36:35 GMT

GET
H3 200 images-2022-05-21T003334.418-218x150.jpeg
updatenews.id/wp-content/uploads/2022/05/ 6 KB
6 KB 567ms
567ms Image
image/jpeg 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/05/images-2022-05-21T003334.418-218x150.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

134fe3861630df614c8dd6d7e09184622f2b0183d98897fd1c5622071fa11d20

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:35 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5702
last-modified: Fri, 20 May 2022 16:40:09 GMT
server: cloudflare
etag: "1646-6287c469-b120d58126c84fa3;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARvvubtQflX6IMKZy99K5UEcI5kH7ydrmcFY%2BIA%2Fi9mU5M7w48pSGpyDcwlF5cCRk8aY249jLq6%2BfTkSyqynNfnuz7CD8NYJ0W2QS%2FaOdUobdU%2F5%2BoZ9ZZ4kwov9fe8crHkY93vXbUsS5aiD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b7ffd4a819bb8-FRA
expires: Sun, 05 Jun 2022 01:36:35 GMT

GET
H3 200 IMG-20220517-WA0122-218x150.jpg
updatenews.id/wp-content/uploads/2022/05/ 8 KB
9 KB 636ms
635ms Image
image/jpeg 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/05/IMG-20220517-WA0122-218x150.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

068b1a9e0c60369269fc8ebb6c351cac6ea20529562eb5e94b4427704d51d7ae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8563
last-modified: Tue, 17 May 2022 09:08:24 GMT
server: cloudflare
etag: "2173-62836608-3fe942fc0c1dc165;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLMAkpmPeSr3IpTl7XHgIu03iaDoGEG89%2F4WGlrE5LxWV4XAuw6psVwJs5%2BnZAwwPh9suaYN%2B%2FDyQm4%2Bx8NHjT%2BhQynna%2BDh8s583CYf7u9NktI4xo79Akezd7klLHBjark2Hu5A%2F%2Ff3aggG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b7ffd6a9b9bb8-FRA
expires: Sun, 05 Jun 2022 01:36:35 GMT

GET
H3 200 IMG-20220510-WA0006-218x150.jpg
updatenews.id/wp-content/uploads/2022/05/ 10 KB
11 KB 635ms
634ms Image
image/jpeg 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/05/IMG-20220510-WA0006-218x150.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4914730a2bbd44eb728549b14e435299c8c4db320dcff870798192db1bc6f3d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10492
last-modified: Tue, 10 May 2022 05:15:36 GMT
server: cloudflare
etag: "28fc-6279f4f8-a7cb2efbb5fd1aed;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oo3yLV1fvDJG5GO7Wy%2FrV%2FhnxoSbJBYS4YpXVr6PblL%2FIgFLdXGhIt%2Bx%2FwJGfnaoxymoCBvJ2jdMLYZDZhw4wvjiaE0VNFvIFAXUcT7tGbEtQ5SftHor0EVMoWV4cb7WfX3pjTmKFgcXKZQJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b7ffd7abd9bb8-FRA
expires: Sun, 05 Jun 2022 01:36:35 GMT

GET
H3 200 IMG20220423173420-218x150.jpg
updatenews.id/wp-content/uploads/2022/04/ 12 KB
12 KB 857ms
857ms Image
image/jpeg 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/04/IMG20220423173420-218x150.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c66c4ed631c60cbe01ae760254587d2b3d24ae82e6a29def2c0978689a3fa11d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12077
last-modified: Sat, 23 Apr 2022 11:34:01 GMT
server: cloudflare
etag: "2f2d-6263e429-85e29c375ed4a4ce;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BPX9Ekh%2BGOZS82ttg9reLqCSes9TpoNaZduSR4JaTeYLyNbWrDzNfgNwCYIFgzHkUe9C5PQcbfXL4fRaWDIlASj8Go1nc%2FbmAqfCPMqdcb8qMrEtLT1Kg7LELoTQVoYBoclvIpuOlyrPtEl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b7ffd9aec9bb8-FRA
expires: Sun, 05 Jun 2022 01:36:36 GMT

GET
H3 200 images-2022-04-22T010444.462-218x150.jpeg
updatenews.id/wp-content/uploads/2022/04/ 11 KB
11 KB 843ms
842ms Image
image/jpeg 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/04/images-2022-04-22T010444.462-218x150.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0487e0d5a0493238c60f15a1d51e5ebd16fab205c9b2de46fab7237d4741d5a0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10761
last-modified: Thu, 21 Apr 2022 17:09:28 GMT
server: cloudflare
etag: "2a09-62618fc8-edfdb1c26d0ae7f7;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMgS00Ihi2CklESR0AEJgJpE9HFhNzOENFcwMz%2BpnqLOuwmZby0brLX8Yp92EOZouL8U3XkA3FQilULJyfotMqL7xtgnYa48CavwdEMJRJyp3oRal0iqHExTS6xURykcklGnqSYySv7psyK5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b7ffdfb919bb8-FRA
expires: Sun, 05 Jun 2022 01:36:35 GMT

GET
H3 200 IMG-20220418-WA0036-218x150.jpg
updatenews.id/wp-content/uploads/2022/04/ 11 KB
12 KB 782ms
781ms Image
image/jpeg 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/04/IMG-20220418-WA0036-218x150.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36aeff3ba2e4ad61392ff46d5264023151d76e40af67b64ee3aaf2404411aaa7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11166
last-modified: Mon, 18 Apr 2022 13:15:39 GMT
server: cloudflare
etag: "2b9e-625d647b-8c866de18e65f1c1;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5I%2But66gqM96wCEoBZvj1R7mLxjhCtOL8uGpjrVOKtJ16UAXoHVPCcG%2BSZMIE4FnxooWjq0fg23I9NMFHQX4njgg8VzK7J1ORNCaivdDD5sXTkWqjsTiKdSj5XQ%2BEvhYcqaNOEMidUzmKPA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b7ffe1bc69bb8-FRA
expires: Sun, 05 Jun 2022 01:36:36 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5504 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://updatenews.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 47770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 May 2022 12:20:25 GMT
expires: Sun, 28 May 2023 12:20:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DEBD 783 B
536 B 36ms
17ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a8733394deff8171cca01bd7bc31ec83b4be5d5df93a5ab330e28aa5138600cb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9e5n6GdOmJDNzlE9WN0w9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://updatenews.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-9e5n6GdOmJDNzlE9WN0w9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 29 May 2022 01:36:35 GMT
expires: Sun, 29 May 2022 01:36:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IMG-20220418-WA0012-218x150.jpg
updatenews.id/wp-content/uploads/2022/04/ 11 KB
11 KB 876ms
876ms Image
image/jpeg 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/04/IMG-20220418-WA0012-218x150.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e08063f68aa868777e01aaf9a12e62322bc7d91cb8ecbf2cdb1ed208b9b3fe3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10913
last-modified: Mon, 18 Apr 2022 10:40:07 GMT
server: cloudflare
etag: "2aa1-625d4007-d9fdfb18b7ce95b;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xlrd1DWwa6SCJg8RqAvQs2NMORJvPvpNv5PqKimQ8UUEvo0qlZyWv9PyPB8Zf8kS7RTLb%2FOF5hm0xiQZILw3BMjAWvNO9wyRIZoAkYJ0nhLLp7H4Xu4x1sXer6%2FcOtF480E6GoiWtufRbmXO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b7ffe3bf39bb8-FRA
expires: Sun, 05 Jun 2022 01:36:36 GMT

GET
H3 200 IMG-20220516-WA0075-218x150.jpg
updatenews.id/wp-content/uploads/2022/05/ 11 KB
11 KB 855ms
855ms Image
image/jpeg 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/05/IMG-20220516-WA0075-218x150.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed985ba6960bc4f2153cb72d477dbaf465da7c7f5d9f13f3f36d08ad997afeae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11112
last-modified: Mon, 16 May 2022 11:53:27 GMT
server: cloudflare
etag: "2b68-62823b37-c8ed24d31fc9ab20;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWfTT22iG538eMp3UQycmcBCCBq9RanP%2Byzf02NcP7QuqaXoAAqpZjUJ3grOc4Qks8IpQuvmaGK8CfAtjNUIU118o8hxKYo495yKaDQ4pu%2FuYtgYZMi2r%2Bu4mjoQ9dqbsUooVLpzshG%2BVJaM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b7ffe4c169bb8-FRA
expires: Sun, 05 Jun 2022 01:36:36 GMT

GET
H3 200 BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js Show response
pagead2.googlesyndication.com/bg/ Frame 5504 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06557c9472869e4d37c14ca11d6960f5f5780a22b6e82aecf1d2e8edb41b0ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 13:15:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13861
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 May 2023 13:15:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DEBD 0
0 48ms
47ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220525&jk=784991219963846&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 IMG-20220424-WA0062-218x150.jpg
updatenews.id/wp-content/uploads/2022/04/ 10 KB
11 KB 1330ms
1330ms Image
image/jpeg 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/04/IMG-20220424-WA0062-218x150.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9155f8cfa725d61c7ddd605014294e1ad21af17c32e629ac1396f82e23a78618

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10253
last-modified: Sun, 24 Apr 2022 10:59:00 GMT
server: cloudflare
etag: "280d-62652d74-7284fc30d272ce4d;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MllNe6PsgBiSotOdMBXCo2bCxChBUnPv%2FRBM31CRdb4rl8DviL07i64Gl%2FZ5w24RQ5K%2FOqTPExZhMvxMIxNrbsCtZRUIP9I7JfkN4J1whiJ%2FmjfaXlw0hETFb3C4rKa0%2BPNxL29IgLt3pjw3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b7ffeac8d9bb8-FRA
expires: Sun, 05 Jun 2022 01:36:36 GMT

GET
H3 200 IMG-20220423-WA0073-218x150.jpg
updatenews.id/wp-content/uploads/2022/04/ 10 KB
11 KB 1300ms
1300ms Image
image/jpeg 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/04/IMG-20220423-WA0073-218x150.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac08fbcdf21bc19ab477e8842f91dc8db7551b1b493434aa1618f67f8512d63e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10425
last-modified: Sat, 23 Apr 2022 11:13:31 GMT
server: cloudflare
etag: "28b9-6263df5b-abf896e322a51c85;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCifiBw2zELHuVo%2ByOyxScrttGKnHpdUao%2FmwmdMt%2B%2FR3MTmnPArECE8v67cKLRRa%2FtFYklEK4aieU4pyjMOvh8%2B9P%2Bx2hEJu%2BYBlYpVl12h1X8HxHTrB0Sgj6zTnFNuCCASHdkLaRrt89pt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b7ffeccc39bb8-FRA
expires: Sun, 05 Jun 2022 01:36:36 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5504 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MUf_VQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 images-2022-04-17T170903.546-218x150.jpeg
updatenews.id/wp-content/uploads/2022/04/ 10 KB
10 KB 1237ms
1235ms Image
image/jpeg 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/04/images-2022-04-17T170903.546-218x150.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2f7f9e19a51ffb9bd729ede0df6c44ea383557be252b2f5c59e008c976bb817

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10094
last-modified: Sun, 17 Apr 2022 09:10:50 GMT
server: cloudflare
etag: "276e-625bd99a-cbab171e0e238e55;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2fRbytOQkN%2B7VWjUlt1RhNd%2FY21ofMZhOfjYS%2FR%2FciC9m5mFBe2FFdu4%2BUmiYLDZyUjUzAjpLVdUV0alQ6VSQy0JAFTjipH2%2BGbMD%2FUH1s7npP5JL%2B80ihpG7C2HcFe9YyLkkvWlTNh06F5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b7fff3d869bb8-FRA
expires: Sun, 05 Jun 2022 01:36:36 GMT

GET
H3 200 images-2022-04-17T142739.348-218x150.jpeg
updatenews.id/wp-content/uploads/2022/04/ 9 KB
10 KB 1221ms
1220ms Image
image/jpeg 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/04/images-2022-04-17T142739.348-218x150.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03c20a7817cb854ba9b1959062d367127d18345598bce44bce0d6302f2b2b796

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9237
last-modified: Sun, 17 Apr 2022 06:30:53 GMT
server: cloudflare
etag: "2415-625bb41d-78e5241e46633e53;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fha31a0uGQou8SiKnifa3DNpvFrsGx9V9NYMz%2FTdEKKXgah5UGo7ZYn94SwINgCC1fMnF1JoCOWbNCcvazbFzw%2FZ6nxT6BoG0W2bn92S%2F7VTkbkSnO7%2FJrV1%2FHix5k2d2CE%2FbHGJ57cUsShb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b7fff5daa9bb8-FRA
expires: Sun, 05 Jun 2022 01:36:36 GMT

GET
H3 200 images-2022-04-15T152256.204-218x150.jpeg
updatenews.id/wp-content/uploads/2022/04/ 13 KB
14 KB 707ms
706ms Image
image/jpeg 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/04/images-2022-04-15T152256.204-218x150.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

711a3b51d98925a742e0a43856e6d40a9162905a498117ce668f5dec2b18e089

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13312
last-modified: Fri, 15 Apr 2022 09:05:58 GMT
server: cloudflare
etag: "3400-62593576-90be73dad84347da;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urqK3ao5D7P8wxr4hRbZ9Bvj4YktRzi6DbBnf0TZu922ES%2FARipLb4BVvjOXILEROBQrnLA%2B3L%2B6fKPRDalt%2BU3pQVYB386lJZdsgAzp%2FntPlafibACDvVCb5yyggwmeV2a%2F2srBg2bT41xi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b7fff7dd19bb8-FRA
expires: Sun, 05 Jun 2022 01:36:36 GMT

GET
H3 200 tata-cara-dalam-mengurus-jenazah-yang-baik-dan-benar.png
updatenews.id/wp-content/uploads/2022/05/ 46 KB
46 KB 1229ms
1228ms Image
image/png 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/05/tata-cara-dalam-mengurus-jenazah-yang-baik-dan-benar.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d46393ef864720c8b94bad6048344abcdead591e97b54c8509417e43b421bd1b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:37 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46729
last-modified: Sun, 22 May 2022 16:03:08 GMT
server: cloudflare
etag: "b689-628a5ebc-c43cbff2a4a6c059;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSIHYE8AfL%2BlO%2FFyxowCpnOQ%2F5uHodmB59YNBcE3fGjcWdlblMOben%2BC9TEESiTh2WxvoxBwdfEwYrIiVjZwlG24Dka9lHbyReGIZAM4%2B%2Ffm2aF6TtuCTTP4Z8B328tNpNGI54w04Jnxedsw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b80001ee69bb8-FRA
expires: Sun, 05 Jun 2022 01:36:36 GMT

GET
H3 200 images-2022-05-21T003334.418-696x367.jpeg
updatenews.id/wp-content/uploads/2022/05/ 22 KB
23 KB 1069ms
1069ms Image
image/jpeg 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/05/images-2022-05-21T003334.418-696x367.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac6cf75bfbc0ccb40813b28b2c1825ce01ee3ddab7b564504453ed5217665d7f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23003
last-modified: Fri, 20 May 2022 16:40:09 GMT
server: cloudflare
etag: "59db-6287c469-59e8f12ca99df529;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4Rx4KDSMLesrf1w%2BFm2WzxLV2AqW%2FRLFgxvjfhjcjF2TStt9xXYTprODpOzdwhbmw%2Fgsf%2BGbkYzxDtVpq1azOJFSiNZQu1fmlY01PbP0N1c%2Fx%2BlTFRAupf7TN6ONxvaIAN66mPaQ6f5crFv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b80003f269bb8-FRA
expires: Sun, 05 Jun 2022 01:36:36 GMT

GET
H3 200 IMG-20220517-WA0036-324x400.jpg
updatenews.id/wp-content/uploads/2022/05/ 17 KB
18 KB 781ms
780ms Image
image/jpeg 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/05/IMG-20220517-WA0036-324x400.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12cda399e5a7a2bd2e5e5f1d3e0b49899f4fe3ae48d1e7d72841697c91ceb4d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17860
last-modified: Tue, 17 May 2022 13:45:27 GMT
server: cloudflare
etag: "45c4-6283a6f7-159510e83fad747d;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noITnMKC3C5BkUo%2BVeV7yBb0LGtCE%2FCIqSzMKiqncWUTjskfoGGXMOgFwXJ%2BPT2T3AzAvf3Lb295wNU9x2Dpfj%2FcazDo44%2B1URnRHofhjBYYdrIskmrLyJ5vX%2FK8ItqJsvwb5edAKrleU5%2B3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b80005f519bb8-FRA
expires: Sun, 05 Jun 2022 01:36:36 GMT

GET
H3 200 IMG-20220517-WA0122-324x400.jpg
updatenews.id/wp-content/uploads/2022/05/ 25 KB
26 KB 737ms
736ms Image
image/jpeg 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/05/IMG-20220517-WA0122-324x400.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c82f63577a35eae43425329835724b84bc5e74f182e54a5666112470cc1dbc58

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25635
last-modified: Tue, 17 May 2022 09:08:25 GMT
server: cloudflare
etag: "6423-62836609-b58e8039726cb0a0;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQMibpfToqFSalqsn1gM1Gw66BaFGYgcx%2BLI5Ds4aa7tcfV2SXDxSaSmmk9cHdzSSrwSLjirI7%2FZ0ElxORR3J75nGx4SIyMHQ2nn62QCkIb5bPt3cM7lqdRgCJ2hHQFH4kFSJSCXek2Yp%2BlT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b8000c80e9bb8-FRA
expires: Sun, 05 Jun 2022 01:36:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
60ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220525&jk=784991219963846&bg=!FhWlFVHNAAao8wy8iPM7ACkAdvg8WnvEO4dBvCHeZg09Vu4vzv0ZYSSir-YY37Bjiff4Lzi_9C_pMAIAAABbUgAAAAdoAQcKAOBpWCx8ryypa0hzpBgY7iEbCFNTPhkUjaqxqcr0Lut5lU6zGloFU3tdB44ErUG2o4YHmrAroLI1V8i-CKb6-qMpYMX4U5akZ5yCPwZYUNuRcDQmIo2tV1akHUBpbwsREleuSjGT0g-4a93hXZXOt_PnzXn29VpUTNsbjTgc2LzFGsWdjqk6A_DtUH9ISOnZ0OgJqjKuxYwAQNYFAu0U74Y6tylcPYpsRsavD5EXuMmEUJrNqOSm0Zt3ujfnQvWID7BbwMxIfcyHbCFu_HX5xfePdfJcuo4w1MMkyvp_A0owOJkCooOrdlUZvr4xpMijvYslD4VN9Ez4xuhXnkLUHxrMBCsJPRU_BZSqfomkbygtFsim83L8RPlNZ7tycU8X3HI7yu8pBfre4-nUNYMbyQ2j1448b95-YuRC2-VU-86x3WN63H2Jlk-yd8JN5N5O6kUsrM9MjtBbb1A7a0KasHebSUbk1dWG462osFzgJagcsPDi3CWakaV1DTcYyIUQ2uUAfhXSW5a6lAbwY31NvT8perqwW4DTSBz-FXoBEFc9BKKlRnsz2aF7aP8USI1qdnj7sMMDxb6UVIEjWQlOvtnNmdWDpDLfeVi5xVOMSAsjnK1QrP2gNZMBQhViig1WGOig-GPMOOoYdh3kQFYSv1KfVEGtcOo9ODSL6zQw4JnUcB2z678nBAIMoUx2H6bMGM0iUjO6waL1i43cSpMrk3M2xNPBYhU0mywoQLFC4z5og9o-xxcFmcILmmCeAWZ5lwEs9HVLuNvvmRVFChtDT9FMlcMNgH1w1y8R3R3rA7K7mbJbrAG_ukQzRYZbBXYvkI1J8Zh82Hgu4OztFbzPVTG6wN5cjBO8Eg945v_3IfjgI6yUD7tkaACgRFtGLiA5nPlqQED8S-wOrv__g7kH5XEjX2POxKB3t6pCQ8O_pEPjqYSFuUuoH55RJj5QSBDIk5TmaX0sTowNA66WSJ8R1l92uF18AGqTc5gU0FqnGC0Groz4qdNFFnC32EH4RKZ1NXWJ3nJSjY5Ko95gj0bEpYrFjZJyVXK3br7pNY3slPK1G0hBfdMkH2CT0x4ym1Fr9LuUPw2N_99SSMoM3dewZmU9nTh5Kgk8bKvrL5r6pmfJXeWZx-fFaHb0EY_eRIryBqLUB4zGt3s1_xJWHmsMOeO1yBGyqAR9ci4QAu_e0dKR_0bYnlQa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 IMG-20220517-WA0036-324x400.jpg
updatenews.id/wp-content/uploads/2022/05/ 17 KB
18 KB 15ms
15ms Image
image/jpeg 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/05/IMG-20220517-WA0036-324x400.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12cda399e5a7a2bd2e5e5f1d3e0b49899f4fe3ae48d1e7d72841697c91ceb4d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17860
last-modified: Tue, 17 May 2022 13:45:27 GMT
server: cloudflare
etag: "45c4-6283a6f7-159510e83fad747d;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URTvc7CCNHKRkKQ9mXSyq0EKYERftx49dpigb2JXiCJC101bv5ikiJQWtSChoW9M0RS%2BBlnaHuSIXo6y7BkMwc%2FL8Qi3AKcPSdEvRoTsqy6nkabRiOFMCGwf%2BoGzvEBSdyAxvhPCTJfZzDbQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b80055f1a9bb8-FRA
expires: Sun, 05 Jun 2022 01:36:36 GMT

GET
H3 200 IMG-20220517-WA0122-324x400.jpg
updatenews.id/wp-content/uploads/2022/05/ 25 KB
26 KB 14ms
13ms Image
image/jpeg 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/05/IMG-20220517-WA0122-324x400.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c82f63577a35eae43425329835724b84bc5e74f182e54a5666112470cc1dbc58

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25635
last-modified: Tue, 17 May 2022 09:08:25 GMT
server: cloudflare
etag: "6423-62836609-b58e8039726cb0a0;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=deSGIi8ay4%2BnMRGy3Pm1SUVDUje5fs%2FAfPHNRUwwZZgtzXe6hpd5Yx1qHUXfeJmw4wjRxUw3k4I0obG64MG9gZhAq5tImvr5ELHeje8M0FRjXWVdKIhynXT8Ys3FUSFQXOm2OseewvjVOwRH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b8005cfce9bb8-FRA
expires: Sun, 05 Jun 2022 01:36:36 GMT

GET
H3 200 images-2022-05-21T003334.418-696x367.jpeg
updatenews.id/wp-content/uploads/2022/05/ 22 KB
23 KB 14ms
14ms Image
image/jpeg 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/05/images-2022-05-21T003334.418-696x367.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac6cf75bfbc0ccb40813b28b2c1825ce01ee3ddab7b564504453ed5217665d7f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23003
last-modified: Fri, 20 May 2022 16:40:09 GMT
server: cloudflare
etag: "59db-6287c469-59e8f12ca99df529;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7w4s5lYEJQEqt%2FL4CJY2%2Ba%2BPHFcuXyOTL%2BAGZ5zKHebuP%2Bwgy%2F1DusCA6JRm2Cmrb2UJqfHksp%2FmmzeASxVJH%2B4PytycN6ZH%2FC8af5AjPFch316hjYjNo29eX9b2sURF7avOET8Q%2BcnVs2j"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b800729d59bb8-FRA
expires: Sun, 05 Jun 2022 01:36:36 GMT

GET
H3 200 tata-cara-dalam-mengurus-jenazah-yang-baik-dan-benar.png
updatenews.id/wp-content/uploads/2022/05/ 46 KB
46 KB 19ms
18ms Image
image/png 2606:4700:3031::ac43:a8c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://updatenews.id/wp-content/uploads/2022/05/tata-cara-dalam-mengurus-jenazah-yang-baik-dan-benar.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a8c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d46393ef864720c8b94bad6048344abcdead591e97b54c8509417e43b421bd1b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://updatenews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 01:36:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46729
last-modified: Sun, 22 May 2022 16:03:08 GMT
server: cloudflare
etag: "b689-628a5ebc-c43cbff2a4a6c059;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rdD7ZbjPpAcE1a2eeX1nvbE0KWGCsAMhp2jSXZSotG%2FaQMSHtexsmPrsQ1zQmW9OhwRWeNKPBbkZ%2B2TsnTb1faCTDMUgBZQoRq9vVw%2Bohn2NL9fM2v8pWVhR9SAZDWlGJwvsr8O0kKDqbWm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 712b80084bcc9bb8-FRA
expires: Sun, 05 Jun 2022 01:36:36 GMT

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.updatenews.id/	1970-01-20 12:44:44	Name: __gads Value: ID=8573e1105ce60ecf-222f15aea1cd00a2:T=1653788192:RT=1653788192:S=ALNI_MbWcq1Gv02wPm-eDfn6Kz2UMSiMgA
.doubleclick.net/	1970-01-20 12:44:44	Name: IDE Value: AHWqTUlXzLZH6fdeZoir98DCgGXMR6UlkQvc4vnl6OE0KObl3met3UEedzjsuZ9eg2Q
.doubleclick.net/	1970-01-20 03:23:11	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 05:32:44	Name: uuid2 Value: 535734976786919603
.casalemedia.com/	1970-01-20 12:08:44	Name: CMID Value: YpLOIQsj332V5ryRp3ZHTgAA
.casalemedia.com/	1970-01-20 05:32:44	Name: CMPS Value: 3239
.casalemedia.com/	1970-01-20 05:32:44	Name: CMPRO Value: 1170
.casalemedia.com/	1970-01-20 03:24:34	Name: CMST Value: YpLOIWKSziEA
.adnxs.com/	1970-01-20 05:32:44	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>8f3d-t!]tbPl1M>e)ZlrFUfJ+tGXxoT>0oTSP3NuqE^K9pYW#FRU]Ac?Zsl23Zq0fo3If)y3KL9D3I?*z_TD_f
.casalemedia.com/	1970-01-20 12:08:44	Name: CMRUM3 Value: 2d6292ce212760CAESEB5dcwSzrwphLmP47L1Mm30
.quantserve.com/	1970-01-20 05:32:44	Name: d Value: EB4BCQGgJoEA
.quantserve.com/	1970-01-20 12:53:22	Name: mc Value: 6292ce21-7f09d-26e28-34e6b
.pubmatic.com/	1970-01-20 03:24:34	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 05:32:44	Name: KADUSERCOOKIE Value: EDD5C6C7-705B-4FCD-B9B5-69B7CA9AA7CB
.innovid.com/	1970-01-20 05:32:44	Name: uuid Value: 4e86861b-43a8-41b5-a5ab-f7b7453fe8f3-20220528 21:36:33
.e.dlx.addthis.com/	1970-01-20 12:53:22	Name: na_tc Value: Y
.addthis.com/	1970-01-20 12:53:22	Name: na_id Value: 2022052901363300077172894655
.addthis.com/	1970-01-20 12:53:22	Name: na_tc Value: Y
.addthis.com/	1970-01-20 12:53:22	Name: uid Value: 6292ce211bd2dec0
.addthis.com/	1970-01-20 12:53:22	Name: ouid Value: 6292ce21000143afd8900124407516cb2a42c935044485230334
.dlx.addthis.com/	1970-01-20 04:06:20	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 04:06:20	Name: na_sr Value: 20220529
.dlx.addthis.com/	1970-01-20 03:23:08	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 04:06:20	Name: na_sc_e Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
bid.g.doubleclick.net
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r1---sn-4g5ednsk.c.2mdn.net
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
updatenews.id
www.google.com
www.googletagservices.com
142.250.184.194
142.250.185.130
142.250.186.66
198.47.127.19
23.35.236.247
2606:4700:3031::ac43:a8c7
2620:116:800d:21:ef75:8280:f209:5ba1
2800:3f0:4001:826::2003
2a00:1450:4001:6f::6
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2004
2a00:1450:4001:813::2006
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468
35.227.252.103
37.252.172.123
64.233.166.154
69.173.144.138
69.192.160.219
002f42a9cdf6823589b7057ba956284185369609961a4c246c0988505fcf90c3
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03c20a7817cb854ba9b1959062d367127d18345598bce44bce0d6302f2b2b796
0487e0d5a0493238c60f15a1d51e5ebd16fab205c9b2de46fab7237d4741d5a0
04f0316bafa3b54df24922d9119407c2ba0469cc3c91ac8ce82899eee3c7f9ca
06557c9472869e4d37c14ca11d6960f5f5780a22b6e82aecf1d2e8edb41b0ee0
068b1a9e0c60369269fc8ebb6c351cac6ea20529562eb5e94b4427704d51d7ae
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4
0dd95d9bfc689b8862a9dd8ae8166ca21df149fb24f3d0830423b66ae00d426e
0fbd125fd5fe62fb74b3392cb3b0f23c69697d0c314d3db386b126e00dec7fb0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
134fe3861630df614c8dd6d7e09184622f2b0183d98897fd1c5622071fa11d20
168569b93fb309aa05252baa0279555a2c25a83eb52fc8d4370029bf9ea8c91d
16e23bf68ae2b6ca620499188342fe1a9adc3eb3d68e0ddb18e58e3eca94748b
170aba10d06d97475a89f9e6a41fd239eccdc9b66321b123a9579740ea9e2b32
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19fff9327659e48b0ebbea4d3ff394a512f2f4f6ea74001101f7cad6b24352f8
1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20d5956cbfc7535eb22b3962b7abbb4c6ebe8de2ae72cabceae90179e0e84a24
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2bfd711bb7618b82a67c0363d7f878ee5aa0dc0be9e0709e4c2f70258834e51d
2fb6845235e01e747416824c40ea0122d7df3e5fb96301ccebb8da8a0f55d64d
36aeff3ba2e4ad61392ff46d5264023151d76e40af67b64ee3aaf2404411aaa7
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
435f85396dda9cbd4c88acc29816df315ec4dd59b687a9d8d6d918b3415273f7
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4914730a2bbd44eb728549b14e435299c8c4db320dcff870798192db1bc6f3d1
498e1d80eec515e1bb577e802e149e044b924fc09abfa1b9ec3d96cde77bb377
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f9ce710d5a6b3d5561a358aa787adc26fb02aed068ab385dfce0beb1908d207
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b3f0a6d6a59d8015a0f304089d399067747d2618e48cce61474983bf0e76f7d
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
711a3b51d98925a742e0a43856e6d40a9162905a498117ce668f5dec2b18e089
7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7
7ae5b52b01b37efb4547c3493f75abf51dc034326bb6f1ff6fc97348065716ba
7e08063f68aa868777e01aaf9a12e62322bc7d91cb8ecbf2cdb1ed208b9b3fe3
7f265ae600594e6177fe026dd2279b45e556b84848a1f4d7c8fbebcdd815ce49
803a4d37eeb39124d5cc7e39d440a02642d6af5545f9876bc88d4e438fa66021
8173abee27c37344ae6b12dbedb09cbaae9a0140fbbe38e1fa5358d74c52b644
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b655c4eb6749ddf38f33a9b1d9ce0f87d1651e2d82d26993355eb33b12cbe39
8e4aaf7cfb9bbe2d4a8c7435e8b72a0031a9f0a8e8326e3bcf5aa2f984d3644a
8ee4e8100a691c4992a9a434e402379d53f1eca4ff489a83564c381ba9ad2e48
9155f8cfa725d61c7ddd605014294e1ad21af17c32e629ac1396f82e23a78618
9666c1dc3f770c8c7153bd19d6a4bcc6d1a520fad9ece28c70d4edda2777baec
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12cda399e5a7a2bd2e5e5f1d3e0b49899f4fe3ae48d1e7d72841697c91ceb4d
a2f09ae1f7edaaade15d62e403ef90fda92888330c38f93fdd9e9aa086d551bb
a4802468ac5765eaeaba478c94dcf0ed809eda836befde3519c337062df21711
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a8733394deff8171cca01bd7bc31ec83b4be5d5df93a5ab330e28aa5138600cb
aa53d0b0ffeeda282e45361043ca8815dd8608055c87175c4a340e7ee37a6504
ac08fbcdf21bc19ab477e8842f91dc8db7551b1b493434aa1618f67f8512d63e
ac6cf75bfbc0ccb40813b28b2c1825ce01ee3ddab7b564504453ed5217665d7f
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0f4967fc7c16660db52c4d63d7d6aa858f6a2087700e53994a8162c7bf570ab
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fbf1df681e20b8e52867b4ec3504b6bf9c5a1c7af6fe38c80f67e2f693de4a
b4cb688258440ab067c4dd9f03f80b8bcc2eae563f3fa57f1266216a7f3d6814
b5842e48157b370f643aed9b5a1e9e453017650bb735519da5255fbdfb519280
bb0149a0344276400daf7612dd80aa1cb8496f0cf389399435eb4ef20872999f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd8e6430e4107d22e59da2762096144446c5f1e47e3bedf5a7b4eb2d61b985d6
c2f7f9e19a51ffb9bd729ede0df6c44ea383557be252b2f5c59e008c976bb817
c34eab3dfb8e7edc06708039a789d2e5044f19b35eec8b09a3518b107e3908aa
c365b61b9c47f45fe218a2c1f4925570e48a22873d9b0a87f1bb34b69c28b3cd
c66c4ed631c60cbe01ae760254587d2b3d24ae82e6a29def2c0978689a3fa11d
c82f63577a35eae43425329835724b84bc5e74f182e54a5666112470cc1dbc58
cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db
d227e31ec93027f2b903fe5011b6ef0d67fd1fd8e0105843a2f56626e74f4322
d28909d6a3c10ed79ad6f425cc0e8a5492c75706a6fbfa16d72b371a12d63353
d46393ef864720c8b94bad6048344abcdead591e97b54c8509417e43b421bd1b
d4a3035309c1425085440990309c3457a8ca8c97884801b636b10f63c909073a
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad
e038b4e28fbd821825e505ea5c05e23086eb98d54b4785b75f8cda40c30fd8ea
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e36f857188532536bf21c385da51b350dc4c25e0787c9635812c93074142bb93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
ed0e4b4604fb8e4f9098ee174009b27431bf69b82afe4ad2b907cb6fa03d9294
ed47b446e91e5bab9de6c89dc828bc03b27ade7292591b93149e40ef8e91bdc7
ed70712ab60f7ed92a61e676ee4a51d04bf7da58e8b7189c808004f65e9582cd
ed985ba6960bc4f2153cb72d477dbaf465da7c7f5d9f13f3f36d08ad997afeae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

updatenews.id Open in urlscan Pro 2606:4700:3031::ac43:a8c7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

137 Requests

93 %HTTPS

63 %IPv6

18 Domains

28 Subdomains

24 IPs

4 Countries

1854 kBTransfer

5151 kBSize

24 Cookies

0 Outgoing links

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

updatenews.id Open in urlscan Pro
2606:4700:3031::ac43:a8c7 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

93 %
HTTPS

63 %
IPv6

18
Domains

28
Subdomains

24
IPs

4
Countries

1854 kB
Transfer

5151 kB
Size

24
Cookies

137 HTTP transactions
6 data transactions