mbantul.my.id Open in urlscan Pro
2606:4700:20::681a:6d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.deimoney.com/b17DTQzQ
Effective URL:
https://mbantul.my.id/
Submission: On June 17 via manual (June 17th 2023, 9:11:27 am UTC) from ID — Scanned from SG

Summary HTTP 144 Redirects Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 24 domains to perform 144 HTTP transactions. The main IP is 2606:4700:20::681a:6d, located in United States and belongs to CLOUDFLARENET, US. The main domain is mbantul.my.id. The Cisco Umbrella rank of the primary domain is 639315.
TLS certificate: Issued by GTS CA 1P5 on May 7th 2023. Valid for: 3 months.

This is the only time mbantul.my.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:4780:3:c... 2a02:4780:3:c141::17	47583 (AS-HOSTINGER) (AS-HOSTINGER)
30	2606:4700:20:... 2606:4700:20::681a:6d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4003:c06::5f	15169 (GOOGLE) (GOOGLE)
3	13.224.249.35 13.224.249.35	16509 (AMAZON-02) (AMAZON-02)
6	2404:6800:400... 2404:6800:4003:c06::63	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4003:c02::5e	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4003:c00::5e	15169 (GOOGLE) (GOOGLE)
3	151.101.1.229 151.101.1.229	54113 (FASTLY) (FASTLY)
3	2404:6800:400... 2404:6800:4003:c02::9d	15169 (GOOGLE) (GOOGLE)
2	2406:da12:fbe... 2406:da12:fbe:4200:82eb:831e:204f:98bc	16509 (AMAZON-02) (AMAZON-02)
8	2404:6800:400... 2404:6800:4003:c01::9b	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c11::9d	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.224.249.123 13.224.249.123	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21b... 2600:9000:21b4:3200:a:e047:753:be1	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	2406:2600:7:1... 2406:2600:7:100::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
16	2404:6800:400... 2404:6800:4003:c06::84	15169 (GOOGLE) (GOOGLE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	54.179.187.66 54.179.187.66	16509 (AMAZON-02) (AMAZON-02)
1 2	2406:2600:7:1... 2406:2600:7:100::9	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
9	2404:6800:400... 2404:6800:4003:c03::9c	15169 (GOOGLE) (GOOGLE)
1	2406:2600:4::13 2406:2600:4::13	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2406:2600:7:1... 2406:2600:7:100::15	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
5	2404:6800:400... 2404:6800:4003:c11::84	15169 (GOOGLE) (GOOGLE)
5	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	182.161.73.132 182.161.73.132	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	124.146.215.50 124.146.215.50	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	65.8.11.99 65.8.11.99	16509 (AMAZON-02) (AMAZON-02)
1 2	74.125.68.155 74.125.68.155	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2406:2600:7:1... 2406:2600:7:100::1f	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2406:2600:7:1... 2406:2600:7:100::f	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
144	35

1 2a02:4780:3:c141::17 (Singapore) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

link.deimoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700:20::681a:6d (United States)

ASN13335 (CLOUDFLARENET, US)

mbantul.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c06::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.249.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-35.sin52.r.cloudfront.net

compass.adop.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c06::63 (Singapore)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c02::5e (Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c00::5e (Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c02::9d (Singapore)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:da12:fbe:4200:82eb:831e:204f:98bc (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)

data.adop.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4003:c01::9b (Singapore)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c11::9d (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.249.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-123.sin52.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21b4:3200:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2404:6800:4003:c06::84 (Singapore)

ASN15169 (GOOGLE, US)

86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
09c0634fa8c1f8738ac609bf0f754a63.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.179.187.66 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-187-66.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:7:100::9 (Japan) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4003:c03::9c (Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:4::13 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

rtb.jp2.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::15 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

ads.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c11::84 (Singapore)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

cat.sg1.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.50 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.8.11.99 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-8-11-99.kul50.r.cloudfront.net

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.68.155 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2406:2600:7:100::1f (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

imageproxy.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::f (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

csm.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	mbantul.my.id mbantul.my.id — Cisco Umbrella Rank: 639315	1014 KB
25	googlesyndication.com 86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com 09c0634fa8c1f8738ac609bf0f754a63.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	100 KB
21	criteo.net static.criteo.net — Cisco Umbrella Rank: 583 imageproxy.as.criteo.net — Cisco Umbrella Rank: 13532 csm.as.criteo.net — Cisco Umbrella Rank: 12668	366 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	707 KB
10	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 cm.g.doubleclick.net — Cisco Umbrella Rank: 244	281 KB
8	google.com www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 107	34 KB
7	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1383 google-bidout-d.openx.net — Cisco Umbrella Rank: 1387 us-u.openx.net — Cisco Umbrella Rank: 492 jp-u.openx.net — Cisco Umbrella Rank: 9796	2 KB
6	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2114 rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 17168 ads.as.criteo.com — Cisco Umbrella Rank: 12357 cat.sg1.as.criteo.com — Cisco Umbrella Rank: 12627	65 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 387	110 KB
5	adop.cc compass.adop.cc — Cisco Umbrella Rank: 61081 data.adop.cc — Cisco Umbrella Rank: 67483	10 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	108 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	17 KB
2	ladsp.com 2 redirects cr-p3.ladsp.com — Cisco Umbrella Rank: 20164	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 375	970 B
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1538	315 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1019 bcp.crwdcntrl.net — Cisco Umbrella Rank: 952	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 839 id5-sync.com — Cisco Umbrella Rank: 434	18 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	3 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	5 KB
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1091	855 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1553	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1509	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1408	2 KB
1	deimoney.com 1 redirects link.deimoney.com — Cisco Umbrella Rank: 736598	504 B
144	24

	Domain	Requested by
30	mbantul.my.id	mbantul.my.id
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net 86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com tpc.googlesyndication.com mbantul.my.id cdn.ampproject.org
10	imageproxy.as.criteo.net	ads.as.criteo.com
10	static.criteo.net	securepubads.g.doubleclick.net ads.as.criteo.com cdnjs.cloudflare.com static.criteo.net
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net mbantul.my.id
6	www.gstatic.com	www.google.com www.gstatic.com
6	fonts.gstatic.com	fonts.googleapis.com www.google.com
6	www.google.com	mbantul.my.id www.gstatic.com www.google.com tpc.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
3	www.googletagservices.com	compass.adop.cc 86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com
3	cdn.jsdelivr.net	compass.adop.cc securepubads.g.doubleclick.net
3	compass.adop.cc	mbantul.my.id
2	cm.g.doubleclick.net	1 redirects google-bidout-d.openx.net
2	cr-p3.ladsp.com	2 redirects
2	jp-u.openx.net	google-bidout-d.openx.net
2	us-u.openx.net	google-bidout-d.openx.net
2	match.adsrvr.org	2 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects mbantul.my.id
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	data.adop.cc	mbantul.my.id
2	fonts.googleapis.com	mbantul.my.id securepubads.g.doubleclick.net
1	csm.as.criteo.net	ads.as.criteo.com
1	cdnjs.cloudflare.com	ads.as.criteo.com
1	tg.socdm.com	1 redirects
1	cat.sg1.as.criteo.com	ads.as.criteo.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	ads.as.criteo.com	86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com
1	rtb.jp2.as.criteo.com	mbantul.my.id
1	mug.criteo.com	mbantul.my.id
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	09c0634fa8c1f8738ac609bf0f754a63.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	link.deimoney.com	1 redirects
144	42

This site contains no links.

Subject Issuer	Validity	Valid
mbantul.my.id GTS CA 1P5	`2023-05-07` - `2023-08-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
adop.cc Amazon RSA 2048 M01	`2023-02-28` - `2023-10-29`	8 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.jp2.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-08` - `2023-08-10`	3 months	crt.sh
*.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-02` - `2023-08-01`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.sg1.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-03` - `2023-08-05`	3 months	crt.sh
*.as.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-05` - `2023-09-03`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://mbantul.my.id/
Frame ID: 39E8A48359C12DC5DF6B461CC40BDF68
Requests: 38 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfSxJkmAAAAAA8rbxSx4TX6RkToTvqf85auvzSg&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&size=normal&cb=fdpu77j4y8m4
Frame ID: 4270901932DCE6F09CA9922DEA556808
Requests: 8 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/8e606d93-713b-41ab-8a38-28505529c9a1?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=8e606d93-713b-41ab-8a38-28505529c9a1&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=336&size_height=280&
Frame ID: 43BDFD5D01554536BF4B8FF4B52B150E
Requests: 11 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/ee2791d8-e821-4cfc-aae3-2e1c82f20b9d?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=ee2791d8-e821-4cfc-aae3-2e1c82f20b9d&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&
Frame ID: C782DAA9C09F0EB6D20435348F79824A
Requests: 22 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&k=6LfSxJkmAAAAAA8rbxSx4TX6RkToTvqf85auvzSg
Frame ID: 9FF28F430F507FBA9357B07C6C5DC38F
Requests: 3 HTTP requests in this frame

Frame: https://86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: AB8489897F95833BB09C3333DAEB453F
Requests: 1 HTTP requests in this frame

Frame: https://09c0634fa8c1f8738ac609bf0f754a63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: DBB7AEB9F3E9340D0F23C9DE50558BF1
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=mbantul.my.id
Frame ID: B41CEEF2485457314A735B05626EB849
Requests: 2 HTTP requests in this frame

Frame: https://86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 30C839C5CBAF0399C78AB0F0CD2C8423
Requests: 8 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=ZI14vAAGt-gCZo1xAAPj2zuMeQPvCCpTreWTjg&u=%7Ct9H9I%2B%2B1ub2HhpLJbqee3wSn4k4AyWtuG59jR2jGkdw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ud5fiRU0UfH3Y36yURitqwRiXCszE4IMmEOqCXIJsjH9DsDhcFb5GmA2EF8xjPnhTxUDdNu3QkQVFIcDFXKUaBReuJWPzWlTBFDUxVWXMTJQmQRopKpgM3FRbTEkzcZxvl0CEvoiGvZud01HUkF04vx9YKq38eaqJVoTRMPAE3npKjZWyrQkAQdyMA8W37LSciHESewQ1HPaP2e6r22yDfo3e_bZxmfxBDvl6AOaBVHP0WzbZHNqk-ZWcHHxuZLMyv7Hg3_IThzx0wPDUlJqIL3sEOQUALlspr1YAw4uAhBqQ3cZ1jIBqxvVlk0yUnLoSLJD8ZcMvHXct5SepY4FoyzUKUXpJzrkUCn4l4zqJAS-IPl6xvDUm4wK_VDbBRseUgpsHD5JQua6bdmgCrW0rFv_Y4vAnKafjk0EMvs-tLmYlUpfqouSJ53mi6GjEiX6eMsEIzV17IvK7tp-i9xvEuu7lFOH9so8B2gPHLVZD5vZuUwqKxUNe6ztmZi9k6WX8K1EEFJF1ZMajffAY10wd2z-7Cbnajh4aAnXkMVHvFwCw5YadTsVVRtuwU4S7G8Dk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSEqKvHiNZOjvGvGamsMP28ePgAy91O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItNTExMTEzNzE5MTUwNjAxM8gBCeACAKgDAaoEsQJP0DnhIDZbRKpIqwlAPu8VqxHdu1jkBkzUPBYX397rMRtyH-pbFtS_clFuuLW0caKJqw4WQpKqisvyWGWPVvxlCyIBDyIgl99M6ds5M_pH8jTsdZRkuozpaUCy_tJdg4_doRNJ9DexgSkJHwEgqzZ3AL6aLI-KAoX4UUA0iI03zFAu9vu4CMLi9caskkj5KclDwY7z1wyZr7BZdMkY3QZpqB3wiXqczcdG8WJiD1vRBRjUJeJ21mIBsK34l4vzCBD5PFhHfPL9_qACUQpwLObVx7q98LtvJsDHladT9TcLO4pSWJcxVO_2W8Xw9TaqfWbvvNQQJLcnu-3fmV5l_VWuFcC0tp0tRA7EyZOR2lt6CkXdJVHY8PFNXxvebI-hi-ENpkDA9OB3A8RmMPqXS4HGm-AEAYAGoump9_-2oagZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2gfIJKqjDx5DX-VU1A6zNl8ryWSQ%26client%3Dca-pub-5111137191506013%26adurl%3D
Frame ID: 97DC666277103D89FC6BDE4F710D1D9D
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 24FBB1181D7D37B0855608C4E9985DCF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 28F599A7B5C319657E33F249935E6A03
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 66235B808DF4480EDA4EA1C808A40439
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 76F037342AF5DD37CB54C002E85033E2
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs
Frame ID: FD4C128EF4393737565E5DFBBD537F93
Requests: 14 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: F76B5D2F5DEA4BDDE7AE822755C84002
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mbantul – Travel Wanted

Page URL History Show full URLs

https://link.deimoney.com/b17DTQzQ HTTP 302
https://mbantul.my.id/?wpsafelink=hY0L50unkIwApbsCadfEeFlgiHnikME1WakUzVXNoL2NKd2ovUzI5Z1QyOXR1VWJ... Page URL
https://mbantul.my.id/ Page URL
https://mbantul.my.id/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

144
Requests

96 %
HTTPS

58 %
IPv6

24
Domains

42
Subdomains

35
IPs

5
Countries

2863 kB
Transfer

5717 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.deimoney.com/b17DTQzQ HTTP 302
https://mbantul.my.id/?wpsafelink=hY0L50unkIwApbsCadfEeFlgiHnikME1WakUzVXNoL2NKd2ovUzI5Z1QyOXR1VWJtM2U4amYxcHdWQW51Ky9jYmxwbnVOQ3BOQVJJenFPL2Z3UVFFRg== Page URL
https://mbantul.my.id/ Page URL
https://mbantul.my.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://link.deimoney.com/b17DTQzQ HTTP 302
https://mbantul.my.id/?wpsafelink=hY0L50unkIwApbsCadfEeFlgiHnikME1WakUzVXNoL2NKd2ovUzI5Z1QyOXR1VWJtM2U4amYxcHdWQW51Ky9jYmxwbnVOQ3BOQVJJenFPL2Z3UVFFRg==

Request Chain 75

https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp&cc=1

Request Chain 79

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mbantul.my.id&sn=ChromeSyncframe&so=0&topUrl=mbantul.my.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=B1lhQnwzNkp6MmZ0bjFkUENYQmovVGtjcHE5Njh0MlUxUmdDMG9xTWtJR0F3YVNkM3NMZlVCTlFIemRoTzNTMXcyMDJtWGtueEdNUmdmQnFVVlBHVWdyM2h6RmJYSlo5MzE0WGExbWUwcXkzREFINE0yRWRWNUcvVHMyNVVXOUFybVJvbVBZaHhmMzlHaFpPY2k5QXdlS0llZ2Q1bDBzZ3dIZVNBQlFLYXdhN3A2K21zWDY4QmxERm0xU3dFWjRQbXJ1bFg3ajVZbVlNMFRMRlc3Z0ZBNmZSRkI0a3UrQ2ZjL0g4cmlqaVBDM09sb0dndnhISXhtNXh4MVpDcW45TGd5dWpoYVM2UEt4d0lKSTFaWFVrcisySmhXdz09fA&cppv=2

Request Chain 118

https://match.adsrvr.org/track/cmf/openx?oxid=8c963522-90b4-7e1c-df99-9204d015a44b&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=8c963522-90b4-7e1c-df99-9204d015a44b&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=2ae3f734-0150-4849-a38d-77f6734c62fc&ttd_puid=8c963522-90b4-7e1c-df99-9204d015a44b&gdpr=0&gdpr_consent=

Request Chain 119

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZI14vcCo8XwAABb6PpQAAAAA

Request Chain 120

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATTVkG6VDZ8Sks8AD7P3e16GX88AAAGIyJ-jdw

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGoC4bnOJpHK05ZaKXrMVG4&google_cver=1

144 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
mbantul.my.id/
Redirect Chain

https://link.deimoney.com/b17DTQzQ
https://mbantul.my.id/?wpsafelink=hY0L50unkIwApbsCadfEeFlgiHnikME1WakUzVXNoL2NKd2ovUzI5Z1QyOXR1VWJtM2U4amYxcHdWQW51Ky9jYmxwbnVOQ3BOQVJJenFPL2Z3UVFFRg==

555 B
829 B

490ms
478ms

Document
text/html

2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/?wpsafelink=hY0L50unkIwApbsCadfEeFlgiHnikME1WakUzVXNoL2NKd2ovUzI5Z1QyOXR1VWJtM2U4amYxcHdWQW51Ky9jYmxwbnVOQ3BOQVJJenFPL2Z3UVFFRg==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7d8a2a28eca84a2f-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 09:11:22 GMT
link: <https://mbantul.my.id/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G59uxSwUskTUew002gMzrEnyruP9GGRgNN7Mu3fbvIQxrjAWxovQlWuZAqHQjMRZQHHeD6NZsGDMeyKVsoTTJ%2FRT%2FbfqrdcV8zNdp%2Bo2tnnEDSOEeC6rlIIO6UuGCPU9L2xCDvg1voZvKx8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 09:11:21 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://mbantul.my.id/?wpsafelink=hY0L50unkIwApbsCadfEeFlgiHnikME1WakUzVXNoL2NKd2ovUzI5Z1QyOXR1VWJtM2U4amYxcHdWQW51Ky9jYmxwbnVOQ3BOQVJJenFPL2Z3UVFFRg==
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-xss-protection: 1; mode=block

POST
H2 200 /
mbantul.my.id/ 1 KB
1 KB 486ms
486ms Document
text/html 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7d8a2a2c0ffd4a2f-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 09:11:22 GMT
link: <https://mbantul.my.id/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mv17Rd%2BZRceabiHmdJmOui2PNKAJqtjHVyh6%2BM379mOBBCBt8Nglo2qCeYSKQnT3J64wAl5FPgDf%2FPXyoNQ2U0Kju7vY8qFi9xKlIocCzMMMaC4ElMO%2B2FeCdLnTBKqszQDaZtJR6sb13ww%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

POST
H2 200 Primary Request / Show response
mbantul.my.id/ 135 KB
39 KB 602ms
602ms Document
text/html 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

2ee91e885acc47c48fb6eaf0fb8710910538ea9076b0cec4cdf40607443e689c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7d8a2a2f3bca4a2f-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 09:11:23 GMT
link: <https://mbantul.my.id/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bBMsj4G0w%2BzHhbB2zUt9Nx763vMzphyqCnxP71pBPoO%2BxFFMMn5wQXth9BGDPyaVdGnKUOoriQj9o5hB0k2z%2Fu9JSOYx6NzGHj5xP%2FKFmRPstitgwh8%2FEhRghAUsCcjdjvvu8%2BpMvrRqXXQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
mbantul.my.id/wp-includes/css/dist/block-library/ 95 KB
13 KB 16ms
11ms Stylesheet
text/css 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 585475
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Mar 2023 22:52:38 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRQhBkUU9UuBgrrrmZoKFqA9w5yChZ9d50doGWRLZZMtXzGAbMYPeoEwxCTJOWwcWlA6WwYajg9eENMHYUBdj2UFlNFwoY4EwWQxmhGavSCeme8mNKzx%2FUnzuDcVxJJct02HOUEYlwNsGrU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a2a331fed4a2f-SIN
expires: Sat, 17 Jun 2023 14:33:28 GMT

GET
H2 200 classic-themes.min.css
mbantul.my.id/wp-includes/css/ 291 B
567 B 15ms
10ms Stylesheet
text/css 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/css/classic-themes.min.css?ver=6.2.2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 585475
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Feb 2023 19:20:20 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5vWQxrfaA1aDPgnxvsTBshN1O%2Fsf%2BfzFZ%2Bxfd0v3%2FPRxVSlQYra8pRJAXYfcNRzZDlsxbdJ6FdVCFjCn0kPmUofXjY2D4YX0LJbz%2FnS8Cpe3Xnpi%2FjqXkvnBDHdgu%2Bi0tOmD8OwJ3JMSs8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a2a331fee4a2f-SIN
expires: Sat, 17 Jun 2023 14:33:28 GMT

GET
H2 200 style.css
mbantul.my.id/wp-content/themes/gridmax/ 88 KB
14 KB 19ms
14ms Stylesheet
text/css 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/style.css

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

fa400aff1ba4e6e4cec0349e77c2fed917bb698c165da5cd382af08b66d0236c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512668
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KcDVMg%2Fjm1A%2F3AC97C2pJIFT%2BwGiZtVLLQxA76uTBPHBLs%2FeZJeNSo5A4oy4cigl%2FQcua6%2FHGDVyy88%2Fgf7Xj2Q2ewCnOUz2rUn2SqTYFZfvALgCSm1Nmsj0hRZFyYiqjwBkL19n5JhadRM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a2a331fef4a2f-SIN
expires: Sun, 18 Jun 2023 10:46:55 GMT

GET
H2 200 all.min.css
mbantul.my.id/wp-content/themes/gridmax/assets/css/ 56 KB
12 KB 17ms
12ms Stylesheet
text/css 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/css/all.min.css

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512668
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0FC0ZEr%2FZ39h8SrSALagkOuT1lQdB44EEVmILiwG%2BkwpOf8IySLnz0b8dFyZFHIrmzofW3vAGK%2Ff7iyvFioSh2IFlPw5aGwFZIm6Ccg1QnMQK6njUsiMwTZok7n3NIX31gdiQ8I29e0Eb8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a2a331ff14a2f-SIN
expires: Sun, 18 Jun 2023 10:46:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 33ms
7ms Stylesheet
text/css 2404:6800:4003:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ec3bdc51ce9132ed32ab576535b070790bca11357cdc335406e8f4e3a08b1f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 09:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 09:06:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 09:11:23 GMT

GET
H2 200 jquery.min.js Show response
mbantul.my.id/wp-includes/js/jquery/ 88 KB
32 KB 21ms
16ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.4

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 283068
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Mar 2023 17:07:34 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YqZ9R2O4JUS8ymz4lj8QeWJLMgzSGZvxN4af6k7ziCaEW6kO8ttsNeeWzdW9v%2Fnzvw8t%2FLoFTneEsUe%2Fy%2BBYgsj7whmAasWUbbNbydQKOnrhLyigBX5YD%2B2ms2hQYVRVJm%2BZ0WNO4nYNxs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a2a331ff34a2f-SIN
expires: Wed, 21 Jun 2023 02:33:35 GMT

GET
H2 200 jquery-migrate.min.js Show response
mbantul.my.id/wp-includes/js/jquery/ 13 KB
5 KB 17ms
13ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512654
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Feb 2023 19:29:16 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRLUm5tU6GnMNGLcUesgs9a1chQ2iVDv6E7pqaZNsbbHRLLh9iwsY1XJU6RkhWabuUcEdkDuNCHfR6hzKPxtaeUXvZsbP0PlxtlgxNbDdTF9EfFU%2F6twh18IyLQWsZ5YXuAmndHjGouefBo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a2a331ff44a2f-SIN
expires: Sun, 18 Jun 2023 10:47:09 GMT

GET
H2 200 cropped-mbantul.png
mbantul.my.id/wp-content/uploads/2023/05/ 2 KB
3 KB 10ms
10ms Image
image/png 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/05/cropped-mbantul.png

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

a779880a7a0fca0643723032fa2363cd8c8c59d4b35429e6c31523555c84b334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512670
x-powered-by: Niagahoster
content-length: 2489
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:36:28 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dRq2YJPsUfivGMOBjetNksZB%2FQFfVpLXSugZJ2hZE3ohSPoFZzvuYgcXXTcY%2BYbRPTWIGMhfAa8L%2B0vVquOd0vEk9Q0tK7JICjGdPlbpskvUQ6AzZQDPNR%2BmM2Da1NzxLtzgBRnXo0NOvU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a2a3368304a2f-SIN
expires: Sun, 18 Jun 2023 10:46:53 GMT

GET
H2 200 adopJ.js Show response
compass.adop.cc/assets/js/adop/ 3 KB
2 KB 117ms
5ms Script
application/javascript 13.224.249.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compass.adop.cc/assets/js/adop/adopJ.js?v=14
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-35.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: 251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:05:52 GMT
content-encoding: gzip
via: 1.1 81ed70dd2a5a6558bf4a599e654fd8e0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
age: 331
x-cache: Hit from cloudfront
content-length: 1921
last-modified: Tue, 11 May 2021 09:31:17 GMT
server: nginx
etag: W/"609a4ee5-d6b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
x-amz-cf-id: SO8O7znMfJdUuKC8sxGBZaVGc0xr6CG-N6Y1SIt41eZSvuXxuUMi7w==
expires: Sat, 17 Jun 2023 09:15:52 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 853 B
877 B 28ms
10ms Script
text/javascript 2404:6800:4003:c06::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cf6d2a47ebd7c58e47143e23ee4dcacc720793f2f9ed06335bf4dca9cfcfa032

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 557
x-xss-protection: 1; mode=block
expires: Sat, 17 Jun 2023 09:11:23 GMT

GET
H2 200 output-onlinepngtools-5-1.png
mbantul.my.id/wp-content/uploads/2023/05/ 9 KB
10 KB 9ms
9ms Image
image/png 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/05/output-onlinepngtools-5-1.png

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

dc96661cb7584cbb122c4c8d6b7c03519ab94cfd681d614ea67fd7c913a1ce99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 322496
x-powered-by: Niagahoster
content-length: 9505
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 18:41:00 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBcGOlgvD8PbkxkSRgqrK1czElRSgGi3sl2%2FZot6kXy%2FEYQ5Oq6EQEo5RR6W1VUNnPx9uonOwUZ%2Fp5wWxPIdU7njlLjJvpWACWRrYm%2Fp17T3DX2EabkufdIwP9Omkk1iAoyaGHptiVOPFtU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a2a3388494a2f-SIN
expires: Tue, 20 Jun 2023 15:36:27 GMT

GET
H2 200 htmlF_IMG_640d1a95251aa-768x432.jpg
mbantul.my.id/wp-content/uploads/2023/03/ 73 KB
73 KB 10ms
10ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/03/htmlF_IMG_640d1a95251aa-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

13df0d67e4d6ca32a53d2834effb6a431bebcdb7581fadd37219e4712048dfb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509824
x-powered-by: Niagahoster
content-length: 74563
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:47 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zht295M6G3jgvTSx26Fe64CUzSwyW357nncE%2BcV9i6mhdm22QVW7HnlUxksVNB7bYZ0dxSBhr2QtSNjYGpuFWsDu2k6UsQZqeedfUjaeOngRwdZkHdgefZtbF9qbMC3Rm57S0%2Bq3GbPtRAU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a2a33884a4a2f-SIN
expires: Sun, 18 Jun 2023 11:34:19 GMT

GET
H2 200 wp-emoji-release.min.js Show response
mbantul.my.id/wp-includes/js/ 18 KB
5 KB 13ms
13ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 585458
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Wed, 01 Feb 2023 23:23:26 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rp4doYUdBTfYO0kSSev8kbhNl0vsaW%2FdzMdyBz9QgLb50u0r%2B75vapCQCeHwN0x8dms9IHdG0TNviONlrlpdFMO8yRlDgeQqIX0QN9v8UC12GyuedvJklYCWabu7CZbb8xKWl2uaQyYloFU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a2a33884b4a2f-SIN
expires: Sat, 17 Jun 2023 14:33:45 GMT

GET
H2 200 MjQGmil5tffhpBrknt6sfQ.woff2
fonts.gstatic.com/s/maitree/v10/ 20 KB
21 KB 17ms
4ms Font
font/woff2 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/maitree/v10/MjQGmil5tffhpBrknt6sfQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ba346503b6c880ec143e04f39f756e0d916e7f5aac3963dea250a58efca5fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 14:19:13 GMT
x-content-type-options: nosniff
age: 240730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:58:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jun 2024 14:19:13 GMT

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v32/ 35 KB
35 KB 21ms
9ms Font
font/woff2 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 00:26:13 GMT
x-content-type-options: nosniff
age: 204310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35888
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:45:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 00:26:13 GMT

GET
H2 200 rnCu-xZa_krGokauCeNq1wWyWfSFXQ.woff2
fonts.gstatic.com/s/dmseriftext/v12/ 24 KB
24 KB 18ms
6ms Font
font/woff2 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmseriftext/v12/rnCu-xZa_krGokauCeNq1wWyWfSFXQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f05e3c9fcf8085591801fbfa6d4013b6c53c8138308259aa708ba60f7c076f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 23:36:55 GMT
x-content-type-options: nosniff
age: 207268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24520
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:36:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jun 2024 23:36:55 GMT

GET
H2 200 ezgif.com-gif-maker-4.gif
mbantul.my.id/wp-content/uploads/2023/05/ 14 KB
14 KB 19ms
12ms Image
image/gif 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/05/ezgif.com-gif-maker-4.gif

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

91c1d90f072ab61f143920b5b24937967bb326a5fb459aa7b4b2f69b49d2e82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512670
x-powered-by: Niagahoster
content-length: 14474
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 18:41:18 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kL1SnECxCHCu8Ca9%2FljjAt0sINwaAyHNNAmm3io0PSxE6lEbH3Vz%2F6chvi%2BzuusDWVsJaus3CxY6xfpjRLXle3RMd3pX%2BqNw0gTUDd6VhdV4c3R1e3G23bIDSZ5yl3CIDu92ryP8%2Fas4yuk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a2a33f8b34a2f-SIN
expires: Sun, 18 Jun 2023 10:46:53 GMT

GET
H2 200 output-onlinepngtools-9-1.png
mbantul.my.id/wp-content/uploads/2023/05/ 10 KB
10 KB 20ms
13ms Image
image/png 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/05/output-onlinepngtools-9-1.png

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

abb38a30ad549fbf5a2f648263b68a3b04d07a98655a6773d98ee9d1b3cc8040

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512670
x-powered-by: Niagahoster
content-length: 9923
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 18:41:27 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrwrqQWikWdL9QroHZYnRC3imokkdWNw1XwVJu80ASg0ds9k91fLIR2YhnnFkPd4OqAJPhSiPA1up9JDH27T2xCUjflBZzkSYsHdrHUcKV6XRc4CHcb1dEMD94npqlDYlujR7e7WKBtzPNw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a2a33f8b44a2f-SIN
expires: Sun, 18 Jun 2023 10:46:53 GMT

GET
H2 200 jquery.fitvids.min.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 2 KB
1 KB 16ms
9ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/jquery.fitvids.min.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

8570b14bb3216bcfb445442d65095db7428892ea6ed93a1ce3c04e28dbd238ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512666
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjmbNJO6dVDmFLCe66tjRw428qECYdm%2F5AzpVkyUFpVTRmzWt5HDmVwP8ugCQi4HsOU7gifZlzJCC7CsuW4qZmgtktDIfwvPdnGWyeNk7bA3ZzEn2EQBAK%2F6EOj3pHdmmf0uFpje5t28vUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a2a33f8ac4a2f-SIN
expires: Sun, 18 Jun 2023 10:46:57 GMT

GET
H2 200 navigation.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 9 KB
2 KB 14ms
7ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/navigation.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

07af4bc933e742affc6cae5a73418b77e24edd8fda91602e8bd474750a082c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512670
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbQaoGJCoqeLDSFS5a8CtPTjMFvxq9rhNnAkDxZaDuFZd2JD3TwSp7MbRGW4Vii9bEMx1wDr%2BKSMHuncixAsiVY1z4f41GKekBji%2FC%2FdY452wZ4g5EJTUuwxqEHibQUj%2FR5nUgnLUC0Svp0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a2a33f8ad4a2f-SIN
expires: Sun, 18 Jun 2023 10:46:53 GMT

GET
H2 200 skip-link-focus-fix.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 834 B
688 B 17ms
10ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/skip-link-focus-fix.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

5ca257ab8ea720ff657a153f7212034735691282ef8cbfd1af6b6fe9dfb4f536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512666
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85yXdwwFA6PSfKlVF8aRTs7RarBwOcbdC75qa%2BvTb1%2F50%2FeY6YWWQ3nsJtIh9y7d5XhbKBagyDi%2Bulnm6QIEujfiuzsJLKaNn94Cck2EmmZ4q%2FDHmtgpis9ULOs%2BrzHTxw8MtuMslL%2FiLzo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a2a33f8af4a2f-SIN
expires: Sun, 18 Jun 2023 10:46:57 GMT

GET
H2 200 custom.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 6 KB
2 KB 25ms
19ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/custom.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

8b4d5896791236f4048ca105a33c72c0051f42f1aa0eecd999a3244b2f414c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512666
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8nSOi0UIHq2JMicAa2DI0QKYPl8QzrPwiAycYG0hzglIpmNaFOex%2FMhIJNYd6NkjuF0ppznxWOwwlNzl%2FoFGGPNNjsp8ddSk8ToJvOCvjZu98X9lIdjabvk2esKBOuEyGPwISG%2Ffls1l98%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a2a33f8b04a2f-SIN
expires: Sun, 18 Jun 2023 10:46:57 GMT

GET
H2 200 html5shiv.js Show response
mbantul.my.id/wp-content/themes/gridmax/assets/js/ 10 KB
3 KB 20ms
14ms Script
application/javascript 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/js/html5shiv.js

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

04fd74f8655763e2289bb7851aa7de7de225f535a99a1b81908d72c807c5c9b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512667
x-powered-by: Niagahoster
content-encoding: br
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOuQyEn24cZOX%2Fn9SyFxpYJkhQ4J38pm%2B7MT4QKsrsIQFzzhBeo%2FiVTP1gpUCGpNPggS9FKK%2FuWY1N2TRIE92xvwAxbEv27PuXYI4jxiD29QcZMh8Pk596m80jZ5T6%2BCihID%2FMhl9%2FUVL5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7d8a2a33f8b24a2f-SIN
expires: Sun, 18 Jun 2023 10:46:56 GMT

GET
H2 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ 424 KB
169 KB 16ms
5ms Script
text/javascript 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__zh_cn.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4a1461ad7d53e7d43de3dac79c1aa33764451d5edb7eab92c9c23d34e5cf270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 21:20:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 172777
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 21:20:37 GMT

GET
H2 200 fa-solid-900.woff2
mbantul.my.id/wp-content/themes/gridmax/assets/webfonts/ 74 KB
74 KB 11ms
10ms Font
font/woff2 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mbantul.my.id/wp-content/themes/gridmax/assets/webfonts/fa-solid-900.woff2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/wp-content/themes/gridmax/assets/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/wp-content/themes/gridmax/assets/css/all.min.css
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512654
x-powered-by: Niagahoster
content-length: 75728
x-xss-protection: 1; mode=block
last-modified: Sat, 06 May 2023 19:33:49 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kAwsaAmLxHzB880XSr1W5kGeTNuL4f7E6wH1ROIrcOfSeKboFKiY5Bg0SDmmzWNXQMB26oQa9tPBbSDxOIDIGmQWCsuKETpJTcgE%2BqUJwlifq4DehzxzzA4Rv%2BryvNhOPFsZ5k5yeL%2Fqfs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a2a3449174a2f-SIN
expires: Sun, 18 Jun 2023 10:47:09 GMT

GET
H2 200 j8_16_LD37rqfuwxyIuaZhE6cRXOLtm2gfT2hq-M.woff2
fonts.gstatic.com/s/encodesanscondensed/v10/ 21 KB
21 KB 5ms
4ms Font
font/woff2 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesanscondensed/v10/j8_16_LD37rqfuwxyIuaZhE6cRXOLtm2gfT2hq-M.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Encode+Sans+Condensed:400,700|Maitree:400,700|Lora:400,400i,700,700i|DM+Serif+Text:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

140ee2462b736e743b7f9b2dd82f41ecfa63f17a818739fec426067500edb49c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:56:08 GMT
x-content-type-options: nosniff
age: 112515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21560
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:46:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2024 01:56:08 GMT

GET
H2 200 htmlF_IMG_640d18f0dbf9e-768x432.jpg
mbantul.my.id/wp-content/uploads/2023/03/ 84 KB
85 KB 27ms
23ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/03/htmlF_IMG_640d18f0dbf9e-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

c06979a4cb5bea70b9cbe359ed75f8563e12a38d10d91ac3399bb19a452bc4b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509823
x-powered-by: Niagahoster
content-length: 86224
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:46 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9FsiRD4cg2g8XLr5VFibvUOmllWjFhlGBvcWdMHKIU85p868JjmvhgeI5eM2SrEXmby2BQaI%2Fr4Gkn7HNKHJNWwtSGfxckgjrlOao6z8%2FUfMDsVW%2FcgdF5oLsxcwMYThCvFunPCvSXKYiU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a2a3459924a2f-SIN
expires: Sun, 18 Jun 2023 11:34:20 GMT

GET
H2 200 htmlF_IMG_63b5aeca0fad0-768x432.jpg
mbantul.my.id/wp-content/uploads/2023/01/ 107 KB
108 KB 15ms
11ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2023/01/htmlF_IMG_63b5aeca0fad0-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

2e53734a85fa870bb5eb303e2ff523f0c93a8127c219dc3fe9a440a02b0f2f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509831
x-powered-by: Niagahoster
content-length: 109683
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:46 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8IrHqVS1ytBxXYa1mme3fpdduwRXpIxtSg2sMcl4lkQgWIyQEfGHcRSd2AvRb6eDLWHjbJRftTgyw48jt1RN29tZ%2Fq%2FM9Z7cpJKkPS%2BAvKVW2riQEpbGdhriXy0DZiTIwz2yrD%2FQDNTULno%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a2a3459944a2f-SIN
expires: Sun, 18 Jun 2023 11:34:12 GMT

GET
H2 200 htmlF_IMG_63a88155f0de6-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/12/ 87 KB
87 KB 21ms
17ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/12/htmlF_IMG_63a88155f0de6-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

b11c06052c0ccb032b286244a0e21e776377c32855d3ae0223c16249a6435190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509831
x-powered-by: Niagahoster
content-length: 88613
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:45 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkSi8IIdx0LOboGJ%2FUHZnsITc6gt%2F8mVF49xyJNuCKygXMYZqrMY5hqYh%2FWkmAp0%2F%2BCzFeLEkcpCVO7u4yRK0KqwNGsBc1QP1sj49jVUEynvluFip%2FWw%2FxsrPoPS6kNmpzQLkh7133zzWfE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a2a3459964a2f-SIN
expires: Sun, 18 Jun 2023 11:34:12 GMT

GET
H2 200 htmlF_IMG_637a5df9ba5dc-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 81 KB
82 KB 25ms
22ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_637a5df9ba5dc-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

cb5e4259383c4d53ae7c310d8d09cc04bc4f9183ed4cacdbd5c7c376a1ecc52a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509831
x-powered-by: Niagahoster
content-length: 83210
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:45 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uswAXK32XJbFd7LItKOmz59t592Lslx%2B02GA9MQL6KgwmXMnWKkyeLjGePoqKdwMIwPPbuWvJl4ObFiuXQxIpsP9OREJkE1Aaln5NEmj%2BjGsMuc3HxG4WlhVXYu8g33Z3fDivFRc7bXbgFg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a2a3459994a2f-SIN
expires: Sun, 18 Jun 2023 11:34:12 GMT

GET
H2 200 htmlF_IMG_6377521dc4135-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 62 KB
63 KB 18ms
15ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_6377521dc4135-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

b485906163fb2a34e7bbd4f32760f68db3ecf46fb348a6858e441ae80488e9e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509831
x-powered-by: Niagahoster
content-length: 63746
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:44 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FGeo31DaJNFIQ70ZHztQj%2FKhNo4cM4yWtgAbwbmDj8Ds3I8NXFLRKPoXIWqtATRn4FRwgTmdZNZiXJsL0pcI0k0%2FHv6wd2Vgd5kKVenKIxSxQI7AoHHuLe3n3fqdo3S4HviA04VteDD7AA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a2a34599b4a2f-SIN
expires: Sun, 18 Jun 2023 11:34:12 GMT

GET
H2 200 htmlF_IMG_637752093cd90-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 78 KB
78 KB 14ms
10ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_637752093cd90-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

57fbb58ce6eb34fbae7493c70f94d259eab929001321decb9f344577c122e7da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509831
x-powered-by: Niagahoster
content-length: 79469
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:43 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9Ugp4foNn1UCn3JZeW%2BITMctP2nzpAve0ZREc49X%2F3Q8abkKfSDXyvq2n4VbzZrHR7zZ14dxBXDg3jf5vR%2FKlvX8SrhOvGU%2FoiIYShx2oNMkee%2FF6opyp3RK8qNcmjpSNizyxrMbgs6wAI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a2a34599d4a2f-SIN
expires: Sun, 18 Jun 2023 11:34:12 GMT

GET
H2 200 pexels-photo-13593211.jpeg
mbantul.my.id/wp-content/uploads/2022/11/ 34 KB
34 KB 19ms
16ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/pexels-photo-13593211.jpeg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

20afae3f757f75e2da6efbad2565ca9b2fbaeb76b785a2181738c739eeae6be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 511355
x-powered-by: Niagahoster
content-length: 34306
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:55:01 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjDXaF6pgKhXTuJPN5MJDCmtIFqVMiCxEEAVp2juPSH7J34QCam7PVIDbEMgwHPRHtXQVKsbYYJOyhMPZIwLysuiZ2WqJ6%2Bsj5dxA4SSuy2YUpzcmaSimtV%2BykvbeKRHRv5uO%2FInlWY0PHw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a2a34599f4a2f-SIN
expires: Sun, 18 Jun 2023 11:08:49 GMT

GET
H2 200 htmlF_IMG_6377514b6f45f-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 81 KB
82 KB 19ms
16ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_6377514b6f45f-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

7ff7782db141bbb32bf09db5566ac0dc83b7e8c2ceae3406a99333609e18a4a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509823
x-powered-by: Niagahoster
content-length: 83351
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:43 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RbMcd%2BkHVmc%2BZ3KLNXhWoIwxpaIPeSMFujclus0qppToO3mDs2Nj6RlBpYwLll9pxAX3IYFj2LWTBIpmViKM1tR8OPsWJte7d%2F8KqHIAWQGwG9kcS2drE%2F2QJvkWaj21jrzGO7BAoIGw8BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a2a3459a14a2f-SIN
expires: Sun, 18 Jun 2023 11:34:20 GMT

GET
H2 200 htmlF_IMG_63775126768fd-768x432.jpg
mbantul.my.id/wp-content/uploads/2022/11/ 80 KB
80 KB 19ms
17ms Image
image/jpeg 2606:4700:20::681a:6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mbantul.my.id/wp-content/uploads/2022/11/htmlF_IMG_63775126768fd-768x432.jpg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

a8a1fbf8316578527768bf1e2ec9d2803d0b9b73b91147a5f92af8b0913d8c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509830
x-powered-by: Niagahoster
content-length: 81955
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 06 May 2023 17:36:42 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4aPrQKaF3bVS%2FmhY0ibLTKF9JpKcqyXBi4C2iFbaDfP61rnU7VSP61u%2FbNwUxtSHblbKNVJ2f95h25SlhgsonPRaebcEkSg%2BJnXqprJmzNJjY%2BmYoe0lpruH8usyaeaZ8nsoq52rjH%2FHUF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7d8a2a3459af4a2f-SIN
expires: Sun, 18 Jun 2023 11:34:13 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4270 53 KB
30 KB 26ms
25ms Document
text/html 2404:6800:4003:c06::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfSxJkmAAAAAA8rbxSx4TX6RkToTvqf85auvzSg&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&size=normal&cb=fdpu77j4y8m4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__zh_cn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

63e602cfdc90fbc4da68e8e35684a4ed2b41055798e582872c4b6b0c1bd6cf11

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JIQCH9zMUTHZwYVmmatGWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 30029
content-security-policy: script-src 'report-sample' 'nonce-JIQCH9zMUTHZwYVmmatGWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 09:11:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame 4270 55 KB
24 KB 13ms
5ms Stylesheet
text/css 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfSxJkmAAAAAA8rbxSx4TX6RkToTvqf85auvzSg&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&size=normal&cb=fdpu77j4y8m4

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 23:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Jun 2024 23:34:14 GMT

GET
H3 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame 4270 424 KB
169 KB 14ms
6ms Script
text/javascript 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__zh_cn.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4a1461ad7d53e7d43de3dac79c1aa33764451d5edb7eab92c9c23d34e5cf270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 21:20:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 172777
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 21:20:37 GMT

GET
DATA 200
OK truncated
/ Frame 4270 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4270 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4270 2 KB
2 KB 5ms
4ms Image
image/png 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 23:34:59 GMT
x-content-type-options: nosniff
age: 293784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 20 Jun 2023 23:34:59 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4270 15 KB
15 KB 6ms
5ms Font
font/woff2 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 06:31:41 GMT
x-content-type-options: nosniff
age: 182382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 06:31:41 GMT

GET
H2 200 8e606d93-713b-41ab-8a38-28505529c9a1 Show response
compass.adop.cc/RE/ Frame 43BD 9 KB
4 KB 95ms
93ms Script
text/html 13.224.249.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compass.adop.cc/RE/8e606d93-713b-41ab-8a38-28505529c9a1?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=8e606d93-713b-41ab-8a38-28505529c9a1&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=336&size_height=280&
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=hY0L50unkIwApbsCadfEeFlgiHnikME1WakUzVXNoL2NKd2ovUzI5Z1QyOXR1VWJtM2U4amYxcHdWQW51Ky9jYmxwbnVOQ3BOQVJJenFPL2Z3UVFFRg==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-35.sin52.r.cloudfront.net
Software: nginx / PHP/7.4.15
Resource Hash: 173aa3294f51a63750e2402aab87a6683cab37b162468ee97e7bb1c26f641037

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
content-encoding: gzip
via: 1.1 81ed70dd2a5a6558bf4a599e654fd8e0.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-C2
x-powered-by: PHP/7.4.15
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=UTF-8
cache-control: public, max-age=300
content-length: 3016
x-amz-cf-id: 1CYh-A3MQkrKIjsoaCZUEV6PXCR0sDzZc5roJ0_65ASgfmKoe1e9BA==

GET
H2 200 ee2791d8-e821-4cfc-aae3-2e1c82f20b9d Show response
compass.adop.cc/RE/ Frame C782 9 KB
4 KB 110ms
110ms Script
text/html 13.224.249.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://compass.adop.cc/RE/ee2791d8-e821-4cfc-aae3-2e1c82f20b9d?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=ee2791d8-e821-4cfc-aae3-2e1c82f20b9d&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=hY0L50unkIwApbsCadfEeFlgiHnikME1WakUzVXNoL2NKd2ovUzI5Z1QyOXR1VWJtM2U4amYxcHdWQW51Ky9jYmxwbnVOQ3BOQVJJenFPL2Z3UVFFRg==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-35.sin52.r.cloudfront.net
Software: nginx / PHP/7.4.15
Resource Hash: 8a63c305d21e0592ec399dec552e900b22635e3f41236de0e73fb4b40367cfaf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
content-encoding: gzip
via: 1.1 81ed70dd2a5a6558bf4a599e654fd8e0.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-C2
x-powered-by: PHP/7.4.15
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/html; charset=UTF-8
cache-control: public, max-age=300
content-length: 3016
x-amz-cf-id: tf1AHfhpHd153y3DMcQ8adA8L0GFS11I5CgJabIzPf4ArxDmmZPexw==

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4270 105 B
136 B 7ms
6ms Other
text/javascript 2404:6800:4003:c06::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9509957a36947d54d26958f0bc89905ceda0cc08369be140856ae157f65e03cc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfSxJkmAAAAAA8rbxSx4TX6RkToTvqf85auvzSg&co=aHR0cHM6Ly9tYmFudHVsLm15LmlkOjQ0Mw..&hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&size=normal&cb=fdpu77j4y8m4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114
x-xss-protection: 1; mode=block
expires: Sat, 17 Jun 2023 09:11:23 GMT

GET
H2 200 adop_sdk_p4.1.0.min.js Show response
cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/ Frame 43BD 18 KB
8 KB 326ms
9ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/adop_sdk_p4.1.0.min.js

Requested by

Host: compass.adop.cc
URL: https://compass.adop.cc/RE/8e606d93-713b-41ab-8a38-28505529c9a1?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=8e606d93-713b-41ab-8a38-28505529c9a1&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=336&size_height=280&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 17 Jun 2023 09:11:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28066
x-jsd-version: main
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8217
x-served-by: cache-fra-eddf8230031-FRA, cache-qpg1272-QPG
x-jsd-version-type: branch
etag: W/"4750-isEqIF8N2eYoT8i3VVLuvnJTTQc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 43BD 80 KB
27 KB 29ms
14ms Script
text/javascript 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b8911d4e792d19206c15d413cecc1af1e439e2b8f353af427cd5822886a630f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26699
x-xss-protection: 0
server: cafe
etag: 912 / 19525 / 31075400 / config-hash: 4553594699066521459
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 09:11:23 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 9FF2 7 KB
1 KB 9ms
8ms Document
text/html 2404:6800:4003:c06::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&k=6LfSxJkmAAAAAA8rbxSx4TX6RkToTvqf85auvzSg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__zh_cn.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b73ecc4f8b0ed91bcfac90d74c67cae33c07216758522cd8d2ff8388c6537261

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ssdm739eSxoDmZUdc2aa9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1156
content-security-policy: script-src 'report-sample' 'nonce-ssdm739eSxoDmZUdc2aa9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 09:11:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adop_sdk_p4.1.0.min.js Show response
cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/ Frame C782 18 KB
8 KB 285ms
10ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/adop_sdk_p4.1.0.min.js

Requested by

Host: compass.adop.cc
URL: https://compass.adop.cc/RE/ee2791d8-e821-4cfc-aae3-2e1c82f20b9d?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=ee2791d8-e821-4cfc-aae3-2e1c82f20b9d&type=re&loc=https%253A%2F%2Fmbantul.my.id%2F&rnd=&percentage=false&size_width=300&size_height=250&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 17 Jun 2023 09:11:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28066
x-jsd-version: main
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8217
x-served-by: cache-fra-eddf8230031-FRA, cache-qpg1272-QPG
x-jsd-version-type: branch
etag: W/"4750-isEqIF8N2eYoT8i3VVLuvnJTTQc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame C782 79 KB
26 KB 16ms
15ms Script
text/javascript 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51d2f99015e34119585057c95b70f150596337fc4c2dcbfd9a9f6940839d25f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26469
x-xss-protection: 0
server: cafe
etag: 733 / 19525 / 31075377 / config-hash: 4553594699066521459
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 09:11:23 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame 9FF2 55 KB
24 KB 6ms
6ms Stylesheet
text/css 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&k=6LfSxJkmAAAAAA8rbxSx4TX6RkToTvqf85auvzSg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 23:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Jun 2024 23:34:14 GMT

GET
H3 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame 9FF2 424 KB
169 KB 10ms
9ms Script
text/javascript 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__zh_cn.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=SglpK98hSCn2CroR0bKRSJl5&k=6LfSxJkmAAAAAA8rbxSx4TX6RkToTvqf85auvzSg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4a1461ad7d53e7d43de3dac79c1aa33764451d5edb7eab92c9c23d34e5cf270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 21:20:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 172777
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 21:20:37 GMT

GET
H2 200 collect.php
data.adop.cc/ Frame 43BD 0
139 B 468ms
85ms Image
text/html 2406:da12:fbe:4200:82eb:831e:204f:98bc
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjMwNjE3MDkxMTIzIiwiY3RyeSI6IlNHIiwiYWNpZCI6IlNHLTIzMDYxNzA5MTEyMy05ZTdiYjMxMjM1YTY0OGI4IiwibmV0IjoiR29vZ2xlIEFNIDM2MCIsInppZCI6IjhlNjA2ZDkzLTcxM2ItNDFhYi04YTM4LTI4NTA1NTI5YzlhMSIsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTMzIFNhZmFyaS81MzcuMzYiLCJicm93IjoiQ2hyb21lIiwiZGV2IjoiZGVza3RvcCIsIm9zIjoiV2luZG93cyIsImlwIjoiMTAzLjI1NC4xNTMuMjA2IiwiZmxvYyI6Imh0dHBzOi8vbWJhbnR1bC5teS5pZC8iLCJmcCI6IjAiLCJjZHQiOiIyMzA2MTcwOTExMjMiLCJkaXIiOiJ2IiwidHAiOiJyZSIsInJlZiI6IiIsInRpdGxlIjoiTWJhbnR1bCUyMCVFMiU4MCU5MyUyMFRyYXZlbCUyMFdhbnRlZCIsImxvZyI6ImJhc2ljIn0%3D&aid=cfaae875-89ad-4624-b24f-4c6727e1192d&r=gQFTngf
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da12:fbe:4200:82eb:831e:204f:98bc Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 collect.php
data.adop.cc/ Frame C782 0
140 B 458ms
85ms Image
text/html 2406:da12:fbe:4200:82eb:831e:204f:98bc
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjMwNjE3MDkxMTIzIiwiY3RyeSI6IlNHIiwiYWNpZCI6IlNHLTIzMDYxNzA5MTEyMy05ZTdiYjMxMjM1YTY0OGI4IiwibmV0IjoiR29vZ2xlIEFNIDM2MCIsInppZCI6ImVlMjc5MWQ4LWU4MjEtNGNmYy1hYWUzLTJlMWM4MmYyMGI5ZCIsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTMzIFNhZmFyaS81MzcuMzYiLCJicm93IjoiQ2hyb21lIiwiZGV2IjoiZGVza3RvcCIsIm9zIjoiV2luZG93cyIsImlwIjoiMTAzLjI1NC4xNTMuMjA2IiwiZmxvYyI6Imh0dHBzOi8vbWJhbnR1bC5teS5pZC8iLCJmcCI6IjAiLCJjZHQiOiIyMzA2MTcwOTExMjMiLCJkaXIiOiJ2IiwidHAiOiJyZSIsInJlZiI6IiIsInRpdGxlIjoiTWJhbnR1bCUyMCVFMiU4MCU5MyUyMFRyYXZlbCUyMFdhbnRlZCIsImxvZyI6ImJhc2ljIn0%3D&aid=4ebca61b-8cf8-4b91-b33f-b5424c04a4e4&r=7zlTcnT
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da12:fbe:4200:82eb:831e:204f:98bc Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/ Frame 43BD 411 KB
127 KB 18ms
5ms Script
text/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f295fdb1019a3c2ff2479582f5eda1915c67e8d8634f8b089920f86b6cc4fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 08:43:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1652
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129960
x-xss-protection: 0
server: cafe
etag: 10643696450713337328
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 16 Jun 2024 08:43:52 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 43BD 745 B
892 B 19ms
6ms XHR
application/json 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mbantul.my.id

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0ed0d0ccb64055823201e1f6c99367ae0762d748d2ccb92afd6028a659afe01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 349
x-xss-protection: 0
expires: Sat, 17 Jun 2023 09:11:24 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/ Frame C782 408 KB
126 KB 10ms
8ms Script
text/javascript 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e190fdf47cb7389e127605fc34bfb1bfc74281d5264501b79f2779008a2ae73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 15:37:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63247
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128933
x-xss-protection: 0
server: cafe
etag: 1396361306703029922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 15 Jun 2024 15:37:17 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame C782 745 B
510 B 12ms
11ms XHR
application/json 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mbantul.my.id

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0ed0d0ccb64055823201e1f6c99367ae0762d748d2ccb92afd6028a659afe01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 349
x-xss-protection: 0
expires: Sat, 17 Jun 2023 09:11:24 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C782 107 B
456 B 19ms
7ms Script
application/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mbantul.my.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ Frame C782 732 B
557 B 5ms
3ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 17 Jun 2023 09:11:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 35505
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-qpg1272-QPG
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ Frame C782 59 KB
17 KB 31ms
16ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 06 Jun 2023 14:15:50 GMT
server: cloudflare
x-amz-request-id: T8J3DT7WB4S5JZKT
age: 1067
etag: W/"8c1740edd46834c66e82586d99a9e74c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7d8a2a3969584053-SIN
x-amz-id-2: /XDMeRybeuOlPS+oIg4dcva+xV3VzmUqOpSw0+TvTW74Htkdic+g9SNiTIfDyDPnPNKAt4RQ9xE=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ Frame C782 2 KB
2 KB 25ms
6ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 08:16:41 GMT
via: 1.1 google
age: 3283
x-guploader-uploadid: ADPycdventmwZtix78qzZTWaGabXR-09ZXRErsdEl0dK4REBi_MnA4lg_HxOGNWTIbnXBcr6n9f7ClWzRQ6nLVEm0JlVVZ95sQ1S
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Sat, 17 Jun 2023 09:16:41 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ Frame C782 38 KB
12 KB 26ms
5ms Script
text/javascript 13.224.249.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-123.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 19:17:43 GMT
content-encoding: gzip
via: 1.1 a6f10891bf05ce2d27b04a152b14cf00.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 50022
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: ik7Rg8HnLCIeukNlyaIcJT27SWNWKPL82lGM_boDIGQAfdiJGMNpOA==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ Frame C782 2 KB
2 KB 146ms
5ms Script
text/javascript 2600:9000:21b4:3200:a:e047:753:be1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21b4:3200:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: null
Date: Sat, 17 Jun 2023 01:41:33 GMT
Via: 1.1 7e15719c90fc4193eff06d80a6052924.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN52-C2
Age: 27069
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: gx7p3PaJPB9IYYFNYpYtBuQufhh5hQAdk6eYYUaPa6L8I6YkoBGdlQ==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ Frame C782 24 KB
8 KB 27ms
6ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 20:11:38 GMT
content-encoding: gzip
age: 219586
x-guploader-uploadid: ADPycdsTaF-0FG5Q9k9GvC_lEJckuziayyxobwILbsf-Bn90-z_2NU6x5vy5uFHuuTGKRggpdRyHd5UgEHZYDsoMLr-cVg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 13 Jun 2024 20:11:38 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ Frame C782 42 KB
13 KB 138ms
66ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Jun 2023 09:11:24 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C782 30 KB
12 KB 347ms
344ms XHR
text/plain 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3155151808706453&correlator=3104675843012169&eid=31075351%2C31075377&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fifs&iu_parts=223513049%3A22912905838%2Cca-pub-5111137191506013-tag%2Cmbantul_display_300x250-1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=3886445635&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=mbantul.my.id&abxe=1&dt=1686993084381&dlt=1686993083809&idt=533&adxs=650&adys=2104&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=4qvif588l1t0&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=mbantul.my.id&loc=https%3A%2F%2Fmbantul.my.id%2F&top=mbantul.my.id&frm=23&vis=1&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=363998018.1686993084&ga_sid=1686993084&ga_hid=1780937391&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYyr_-xIwxSABSAghkEhkKCnB1YmNpZC5vcmcYyr_-xIwxSABSAghkEhcKCHJ0YmhvdXNlGMq__sSMMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjLv_7EjDFIAFICCGQSGQoKdWlkYXBpLmNvbRjKv_7EjDFIAFICCGQSFAoFb3BlbngYy7_-xIwxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjKv_7EjDFIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5b847fc1abe54577490f4b28ee1278a323d2db5739158be48fc9ce07b66a853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12438
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mbantul.my.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AB84 6 KB
3 KB 23ms
5ms Document
text/html 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 09:11:24 GMT
expires: Sun, 16 Jun 2024 09:11:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 43BD 107 B
165 B 8ms
7ms Script
application/javascript 2404:6800:4003:c11::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mbantul.my.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 43BD 57 KB
13 KB 373ms
373ms XHR
text/plain 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1317537306299347&correlator=1168732872360977&eid=31075400%2C31070232&output=ldjh&gdfp_req=1&vrg=202306150101&ptt=17&impl=fifs&iu_parts=223513049%3A22912905838%2Cca-pub-5111137191506013-tag%2Cmbantul_display_336x280&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280&ifi=1&adks=1873320356&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=mbantul.my.id&abxe=1&dt=1686993084447&dlt=1686993083798&idt=617&adxs=632&adys=116&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=0&ucis=jjgcievdiywj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=mbantul.my.id&loc=https%3A%2F%2Fmbantul.my.id%2F&top=mbantul.my.id&frm=23&vis=1&psz=336x0&msz=336x0&fws=256&ohw=0&ea=0&ga_vid=894031476.1686993084&ga_sid=1686993084&ga_hid=271528643&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYyr_-xIwxSABSAghkEhkKCnB1YmNpZC5vcmcYyr_-xIwxSABSAghkEhcKCHJ0YmhvdXNlGMq__sSMMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjLv_7EjDFIAFICCGQSGQoKdWlkYXBpLmNvbRjKv_7EjDFIAFICCGQSFAoFb3BlbngYy7_-xIwxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjKv_7EjDFIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90561a7c084e326f220d5120b274b6f10ae2a032d61e76572c3ba9ae46994663

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13644
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mbantul.my.id
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
09c0634fa8c1f8738ac609bf0f754a63.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DBB7 6 KB
3 KB 18ms
7ms Document
text/html 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://09c0634fa8c1f8738ac609bf0f754a63.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 09:11:24 GMT
expires: Sun, 16 Jun 2024 09:11:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ Frame C782 221 B
315 B 1178ms
1177ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 29af392ef88ca87f7c927419fce879c3a5547c11bb3d01e88b34ad947ac503c1

Request headers

Referer: https://mbantul.my.id/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 17 Jun 2023 09:11:26 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 39e3d8f85094d850eadc11d0fcaf6622
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 547ms
298ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mbantul.my.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://mbantul.my.id
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Sat, 17 Jun 2023 09:11:24 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: 93fd505d985acc10472663f004463a0c

GET
H2

200

esp Show response
oajs.openx.net/ Frame C782
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp&cc=1

85 B
202 B

211ms
210ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp&cc=1
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 3e361059b8c93a198d99a07937e7b30993d8316783cd56acae4e047b1e40c4c8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-NagGOysV6PWcdjD0PFAf26YqHAc"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mbantul.my.id
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sat, 17 Jun 2023 09:11:24 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://mbantul.my.id
location: /esp?url=https%3A%2F%2Fmbantul.my.id%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ Frame C782 0
322 B 989ms
327ms XHR
text/plain 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://mbantul.my.id/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://mbantul.my.id
date: Sat, 17 Jun 2023 09:11:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame C782 235 B
693 B 48ms
21ms XHR
application/json 54.179.187.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.179.187.66 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-179-187-66.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: de2621ded267cc8ccaab09b6b4db14841d6f4f4328b211e40f7dd6598b4fd9d7

Request headers

Referer: https://mbantul.my.id/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:11:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://mbantul.my.id
cache-control: no-cache
x-server: 10.42.27.210
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B41C 15 KB
6 KB 18ms
4ms Document
text/html 2406:2600:7:100::9
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=mbantul.my.id

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 09:11:23 GMT
server: Kestrel
server-processing-duration-in-ticks: 274857
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame B41C
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mbantul.my.id&sn=ChromeSyncframe&so=0&topUrl=mbantul.my.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=B1lhQnwzNkp6MmZ0bjFkUENYQmovVGtjcHE5Njh0MlUxUmdDMG9xTWtJR0F3YVNkM3NMZlVCTlFIemRoTzNTMXcyMDJtWGtueEdNUmdmQnFVVlBHVWdyM2h6RmJYSlo5MzE0WGExbWUwcXkzREFINE0yRWRWNUcvVHMyNV...

428 B
654 B

20ms
5ms

Fetch
application/json

182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=B1lhQnwzNkp6MmZ0bjFkUENYQmovVGtjcHE5Njh0MlUxUmdDMG9xTWtJR0F3YVNkM3NMZlVCTlFIemRoTzNTMXcyMDJtWGtueEdNUmdmQnFVVlBHVWdyM2h6RmJYSlo5MzE0WGExbWUwcXkzREFINE0yRWRWNUcvVHMyNVVXOUFybVJvbVBZaHhmMzlHaFpPY2k5QXdlS0llZ2Q1bDBzZ3dIZVNBQlFLYXdhN3A2K21zWDY4QmxERm0xU3dFWjRQbXJ1bFg3ajVZbVlNMFRMRlc3Z0ZBNmZSRkI0a3UrQ2ZjL0g4cmlqaVBDM09sb0dndnhISXhtNXh4MVpDcW45TGd5dWpoYVM2UEt4d0lKSTFaWFVrcisySmhXdz09fA&cppv=2

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

7039bc2296e2e6b02d2ec8e64344ad0b6a54867ef02c604a288c57e504981e99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:11:23 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1070792
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:11:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=B1lhQnwzNkp6MmZ0bjFkUENYQmovVGtjcHE5Njh0MlUxUmdDMG9xTWtJR0F3YVNkM3NMZlVCTlFIemRoTzNTMXcyMDJtWGtueEdNUmdmQnFVVlBHVWdyM2h6RmJYSlo5MzE0WGExbWUwcXkzREFINE0yRWRWNUcvVHMyNVVXOUFybVJvbVBZaHhmMzlHaFpPY2k5QXdlS0llZ2Q1bDBzZ3dIZVNBQlFLYXdhN3A2K21zWDY4QmxERm0xU3dFWjRQbXJ1bFg3ajVZbVlNMFRMRlc3Z0ZBNmZSRkI0a3UrQ2ZjL0g4cmlqaVBDM09sb0dndnhISXhtNXh4MVpDcW45TGd5dWpoYVM2UEt4d0lKSTFaWFVrcisySmhXdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2266976
content-length: 0
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 43BD 14 KB
11 KB 23ms
13ms XHR
application/json 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33579e8aa974b90e68ed582cf8fcab8ae6878138c1a80ada32b62c5a6b6301f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11151
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C782 14 KB
11 KB 19ms
12ms XHR
application/json 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306130101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

504874196ca1112fb3be5587e8295b11ea4889a98cdb9ff576e53b2751f9b912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11207
x-xss-protection: 0

GET
H2 200 container.html Show response
86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 30C8 6 KB
3 KB 5ms
4ms Document
text/html 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 09:11:24 GMT
expires: Sun, 16 Jun 2024 09:11:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C782 17 KB
7 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js?cb=31075377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 09:11:24 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 43BD 17 KB
6 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 09:11:24 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 30C8 0
0 18ms
17ms Fetch
text/html 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CsWTEvHiNZOjvGvGamsMP28ePgAy91O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItNTExMTEzNzE5MTUwNjAxM8gBCeACAKgDAaoErgJP0DnhIDZbRKpIqwlAPu8VqxHdu1jkBkzUPBYX397rMRtyH-pbFtS_clFuuLW0caKJqw4WQpKqisvyWGWPVvxlCyIBDyIgl99M6ds5M_pH8jTsdZRkuozpaUCy_tJdg4_doRNJ9DexgSkJHwEgqzZ3AL6aLI-KAoX4UUA0iI03zFAu9vu4CMLi9caskkj5KclDwY7z1wyZr7BZdMkY3QZpqB3wiXqczcdG8WJiD1vRBRjUJeJ21mIBsK34l4vzCBD5PFhHfPL9_qACUQpwLObVx7q98LtvJsDHladT9TcLO4pSWJcxVO_2W8Xw9TaqfWbvvNQQJLcnu-3fmV5l_VWuFcC0tp0tRA6Gy7IDW5DXZL9wWOAI30S1FQzUmYaPk3Gqbm91Bl9pL9zl3k_5seAEAYAGoump9_-2oagZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTExMTEzNzE5MTUwNjAxMxjR1CI&sigh=ZY7aDaQpP-E&uach_m=[UACH]&cid=CAQSTABygQiD2O4Yb98rvCZqdCL66PR60F7TovoLdFUWuo-1LwKRb8nqNuzs5Ghu4nyhqa2Ox6lKGlymP4SjB-4pnENz4XOuS0TceqQEz_gYAQ
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=hY0L50unkIwApbsCadfEeFlgiHnikME1WakUzVXNoL2NKd2ovUzI5Z1QyOXR1VWJtM2U4amYxcHdWQW51Ky9jYmxwbnVOQ3BOQVJJenFPL2Z3UVFFRg==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c01::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 notify
rtb.jp2.as.criteo.com/google/auction/ Frame 30C8 0
0 566ms
188ms Fetch 2406:2600:4::13
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kIHWFNj-BqwC-gHgvNldAgAAAIXwaQj0k2FkELx4jWRqtFWTcXTY8uNWAAASAAAKCkFRVUREUUVCRFE&wp=ZI14vAAGt-gCZo1xAAPj2zuMeQPvCCpTreWTjg

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/?wpsafelink=hY0L50unkIwApbsCadfEeFlgiHnikME1WakUzVXNoL2NKd2ovUzI5Z1QyOXR1VWJtM2U4amYxcHdWQW51Ky9jYmxwbnVOQ3BOQVJJenFPL2Z3UVFFRg==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::13 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 172622
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame 97DC 213 KB
57 KB 232ms
148ms Document
text/html 2406:2600:7:100::15
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=ZI14vAAGt-gCZo1xAAPj2zuMeQPvCCpTreWTjg&u=%7Ct9H9I%2B%2B1ub2HhpLJbqee3wSn4k4AyWtuG59jR2jGkdw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ud5fiRU0UfH3Y36yURitqwRiXCszE4IMmEOqCXIJsjH9DsDhcFb5GmA2EF8xjPnhTxUDdNu3QkQVFIcDFXKUaBReuJWPzWlTBFDUxVWXMTJQmQRopKpgM3FRbTEkzcZxvl0CEvoiGvZud01HUkF04vx9YKq38eaqJVoTRMPAE3npKjZWyrQkAQdyMA8W37LSciHESewQ1HPaP2e6r22yDfo3e_bZxmfxBDvl6AOaBVHP0WzbZHNqk-ZWcHHxuZLMyv7Hg3_IThzx0wPDUlJqIL3sEOQUALlspr1YAw4uAhBqQ3cZ1jIBqxvVlk0yUnLoSLJD8ZcMvHXct5SepY4FoyzUKUXpJzrkUCn4l4zqJAS-IPl6xvDUm4wK_VDbBRseUgpsHD5JQua6bdmgCrW0rFv_Y4vAnKafjk0EMvs-tLmYlUpfqouSJ53mi6GjEiX6eMsEIzV17IvK7tp-i9xvEuu7lFOH9so8B2gPHLVZD5vZuUwqKxUNe6ztmZi9k6WX8K1EEFJF1ZMajffAY10wd2z-7Cbnajh4aAnXkMVHvFwCw5YadTsVVRtuwU4S7G8Dk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSEqKvHiNZOjvGvGamsMP28ePgAy91O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItNTExMTEzNzE5MTUwNjAxM8gBCeACAKgDAaoEsQJP0DnhIDZbRKpIqwlAPu8VqxHdu1jkBkzUPBYX397rMRtyH-pbFtS_clFuuLW0caKJqw4WQpKqisvyWGWPVvxlCyIBDyIgl99M6ds5M_pH8jTsdZRkuozpaUCy_tJdg4_doRNJ9DexgSkJHwEgqzZ3AL6aLI-KAoX4UUA0iI03zFAu9vu4CMLi9caskkj5KclDwY7z1wyZr7BZdMkY3QZpqB3wiXqczcdG8WJiD1vRBRjUJeJ21mIBsK34l4vzCBD5PFhHfPL9_qACUQpwLObVx7q98LtvJsDHladT9TcLO4pSWJcxVO_2W8Xw9TaqfWbvvNQQJLcnu-3fmV5l_VWuFcC0tp0tRA7EyZOR2lt6CkXdJVHY8PFNXxvebI-hi-ENpkDA9OB3A8RmMPqXS4HGm-AEAYAGoump9_-2oagZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2gfIJKqjDx5DX-VU1A6zNl8ryWSQ%26client%3Dca-pub-5111137191506013%26adurl%3D

Requested by

Host: 86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com
URL: https://86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::15 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

eb7103bf7d91b3d3f4239e48ef6ced534cb90b4e81051183d341f19d9f9bf8ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 09:11:23 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=imGr_doHMZIs1H19jqX4y6X51nK7s7NJ4iiVPWdhOjmx_62ufafxtN7Wm9Srp3VZaZOSYFgnpL9Z_3c8lePDF9iE1O4xnmZp0P9kOOh-ORgeUuVHAfksUwxkXzSPNSF_bed4SG-x7MbocsxrKLy5o9b5Jv552wlSccK5fmf6z1Pvmoa5DovVxqQGitX_a3LaE_5TCojdkK6Qb_vt2xaWS3WB_8us6lNdiGgy7ulO5xlXmQDyWUkOL63ZEwZnJrSXjxB29A"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 90419956
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 30C8 3 KB
1 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: 86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com
URL: https://86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:54:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:54:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 30C8 19 KB
8 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com
URL: https://86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 01:18:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 01:18:01 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 30C8 24 KB
6 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com
URL: https://86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:51:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 148817
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Jun 2024 15:51:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 30C8 178 KB
56 KB 9ms
8ms Script
text/javascript 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com
URL: https://86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 09:11:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 24FB 13 KB
5 KB 6ms
4ms Document
text/html 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 188111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 04:56:13 GMT
expires: Fri, 14 Jun 2024 04:56:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 28F5 783 B
535 B 12ms
9ms Document
text/html 2404:6800:4003:c06::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0e1e3a55fd7710829d4c7014bb0db352c492b9980efad2ef87f3895edcbb784c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XTKczEeyO3k13uTsNwn53g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-XTKczEeyO3k13uTsNwn53g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 09:11:24 GMT
expires: Sat, 17 Jun 2023 09:11:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6623 13 KB
5 KB 5ms
4ms Document
text/html 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 188111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 04:56:13 GMT
expires: Fri, 14 Jun 2024 04:56:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 76F0 783 B
533 B 7ms
6ms Document
text/html 2404:6800:4003:c06::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

204e5be2226be7d737a8f1ac1629127dc17c6ff7d9aebebaa5ff3787f089e8c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e1nk-ZZ-NzfPhpFvqpSGbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-e1nk-ZZ-NzfPhpFvqpSGbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 09:11:24 GMT
expires: Sat, 17 Jun 2023 09:11:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 30C8 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5dd299c07b2ec1da97101ad01d6870098292024a47f355a9cb50f793cc70f8a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012305252018000/ Frame FD4C 222 KB
60 KB 35ms
13ms Script
text/javascript 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4135cd61dfa379bb61b0718f3a20dc8b25d0b8f4e3f2e52ef4d0e5be736136c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Jun 2023 21:15:47 GMT
age: 215737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61795
x-xss-protection: 0
server: sffe
etag: "7347aa4c83612bf7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Jun 2024 21:15:47 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame FD4C 15 KB
5 KB 31ms
9ms Script
text/javascript 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Jun 2023 21:15:47 GMT
age: 215737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5238
x-xss-protection: 0
server: sffe
etag: "6efdfbd3c81d03c9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Jun 2024 21:15:47 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame FD4C 94 KB
29 KB 25ms
4ms Script
text/javascript 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Jun 2023 21:15:47 GMT
age: 215737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28864
x-xss-protection: 0
server: sffe
etag: "51fe97ef57b83921"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Jun 2024 21:15:47 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame FD4C 5 KB
2 KB 30ms
8ms Script
text/javascript 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Jun 2023 21:15:47 GMT
age: 215737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1896
x-xss-protection: 0
server: sffe
etag: "9635e780e0a5dede"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Jun 2024 21:15:47 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame FD4C 40 KB
13 KB 32ms
11ms Script
text/javascript 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 17 Jun 2023 07:08:03 GMT
age: 7401
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12956
x-xss-protection: 0
server: sffe
etag: "bd37dd4c3b7b688b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Jun 2024 07:08:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FD4C 14 KB
1 KB 8ms
7ms Stylesheet
text/css 2404:6800:4003:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 09:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 08:34:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 09:11:24 GMT

GET
H3 200 zh_cn.png
tpc.googlesyndication.com/pagead/images/cn/ Frame FD4C 995 B
1019 B 5ms
4ms Image
image/png 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/cn/zh_cn.png

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb8e4f901a4800bd014c125c65d76cfdd48058f0412a1f72ddbd613cd4d1db4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:26:17 GMT
x-content-type-options: nosniff
server: cafe
age: 24307
etag: 17250068716606301561
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 995
x-xss-protection: 0
expires: Sun, 18 Jun 2023 02:26:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/cn/ Frame FD4C 334 B
358 B 5ms
5ms Image
image/png 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/cn/icon.png

Requested by

Host: mbantul.my.id
URL: https://mbantul.my.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a43ee2cbb716633cd21633b3895bb8dcba40b348f5b3c48080d1d85a98b91521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:26:38 GMT
x-content-type-options: nosniff
server: cafe
age: 13486
etag: 16151473764464638424
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Sun, 18 Jun 2023 05:26:38 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FD4C 0
0 18ms
17ms Image
text/html 2404:6800:4003:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJjVdvHiNZLWJHqizz7sPuKGjgAKnmvL0ZJ2CpPWxEcCNtwEQASCZtYlDYJ0BoAGEzKHhAsgBAeACAKgDAcgDCqoElwJP0IDGXb6kSTKAPmgVphdxnHeFvkhTblxPgP1R0Zx0826MvZHQHqrpzwiTkgZB9lh6WvOzOwVL02UYDEaScHwxNrSCYf78jIPInXvrPfk_cEalLIe_XZu8HqqYmTAktbcEaVz7bckW2qXWjZL7uVc-vp0XcFk4KQadKRVfdIG_8HECaenXvQB0_N2ln_6N3PEJgu5D_Lf4wFN3KHwuBnS_KlTv12G_wfW07MOtYuFm0oTS_iiDyquZnlMPVTGUuXsKDoQhTMPuI2wF93Zg35Hjkzusj-_i8NzsAZlOnY4Mdv2rVwvcMYtOs18Ioupdt8Qgs8AwvNb8mVC9IEuQpHLOQpKXw44IbQIcQSIxKNMbdO5nhc2vfujABJK0j6nKA-AEAZIFBAgEGAGSBQQIBRgEgAfks96eAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEM2lKdIIFAiAYRABGB0yAooCOgKAQEi9_cE6gAoDyAsB2BMK0BUBmBYBgBcBshceChwIABIUcHViLTY1MTQxNDU4OTEzOTcyMTgY0dQi&sigh=X7_96p48LDM&uach_m=[UACH]&cid=CAQSTABygQiDLSiY8nvhxsN4MPjYaY_z89bGLCM2N28NSDM948KxT1MDk5JA64gAYQt5RlAY8X1zRUpn84H5q5Tnzpwv8uYkIP83psF2KT4YAQ
Requested by: Host: mbantul.my.id
URL: https://mbantul.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c01::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame FD4C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dc18f75b8ee4c0b3f1ba5e884da3635675e49d5c88d21105ffd827266615c2e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame FD4C 33 KB
33 KB 7ms
7ms Font
font/woff2 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mbantul.my.id
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:33:17 GMT
x-content-type-options: nosniff
age: 157087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 13:33:17 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame F76B 484 B
736 B 30ms
13ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 3fd5d14dbdbbfc2dd046575c55e36af46c5490b6c1074c07672f493240b4c597

Request headers

Referer: https://mbantul.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 309
content-type: text/html
date: Sat, 17 Jun 2023 09:11:25 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 28F5 0
0 13ms
5ms Image
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306130101&jk=3155151808706453&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 76F0 0
0 13ms
5ms Image
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306150101&jk=1317537306299347&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame 24FB 37 KB
14 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 04:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 04:59:46 GMT

GET
H3 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame 6623 37 KB
14 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 04:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 04:59:46 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 97DC 2 KB
1 KB 34ms
33ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZI14vAAGt-gCZo1xAAPj2zuMeQPvCCpTreWTjg&u=%7Ct9H9I%2B%2B1ub2HhpLJbqee3wSn4k4AyWtuG59jR2jGkdw%3D%7C&c1=jWCgqsKSUoXV4BApc600hDmuoLfpfMVBJoxIoA-qWR4bgEddujZi6tAtxpsXcd2ud5fiRU0UfH3Y36yURitqwRiXCszE4IMmEOqCXIJsjH9DsDhcFb5GmA2EF8xjPnhTxUDdNu3QkQVFIcDFXKUaBReuJWPzWlTBFDUxVWXMTJQmQRopKpgM3FRbTEkzcZxvl0CEvoiGvZud01HUkF04vx9YKq38eaqJVoTRMPAE3npKjZWyrQkAQdyMA8W37LSciHESewQ1HPaP2e6r22yDfo3e_bZxmfxBDvl6AOaBVHP0WzbZHNqk-ZWcHHxuZLMyv7Hg3_IThzx0wPDUlJqIL3sEOQUALlspr1YAw4uAhBqQ3cZ1jIBqxvVlk0yUnLoSLJD8ZcMvHXct5SepY4FoyzUKUXpJzrkUCn4l4zqJAS-IPl6xvDUm4wK_VDbBRseUgpsHD5JQua6bdmgCrW0rFv_Y4vAnKafjk0EMvs-tLmYlUpfqouSJ53mi6GjEiX6eMsEIzV17IvK7tp-i9xvEuu7lFOH9so8B2gPHLVZD5vZuUwqKxUNe6ztmZi9k6WX8K1EEFJF1ZMajffAY10wd2z-7Cbnajh4aAnXkMVHvFwCw5YadTsVVRtuwU4S7G8Dk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSEqKvHiNZOjvGvGamsMP28ePgAy91O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItNTExMTEzNzE5MTUwNjAxM8gBCeACAKgDAaoEsQJP0DnhIDZbRKpIqwlAPu8VqxHdu1jkBkzUPBYX397rMRtyH-pbFtS_clFuuLW0caKJqw4WQpKqisvyWGWPVvxlCyIBDyIgl99M6ds5M_pH8jTsdZRkuozpaUCy_tJdg4_doRNJ9DexgSkJHwEgqzZ3AL6aLI-KAoX4UUA0iI03zFAu9vu4CMLi9caskkj5KclDwY7z1wyZr7BZdMkY3QZpqB3wiXqczcdG8WJiD1vRBRjUJeJ21mIBsK34l4vzCBD5PFhHfPL9_qACUQpwLObVx7q98LtvJsDHladT9TcLO4pSWJcxVO_2W8Xw9TaqfWbvvNQQJLcnu-3fmV5l_VWuFcC0tp0tRA7EyZOR2lt6CkXdJVHY8PFNXxvebI-hi-ENpkDA9OB3A8RmMPqXS4HGm-AEAYAGoump9_-2oagZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2gfIJKqjDx5DX-VU1A6zNl8ryWSQ%26client%3Dca-pub-5111137191506013%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:11:25 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 97DC 2 KB
1 KB 34ms
34ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:11:25 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 97DC 308 B
636 B 34ms
33ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 11 Jun 2024 09:11:25 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 97DC 293 B
621 B 35ms
34ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 11 Jun 2024 09:11:25 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame 97DC 43 B
348 B 26ms
7ms Image
image/gif 182.161.73.132
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=9DPC5Whs17T_aab-NOnFlk9c62klR8jDBPtg1FmQKBrfDgY0zikzOCuEIzmjvky6uTFlp2zMyT0k7GQPQR7q23Qug2D6nvpgbR57hANaYMUP_RnTn3ijOjc3FhAfOQt1H0iIIJPD_kKgoswq_YwFYtH2t25NvA1rIAEmyaTH0Cwx0CDoQKO6Vx0RlMmFEfHqbvYZd0jfvL2ssp2GrPnUi57Gj4J2x6IQwM8koZg0b9apumZMGXUBdbFXwVnJW6Aipvw2HYWHbQxdA97oGn6LAzWOc-YDlTzKXGQeB7VnIAJPzkwix4DEpP5CVi49A85TEXKmcN9sVegHlBJfgihrE9qcK2gXWvOuAkV43DO6hnJ2Cr5wK6ModTr5wM5Fd1Cs6ta0diTYgp_BVQYGj6hB4t2eBZfhEm21_nmU9mwOvPva4qcS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:11:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4025886
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F76B
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=8c963522-90b4-7e1c-df99-9204d015a44b&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=8c963522-90b4-7e1c-df99-9204d015a44b&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=2ae3f734-0150-4849-a38d-77f6734c62fc&ttd_puid=8c963522-90b4-7e1c-df99-9204d015a44b&gdpr=0&gdpr_consent=

43 B
323 B

15ms
11ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=2ae3f734-0150-4849-a38d-77f6734c62fc&ttd_puid=8c963522-90b4-7e1c-df99-9204d015a44b&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:11:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:11:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=2ae3f734-0150-4849-a38d-77f6734c62fc&ttd_puid=8c963522-90b4-7e1c-df99-9204d015a44b&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame F76B
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZI14vcCo8XwAABb6PpQAAAAA

43 B
106 B

8ms
8ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZI14vcCo8XwAABb6PpQAAAAA
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:11:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Sat, 17 Jun 2023 09:11:25 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"103.254.153.206","key":"ZI14vcCo8XwAABb6PpQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad395"}
X-SO-Key: ZI14vcCo8XwAABb6PpQAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad395
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZI14vcCo8XwAABb6PpQAAAAA
Cache-Control: private
X-SO-HostName: m-ad395.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 148
Content-Length: 0
X-SO-LB-Hostname: m-tgng24.dc4p.scaleout.jp
X-SO-IP: 103.254.153.206

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame F76B
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATTVkG6VDZ8Sks8AD7P3e16GX88AAAGIyJ-jdw

43 B
106 B

14ms
8ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATTVkG6VDZ8Sks8AD7P3e16GX88AAAGIyJ-jdw
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:11:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:11:25 GMT
via: 1.1 a71489b3aed951339ccfbb347582eb2a.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: KUL50-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATTVkG6VDZ8Sks8AD7P3e16GX88AAAGIyJ-jdw
cache-control: no-cache
content-length: 0
x-amz-cf-id: DEojpqdOt5nssXd38YPiSMy_IFx894n17QZLzqPcACtg_3hJkuH9vQ==
expires: -1

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame F76B 170 B
409 B 63ms
52ms Image
image/png 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTBmOWU2ZTgtNTljMy0yMGI4LWNhNzktYzhiZDFhZjc2YTJi

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:11:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F76B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGoC4bnOJpHK05ZaKXrMVG4&google_cver=1

43 B
106 B

15ms
12ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGoC4bnOJpHK05ZaKXrMVG4&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:11:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:11:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGoC4bnOJpHK05ZaKXrMVG4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zh_cn.png
tpc.googlesyndication.com/pagead/images/cn/ Frame FD4C 995 B
1019 B 4ms
4ms Image
image/png 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/cn/zh_cn.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb8e4f901a4800bd014c125c65d76cfdd48058f0412a1f72ddbd613cd4d1db4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:26:17 GMT
x-content-type-options: nosniff
server: cafe
age: 24308
etag: 17250068716606301561
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 995
x-xss-protection: 0
expires: Sun, 18 Jun 2023 02:26:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/cn/ Frame FD4C 334 B
358 B 4ms
4ms Image
image/png 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/cn/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a43ee2cbb716633cd21633b3895bb8dcba40b348f5b3c48080d1d85a98b91521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:26:38 GMT
x-content-type-options: nosniff
server: cafe
age: 13487
etag: 16151473764464638424
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Sun, 18 Jun 2023 05:26:38 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 97DC 12 KB
5 KB 22ms
8ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 389638
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsEgKpH5y4EB1BZpuF%2FXUWdoUDZlT7GcuATCI3PTqJMhZ25PgfD%2Bpf9QRNpV%2BDCVMDmqwFbvExWnEjCX3HbDT0AOW03neN6%2FKKEYX9wUP6Daaz1MGwdbZN5Scux3xh6LfndpJ%2BE459XY2ZPqpYHULj2j"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d8a2a3ddce091c9-SIN
expires: Thu, 06 Jun 2024 09:11:25 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 97DC 12 KB
6 KB 40ms
38ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:11:25 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 97DC 3 KB
3 KB 16ms
4ms Image
image/png 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?h=76&m=0&partner=76643&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F21260%2F180129%2Fd81d2eb3d2a54076a9762dfd925af804_logo_all_horizontal.png&v=3&w=596&s=sW9O62w6yHN3mO4OAFwyDR8M

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

b582044ee23d53d3eb2c463f266c8806af95ca4b57df6f12cb6780494646a907

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 2956
expires: Wed, 01 May 2024 03:15:10 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 97DC 33 KB
34 KB 17ms
5ms Image
image/png 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=76643&q=80&r=0&u=https%3A%2F%2Fstatic.nike.com%2Fa%2Fimages%2Fb_rgb%3AFFFFFF%252Cc_limit%252Ch_1000%252Cw_1000%252Cf_png%2F38e38dca-6cc5-43af-8ff6-e81becc96619%2Fimage.png&v=3&w=400&s=IZvhFZ9mJ34H_O531kZR-Wwe&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

0d657981fe5ebe497e7da69f22dc9d7f841cbf5b56c9890efcd5ecdfb497848a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2592000
content-length: 34238
expires: Sun, 02 Jul 2023 21:25:53 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 97DC 33 KB
34 KB 24ms
13ms Image
image/png 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=76643&q=80&r=0&u=https%3A%2F%2Fstatic.nike.com%2Fa%2Fimages%2Fb_rgb%3AFFFFFF%252Cc_limit%252Ch_1000%252Cw_1000%252Cf_png%2F2e282edb-e916-48cb-8329-97497507ab19%2Fimage.png&v=3&w=400&s=AYOZTWCy8iyHKG4HdecDKkUa&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

bafa3df486d7d99a45e7a19096e066bdca317216b318fcc9368fdb01f8367fdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2592000
content-length: 34244
expires: Mon, 03 Jul 2023 00:31:31 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 97DC 38 KB
38 KB 27ms
15ms Image
image/png 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=76643&q=80&r=0&u=https%3A%2F%2Fstatic.nike.com%2Fa%2Fimages%2Fb_rgb%3AFFFFFF%252Cc_limit%252Ch_1000%252Cw_1000%252Cf_png%2F5ad342e8-cc72-46c4-8ea6-9df1e76eaeb2%2Fimage.png&v=3&w=400&s=53MA8qGfcbx2AhnTyZa3f8Ge&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

637d0538383080c3f883d261ade0cde40bfc5257b909dd8da47831866c957fdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2592000
content-length: 38508
expires: Wed, 12 Jul 2023 11:39:32 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 97DC 35 KB
35 KB 20ms
9ms Image
image/png 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=76643&q=80&r=0&u=https%3A%2F%2Fstatic.nike.com%2Fa%2Fimages%2Fb_rgb%3AFFFFFF%252Cc_limit%252Ch_1000%252Cw_1000%252Cf_png%2Fb761c3fd-c602-4007-bfdb-27109139830e%2Fimage.png&v=3&w=400&s=tpLsKIZN5P5hO4z16z8Wj-jq&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

0c3d894bcc95cff88ca32aa3ed9334a78c8d2e8c8397be48337ca694a4d5bd97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2592000
content-length: 35538
expires: Wed, 05 Jul 2023 10:29:41 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 97DC 39 KB
39 KB 27ms
16ms Image
image/png 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=76643&q=80&r=0&u=https%3A%2F%2Fstatic.nike.com%2Fa%2Fimages%2Fb_rgb%3AFFFFFF%252Cc_limit%252Ch_1000%252Cw_1000%252Cf_png%2Ff4bd6923-5f37-4a6d-b02f-1236a8243d33%2Fimage.png&v=3&w=400&s=NJjoVZTaS8PVugyUYR0pxFt2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

8d20530014dbf162307171b951413080942a560547cc4434bb940fda5809c2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2592000
content-length: 39585
expires: Sun, 25 Jun 2023 02:18:41 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 97DC 39 KB
39 KB 13ms
11ms Image
image/png 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=76643&q=80&r=0&u=https%3A%2F%2Fstatic.nike.com%2Fa%2Fimages%2Fb_rgb%3AFFFFFF%252Cc_limit%252Ch_1000%252Cw_1000%252Cf_png%2F6514ee68-6743-4fa7-a43d-b501934e90d3%2Fimage.png&v=3&w=400&s=ms9bhnt2R_fP2zuWo-x5raPj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

cdad5b4b8844333ed235cb32b42fb310635080e79661438d9a68a9ac32c5b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2592000
content-length: 39914
expires: Wed, 05 Jul 2023 10:31:43 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 97DC 32 KB
32 KB 15ms
14ms Image
image/png 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=76643&q=80&r=0&u=https%3A%2F%2Fstatic.nike.com%2Fa%2Fimages%2Fb_rgb%3AFFFFFF%252Cc_limit%252Ch_1000%252Cw_1000%252Cf_png%2F4f5470b0-cc49-4ba0-8b44-d7aaaa4bc928%2Fimage.png&v=3&w=400&s=lakJn-748KrNz4E-CQoqxZqt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4a7bbff2a15cbe4495ded9370c418b359d0ed89f356bd5d09051828363e2d2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2592000
content-length: 32438
expires: Sun, 09 Jul 2023 13:03:15 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 97DC 39 KB
39 KB 19ms
17ms Image
image/png 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=76643&q=80&r=0&u=https%3A%2F%2Fstatic.nike.com%2Fa%2Fimages%2Fb_rgb%3AFFFFFF%252Cc_limit%252Ch_1000%252Cw_1000%252Cf_png%2Fcfc67fd4-38c0-4c45-87e0-80a0d985fd05%2Fimage.png&v=3&w=400&s=P6nSTpDFTZlPhb7cLWbSHN4j&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

bbba1efc4db5b7bb0686daa33dc30f281f9ad5e72a49a52acf4265f0d4638d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2592000
content-length: 39752
expires: Wed, 05 Jul 2023 10:24:53 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame 97DC 32 KB
32 KB 18ms
16ms Image
image/png 2406:2600:7:100::1f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=76643&q=80&r=0&u=https%3A%2F%2Fstatic.nike.com%2Fa%2Fimages%2Fb_rgb%3AFFFFFF%252Cc_limit%252Ch_1000%252Cw_1000%252Cf_png%2F12a2f439-52a0-4d4d-8a48-6f329076f0cd%2Fimage.png&v=3&w=400&s=Tqq5s5pWgw7qaNWE4Q73baWO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

aac2c735cc3b7edc2f24eb72bfa77e6e991873c914d300a3860d9f43a3f38b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2592000
content-length: 32709
expires: Wed, 05 Jul 2023 10:24:06 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame 97DC 0
128 B 15ms
4ms Ping
text/plain 2406:2600:7:100::f
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.as.criteo.net/all?cppv=3&cpp=imGr_doHMZIs1H19jqX4y6X51nK7s7NJ4iiVPWdhOjmx_62ufafxtN7Wm9Srp3VZaZOSYFgnpL9Z_3c8lePDF9iE1O4xnmZp0P9kOOh-ORgeUuVHAfksUwxkXzSPNSF_bed4SG-x7MbocsxrKLy5o9b5Jv552wlSccK5fmf6z1Pvmoa5DovVxqQGitX_a3LaE_5TCojdkK6Qb_vt2xaWS3WB_8us6lNdiGgy7ulO5xlXmQDyWUkOL63ZEwZnJrSXjxB29A&sds=2&rev=87007&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 17 Jun 2023 09:11:24 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 97DC 2 KB
1 KB 37ms
37ms Image
image/svg+xml 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:11:25 GMT

GET
H2 200 roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame 97DC 2 KB
841 B 38ms
37ms Stylesheet
text/css 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:11:25 GMT

GET
H2 200 roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame 97DC 2 KB
842 B 34ms
34ms Stylesheet
text/css 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:11:25 GMT

GET
H2 200 roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 97DC 15 KB
16 KB 19ms
8ms Font
application/octet-stream 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin: https://ads.as.criteo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-3d80"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 11 Jun 2024 09:11:25 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 24FB 0
10 B 4ms
3ms Image
text/plain 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XZblMw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6623 0
10 B 3ms
3ms Image
text/plain 2404:6800:4003:c06::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?LbsZLA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c06::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:11:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C782 0
0 8ms
8ms Image
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306130101&jk=3155151808706453&bg=!z8ylzJjNAAaGYqkwpmI7ADkAdvg8WjeD1hz0Kw7-rV-uUjMkqx9N1-or_W9obV9ak3eb7So47uhM95wnXFYxAuupaLH5AGpOPxoCAAABIVIAAAACaAEHmQL5KVQLeno44yKsUSOM8CR1zpBt-zC3AKVGJVobNSSvFfWB68x_HvD9uHM3rn1n7EzBTJB7xlpQ8eaGwHdJZi1aAkbeZR25Q-mtsFl3zfepaUUqnBvlSjJi7GihURAsza9YBR7L8LMc4Cu5_ghCPscw5-FWf_NU5aFY9bML1xoF-Ue5CUV2B-30CQT4XqnZeK5Tt2oUftNkHvYOhEH09Veqz5ZzuJa3Oauw5vpKkRrIJaOihYHAJDqyQTtFbhoKP5fPh-Hizce1PmiYNyuracrNIvqp6DSrksbF_sZtb6isJe-TxxGRWJJgp4LFfxEhy85m_g-UahfvuWOHjE472Pye6pFpMZ_0H2RHO6ovshErQNlX8FRQiMPu6KxFvp4QnWPEZ1yEjR-kFzyoIg93im_cOmd3rXViebj3y5eFRCsd3_G7i4WrUHNvU7_f7aSBiQAYArgWqQ7lezNdmzEHtJYQE51OZ20VPTYKtJjqqe9IvXHuNsVOlgqCHAM8xsqa9B7_uB-gzG4Drwd7IzFYXU7k1_W3XFMbnNv3Q3f2lHlqyppterNQrspHYjG6ZbqUhIaxMuFeeASg92076XWgvG_0ApNIs6VF4JCjstlmwhXwICC2_-AgArLIkY7cMB8UxdJqpqYUZ3W3KplDMUSfcP5R3E0qGUcm7tgdctOVaIMZp0PlOE--uA8-MpYPDly8m7CKnFbioBsWBKl5iLeDTzF4FB_JY9sS8LzJX7nkpnCNWwDpnXjmBjTg0v9PkTtFWp_bYMLPxXOwl-b-8rUfJiNxeDfhy2yCyPfZtEYqYA_t0XjuELuJYxmti0lqrEaPcamW1-YKzelV7g3EqDJu09-L9rnP0rdw9Iwt86Jx5Vag6AoGpp8n3tHMtn3nsSJa4jwnuRJ2EPnK7dA9DYjMtnyBKlhDZykUfGvK9Iuny83LMbNt-k0rzWD0y_pMulFwsQOC31ju6wgwVK5KdEY3DOURDka0OjxlTjaSnp88lPSmbs1MYBDYNOXdXIU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 43BD 0
0 7ms
7ms Image
text/html 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306150101&jk=1317537306299347&bg=!BwSlBFDNAAaGYqkwpmI7ADkAdvg8WlGT1P2d_aExyXho9sQQ16sPzRSuGbsQMbqBzS-o8lSs0h6T_8bkC2n3JcP7mlb8pgBs_4ACAAABGlIAAAADaAEHCgBzsB_uFSnuuJ-5O4EkPJiAXa5p1kCgLB4Cvj1L3EDTArTlk8VHEnlA7BL6-gF2XPWlSTnG5_ufqZNRee6sWMK1DSL-fphcqoHZZUub6Dtt6vZ88Xvm2AD121OMd65GUW5WtnqjJXYemkn9_YfYFWUhSmZ8V5kC-BfcG1VYNAVkYwylLgUHaScB_aN2llRxtdLqBn8Qy-4FsVmQC0YOL6eg1KUorUuK_ZxXUsl5JH3bpNqsmdqPU50w4PDCBjxIMD42LEXNV3Iq6qhCTfagL5mrK-4yAGBxR_oTI_io1Ydrxp0U0n7E1R5VOqhXRzShPk-SBL5bryqxth6h-KVBZh-ISNz_htSNNglY294zj3C-emQDVnjwfTF2aqU4T8L5GZv0IUAheigP-enTLbUXVtPPusr7DtKdeRtlv0McTemOdu9LABzaBc3zaMfV0udzK8jatYznOs0XkL9S5zFGFU7SbxHOL8CaPkM6fvT81lJljSY7fH9pTuG4fZ7yOoPcTE-zlzJRRJ2rpHZCd8KAxsrSw_e3E62XJjRwwyohfZoMqJe-YL_bERla5U55FjGnG7MTdWrR5d9ASj_CE15faSriJUlGGZFPszw6aPsEUoekNJtJ321bx1cmC3bfbAhAXmGjNKlpguvtqoVMKytLjTXY39PTbbRoGcvtreTsrxBBoFfBPYp1O7q34idGFF4lwXZKOpT4l3OnLlNQ-UlDQso4mEvdomEE6G4Zb6Va0y3wrs9Ip6jqjSvjI2UrZj3x0j5ADpldBsMHc4giujbDPffs9MnSmhgPCyQG8d8Dl-wLToTLbXiRY2JFRkldCx7XnpbsIT8E3Kn0smseCOhmaqpS6AE6YRLUMX5AG_MV_KoNHN9g9SkHXOynRE89U47MCHlR7l86ZpKkWPoi_D8UOV2GAA70NlCgns_RWFRTrjt32H2dGbqRsDSfgV-pzg1Lea3AwZQEINF2al1KSCx0Y-C12rAq1kYO99dfjcvnv_2nroTlxO1cnxSkbuVtOHLXGvNPG2vGpaz0Zx6UIFf0Pnt2ctXjtzpqzWOma5os7oXpcA_n_f60NYkL5th4ZUVUL9KyLekaEfBZxvPn2LZ2jpLKZm3fAPNBjW9JcgOZVsuQiMBXLL_ZRS6Zd_8hjZYB4OgonV8oOch3sUtTdzsgLSA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame FD4C 42 B
64 B 8ms
8ms Image
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyj4AEXuQXPcSptJ3Ni3_D-bOWWVlw12Hs8Y2Pc6TogkHF27nkAIftkDXu6NCMHvmt3n-lHyvvb1xKSRc-odtawUhsMTP9o6QOvp-7V5TDfZ366omZBR3fLSaLIFysP37MXzQEFGKWfg&sai=AMfl-YRWRfGXGPa-FHMw1rkCU8-8LXsTYRQrKAnqY4r9E7nAiag-QmA0Xt1lXe2M1sSoUdHwSNZzxuSUh5lXZp0hDur38c1Fc581prn5no1twBiw9MRfUp0DDdvlGIERV20Sxn7jV8PZuEZcKwLkBQ&sig=Cg0ArKJSzBFolBn8ZLsoEAE&cid=CAQSTABygQiDLSiY8nvhxsN4MPjYaY_z89bGLCM2N28NSDM948KxT1MDk5JA64gAYQt5RlAY8X1zRUpn84H5q5Tnzpwv8uYkIP83psF2KT4YAQ&id=ampim&o=632,116&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=263&tls=1263&g=100&h=100&tt=1263&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://mbantul.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 09:11:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
compass.adop.cc/	1970-01-20 12:37:05	Name: ADOP_P_U Value: https%3A%2F%2Fmbantul.my.id%2F
compass.adop.cc/	1970-01-20 14:46:09	Name: ADOP_CID Value: SG-230617091123-ab698c85fe954956
.mbantul.my.id/	1970-01-20 12:36:33	Name: lotame_domain_check Value: mbantul.my.id
.crwdcntrl.net/	1970-01-20 19:05:20	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 19:05:20	Name: _cc_id Value: 25381521de72ee5e084852d8e078e337
.mbantul.my.id/	1970-01-20 19:05:21	Name: _cc_id Value: 25381521de72ee5e084852d8e078e337
.mbantul.my.id/	1970-01-20 12:46:37	Name: panoramaId_expiry Value: 1687597884531
.mbantul.my.id/	1970-01-20 12:46:37	Name: panoramaId Value: be6eabb33c993b96ac035b7bd63716d53938eb5e445b7ba243b27a32684e1a3e
.mbantul.my.id/	1970-01-20 12:46:37	Name: panoramaIdType Value: panoIndiv
.criteo.com/	1970-01-20 21:58:09	Name: uid Value: ee244f45-b481-4fe0-9477-eb19837d1469
.mbantul.my.id/	1970-01-20 21:58:09	Name: cto_bundle Value: AdfLqV9KVnBTdm5DT1NWbTZjU20wdDJzJTJCRzI3ZEwwT09QWGZ5TDVNOERWVXoxdVRySjh3RVdLZnR4YkNrSmtTSjBoSFAyR1p3JTJCS3pGelFLYkVUVG1lTnl3ZGJpekREbW9BbFVUdlhGTGZkdUtuclp1RXpUQ1dUM1FnS3czVlhDNVJWbVhXZ282WFVHZWpZQ2ZvWll5JTJCJTJGU3g1dyUzRCUzRA
.openx.net/	1970-01-20 21:22:09	Name: i Value: 5f3a0a7b-3933-41eb-854f-5aecb43297b6\|1686993084
.doubleclick.net/	1970-01-20 22:12:33	Name: IDE Value: AHWqTUnbbirKdQuwJK38NLSOYq3c_afdYpCV15P-SoAeunYCso8bYzJT04yXPbL9dHo
.doubleclick.net/	1970-01-20 12:36:33	Name: test_cookie Value: CheckForPermission
.mbantul.my.id/	1970-01-20 21:58:09	Name: __gads Value: ID=b977208f106a4cb6:T=1686993084:RT=1686993084:S=ALNI_MZTFQ_F7f_p9RTZMn_Ox0HypqfrzA
.mbantul.my.id/	1970-01-20 21:58:09	Name: __gpi Value: UID=00000c50a9277cda:T=1686993084:RT=1686993084:S=ALNI_MZejz3Z2ReOgDXvYA3if8Rauj1rZQ
.openx.net/	1970-01-20 12:58:09	Name: pd Value: v2\|1686993085\|jElYiuvOhI
.adsrvr.org/	1970-01-20 21:23:35	Name: TDID Value: 2ae3f734-0150-4849-a38d-77f6734c62fc
.adsrvr.org/	1970-01-20 21:23:35	Name: TDCPM Value: CAEYBSABKAIyCwjMjfToscf3OxAFOAE.
.ladsp.com/	1970-01-20 12:36:36	Name: cr Value: 1
.openx.net/	1970-01-20 12:58:09	Name: univ_id Value: 537072971\|2ae3f734-0150-4849-a38d-77f6734c62fc\|1686993085226396
.ladsp.com/	1970-01-20 22:12:33	Name: smn_uid Value: ivGCGktfy8pqOSSWYBd-Bg-z93tehl8
.ladsp.com/	1970-01-20 22:12:33	Name: lum Value: CPfG_sSMMRIFCAMQ0AU
.socdm.com/	1970-01-20 22:12:33	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNjg2OTkzMDg1fQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

09c0634fa8c1f8738ac609bf0f754a63.safeframe.googlesyndication.com
86b2c3d8767c0880fb1fa8bcff9f3c25.safeframe.googlesyndication.com
ads.as.criteo.com
adservice.google.com
bcp.crwdcntrl.net
cat.sg1.as.criteo.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
compass.adop.cc
cr-p3.ladsp.com
csm.as.criteo.net
data.adop.cc
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
gum.criteo.com
id5-sync.com
imageproxy.as.criteo.net
invstatic101.creativecdn.com
jp-u.openx.net
link.deimoney.com
match.adsrvr.org
mbantul.my.id
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
rtb.jp2.as.criteo.com
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
us-u.openx.net
www.google.com
www.googletagservices.com
www.gstatic.com
124.146.215.50
13.224.249.123
13.224.249.35
151.101.1.229
162.19.138.117
182.161.73.132
182.161.73.136
2404:6800:4003:c00::5e
2404:6800:4003:c01::9b
2404:6800:4003:c02::5e
2404:6800:4003:c02::9d
2404:6800:4003:c03::9c
2404:6800:4003:c06::5f
2404:6800:4003:c06::63
2404:6800:4003:c06::84
2404:6800:4003:c11::84
2404:6800:4003:c11::9d
2406:2600:4::13
2406:2600:7:100::1
2406:2600:7:100::15
2406:2600:7:100::1f
2406:2600:7:100::9
2406:2600:7:100::f
2406:da12:fbe:4200:82eb:831e:204f:98bc
2600:9000:21b4:3200:a:e047:753:be1
2606:4700:10::6816:3556
2606:4700:20::681a:6d
2606:4700::6811:190e
2a02:4780:3:c141::17
3.33.220.150
34.102.146.192
34.120.135.53
34.96.70.87
34.98.64.218
35.190.39.111
54.179.187.66
65.8.11.99
74.125.68.155
04fd74f8655763e2289bb7851aa7de7de225f535a99a1b81908d72c807c5c9b7
07af4bc933e742affc6cae5a73418b77e24edd8fda91602e8bd474750a082c83
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c3d894bcc95cff88ca32aa3ed9334a78c8d2e8c8397be48337ca694a4d5bd97
0d657981fe5ebe497e7da69f22dc9d7f841cbf5b56c9890efcd5ecdfb497848a
0e1e3a55fd7710829d4c7014bb0db352c492b9980efad2ef87f3895edcbb784c
13df0d67e4d6ca32a53d2834effb6a431bebcdb7581fadd37219e4712048dfb5
140ee2462b736e743b7f9b2dd82f41ecfa63f17a818739fec426067500edb49c
173aa3294f51a63750e2402aab87a6683cab37b162468ee97e7bb1c26f641037
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e190fdf47cb7389e127605fc34bfb1bfc74281d5264501b79f2779008a2ae73
204e5be2226be7d737a8f1ac1629127dc17c6ff7d9aebebaa5ff3787f089e8c9
20afae3f757f75e2da6efbad2565ca9b2fbaeb76b785a2181738c739eeae6be2
251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f
29af392ef88ca87f7c927419fce879c3a5547c11bb3d01e88b34ad947ac503c1
2e53734a85fa870bb5eb303e2ff523f0c93a8127c219dc3fe9a440a02b0f2f92
2ec3bdc51ce9132ed32ab576535b070790bca11357cdc335406e8f4e3a08b1f1
2ee91e885acc47c48fb6eaf0fb8710910538ea9076b0cec4cdf40607443e689c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33579e8aa974b90e68ed582cf8fcab8ae6878138c1a80ada32b62c5a6b6301f5
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e361059b8c93a198d99a07937e7b30993d8316783cd56acae4e047b1e40c4c8
3fd5d14dbdbbfc2dd046575c55e36af46c5490b6c1074c07672f493240b4c597
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
4a7bbff2a15cbe4495ded9370c418b359d0ed89f356bd5d09051828363e2d2db
4b8911d4e792d19206c15d413cecc1af1e439e2b8f353af427cd5822886a630f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
504874196ca1112fb3be5587e8295b11ea4889a98cdb9ff576e53b2751f9b912
51d2f99015e34119585057c95b70f150596337fc4c2dcbfd9a9f6940839d25f7
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57fbb58ce6eb34fbae7493c70f94d259eab929001321decb9f344577c122e7da
5ca257ab8ea720ff657a153f7212034735691282ef8cbfd1af6b6fe9dfb4f536
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
637d0538383080c3f883d261ade0cde40bfc5257b909dd8da47831866c957fdf
63e602cfdc90fbc4da68e8e35684a4ed2b41055798e582872c4b6b0c1bd6cf11
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6dc18f75b8ee4c0b3f1ba5e884da3635675e49d5c88d21105ffd827266615c2e
7039bc2296e2e6b02d2ec8e64344ad0b6a54867ef02c604a288c57e504981e99
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e
7f295fdb1019a3c2ff2479582f5eda1915c67e8d8634f8b089920f86b6cc4fb7
7ff7782db141bbb32bf09db5566ac0dc83b7e8c2ceae3406a99333609e18a4a6
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
8570b14bb3216bcfb445442d65095db7428892ea6ed93a1ce3c04e28dbd238ee
8a63c305d21e0592ec399dec552e900b22635e3f41236de0e73fb4b40367cfaf
8b4d5896791236f4048ca105a33c72c0051f42f1aa0eecd999a3244b2f414c52
8d20530014dbf162307171b951413080942a560547cc4434bb940fda5809c2e3
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90561a7c084e326f220d5120b274b6f10ae2a032d61e76572c3ba9ae46994663
91c1d90f072ab61f143920b5b24937967bb326a5fb459aa7b4b2f69b49d2e82d
9509957a36947d54d26958f0bc89905ceda0cc08369be140856ae157f65e03cc
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a
9ba346503b6c880ec143e04f39f756e0d916e7f5aac3963dea250a58efca5fdf
9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4135cd61dfa379bb61b0718f3a20dc8b25d0b8f4e3f2e52ef4d0e5be736136c
a43ee2cbb716633cd21633b3895bb8dcba40b348f5b3c48080d1d85a98b91521
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a779880a7a0fca0643723032fa2363cd8c8c59d4b35429e6c31523555c84b334
a8a1fbf8316578527768bf1e2ec9d2803d0b9b73b91147a5f92af8b0913d8c16
aac2c735cc3b7edc2f24eb72bfa77e6e991873c914d300a3860d9f43a3f38b27
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abb38a30ad549fbf5a2f648263b68a3b04d07a98655a6773d98ee9d1b3cc8040
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b11c06052c0ccb032b286244a0e21e776377c32855d3ae0223c16249a6435190
b485906163fb2a34e7bbd4f32760f68db3ecf46fb348a6858e441ae80488e9e9
b4a1461ad7d53e7d43de3dac79c1aa33764451d5edb7eab92c9c23d34e5cf270
b582044ee23d53d3eb2c463f266c8806af95ca4b57df6f12cb6780494646a907
b73ecc4f8b0ed91bcfac90d74c67cae33c07216758522cd8d2ff8388c6537261
bafa3df486d7d99a45e7a19096e066bdca317216b318fcc9368fdb01f8367fdf
bbba1efc4db5b7bb0686daa33dc30f281f9ad5e72a49a52acf4265f0d4638d2f
c06979a4cb5bea70b9cbe359ed75f8563e12a38d10d91ac3399bb19a452bc4b9
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c5dd299c07b2ec1da97101ad01d6870098292024a47f355a9cb50f793cc70f8a
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b
cb5e4259383c4d53ae7c310d8d09cc04bc4f9183ed4cacdbd5c7c376a1ecc52a
cdad5b4b8844333ed235cb32b42fb310635080e79661438d9a68a9ac32c5b083
cf6d2a47ebd7c58e47143e23ee4dcacc720793f2f9ed06335bf4dca9cfcfa032
d5b847fc1abe54577490f4b28ee1278a323d2db5739158be48fc9ce07b66a853
dc96661cb7584cbb122c4c8d6b7c03519ab94cfd681d614ea67fd7c913a1ce99
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de2621ded267cc8ccaab09b6b4db14841d6f4f4328b211e40f7dd6598b4fd9d7
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
eb7103bf7d91b3d3f4239e48ef6ced534cb90b4e81051183d341f19d9f9bf8ad
eb8e4f901a4800bd014c125c65d76cfdd48058f0412a1f72ddbd613cd4d1db4a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05e3c9fcf8085591801fbfa6d4013b6c53c8138308259aa708ba60f7c076f45
f0ed0d0ccb64055823201e1f6c99367ae0762d748d2ccb92afd6028a659afe01
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
fa400aff1ba4e6e4cec0349e77c2fed917bb698c165da5cd382af08b66d0236c
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

mbantul.my.id Open in urlscan Pro 2606:4700:20::681a:6d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

144 Requests

96 %HTTPS

58 %IPv6

24 Domains

42 Subdomains

35 IPs

5 Countries

2863 kBTransfer

5717 kBSize

24 Cookies

0 Outgoing links

Page URL History

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mbantul.my.id Open in urlscan Pro
2606:4700:20::681a:6d Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

96 %
HTTPS

58 %
IPv6

24
Domains

42
Subdomains

35
IPs

5
Countries

2863 kB
Transfer

5717 kB
Size

24
Cookies

144 HTTP transactions
4 data transactions