urlscan.io logo urlscan.io
SecurityTrails logo

bola.okezone.com Open in urlscan Pro
2600:9000:243d:a400:11:2efd:e680:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bola.okezone.com/
Effective URL: https://bola.okezone.com/
Submission: On November 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 63 IPs in 7 countries across 42 domains to perform 382 HTTP transactions. The main IP is 2600:9000:243d:a400:11:2efd:e680:93a1, located in United States and belongs to AMAZON-02, US. The main domain is bola.okezone.com. The Cisco Umbrella rank of the primary domain is 163729.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 24th 2023. Valid for: a year.
This is the only time bola.okezone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:243... 16509 (AMAZON-02)
7 2600:9000:243... 16509 (AMAZON-02)
53 2600:9000:244... 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
22 2600:9000:243... 16509 (AMAZON-02)
20 2a00:1450:400... 15169 (GOOGLE)
6 18.65.39.56 16509 (AMAZON-02)
1 2600:9000:264... 16509 (AMAZON-02)
2 34.117.1.141 396982 (GOOGLE-CL...)
11 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2607:fc48:bc4... 40009 (BITGRAVITY)
11 2001:4860:480... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
24 2a02:2638:3::3 44788 (ASN-CRITE...)
1 18.239.18.12 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
1 34.250.99.225 16509 (AMAZON-02)
1 3.227.47.153 14618 (AMAZON-AES)
4 2600:9000:224... 16509 (AMAZON-02)
1 34.98.64.218 396982 (GOOGLE-CL...)
25 2606:4700:1::... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
29 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
4 142.250.186.162 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:3::12 44788 (ASN-CRITE...)
2 178.250.1.6 44788 (ASN-CRITE...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
13 2a02:2638:3::10 44788 (ASN-CRITE...)
5 2a02:2638:3::1a 44788 (ASN-CRITE...)
1 162.19.138.120 16276 (OVH)
1 2600:9000:20a... 16509 (AMAZON-02)
1 163.181.92.238 24429 (TAOBAO Zh...)
7 2607:f8b0:402... 15169 (GOOGLE)
1 162.19.138.116 16276 (OVH)
2 2a02:2638:3::9 44788 (ASN-CRITE...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
4 202.147.193.157 17670 (MNCKABELM...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:224... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 163.181.92.235 24429 (TAOBAO Zh...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2606:4700:1::... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 23.213.164.238 16625 (AKAMAI-AS)
1 2606:4700:440... 13335 (CLOUDFLAR...)
382 63
1    2600:9000:243d:de00:11:2efd:e680:93a1 (United States)

ASN16509 (AMAZON-02, US)
bola.okezone.com
7    2600:9000:243d:a400:11:2efd:e680:93a1 (United States)

ASN16509 (AMAZON-02, US)
bola.okezone.com
53    2600:9000:2440:3e00:b:f60d:7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.okezone.com
13    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700::6812:d941 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.izooto.com
22    2600:9000:243d:6e00:c:c529:c5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
img.okezone.com
a.okezone.com
20    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
6    18.65.39.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-56.ams1.r.cloudfront.net
sb.scorecardresearch.com
1    2600:9000:2646:9c00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
2    34.117.1.141 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 141.1.117.34.bc.googleusercontent.com
hbs.ph.affinity.com
11    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2607:fc48:bc4b::bc:238 (United States)

ASN40009 (BITGRAVITY, US)
cdn4-hbs.affinitymatrix.com
11    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
5    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
24    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    18.239.18.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-12.ams58.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    2600:9000:2250:7a00:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
3    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
7    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
1    34.250.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-99-225.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    3.227.47.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-47-153.compute-1.amazonaws.com
ping.chartbeat.net
4    2600:9000:224a:8e00:1f:789c:7d40:93a1 (United States)

ASN16509 (AMAZON-02, US)
sindikasi.okezone.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
25    2606:4700:1::6813:844c (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
a.mgid.com
6    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
29    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
tpc.googlesyndication.com
2    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
24    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
13    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
5    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    2600:9000:20ab:6e00:e:ddd6:52c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.visionplus.id
1    163.181.92.238 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
www.rctiplus.com
7    2607:f8b0:4023:1404::78 (Columbus, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
2    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
2    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
4    202.147.193.157 (Kebon Sirih, Indonesia)

ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID)
PTR: ip-193-157.mncplaymedia.com
cluster-images.visionplus.id
3    2606:4700::6812:c92 (United States)

ASN13335 (CLOUDFLARENET, US)
img.inews.co.id
2    2606:4700::6812:1c82 (United States)

ASN13335 (CLOUDFLARENET, US)
img.idxchannel.com
1    2600:9000:224a:b400:b:8989:4a00:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.mnctrijaya.com
1    2606:4700::6812:12e4 (United States)

ASN13335 (CLOUDFLARENET, US)
pict.sindonews.net
1    163.181.92.235 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
static.rctiplus.id
1    2606:4700:20::681a:46e (United States)

ASN13335 (CLOUDFLARENET, US)
analytics.rctiplus.com
3    2606:4700:1::6813:824c (United States)

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
1    2606:4700:4400::6812:297f (United States)

ASN13335 (CLOUDFLARENET, US)
cl.imghosts.com
2    23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2606:4700:4400::6812:2341 (United States)

ASN13335 (CLOUDFLARENET, US)
a.adskeeper.co.uk
Apex Domain
Subdomains		 Transfer
87 okezone.com
bola.okezone.com — Cisco Umbrella Rank: 163729
cdn.okezone.com — Cisco Umbrella Rank: 130991
img.okezone.com — Cisco Umbrella Rank: 53679
sindikasi.okezone.com — Cisco Umbrella Rank: 128089
a.okezone.com — Cisco Umbrella Rank: 225339
4 MB
55 googlesyndication.com
d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com
295 KB
42 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986
csm.eu.criteo.net — Cisco Umbrella Rank: 10557
333 KB
32 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
589 KB
28 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 8705
c.mgid.com — Cisco Umbrella Rank: 6710
cdn.mgid.com — Cisco Umbrella Rank: 11457
servicer.mgid.com — Cisco Umbrella Rank: 8714
s-img.mgid.com — Cisco Umbrella Rank: 8620
cm.mgid.com — Cisco Umbrella Rank: 1536
a.mgid.com — Cisco Umbrella Rank: 13517
243 KB
14 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
62 KB
13 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040
www.google.com — Cisco Umbrella Rank: 2
2 KB
13 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
981 KB
9 gstatic.com
fonts.gstatic.com
csi.gstatic.com
67 KB
9 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
ads.eu.criteo.com — Cisco Umbrella Rank: 10450
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16925
117 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
357 KB
6 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
8 KB
5 visionplus.id
www.visionplus.id — Cisco Umbrella Rank: 166300
cluster-images.visionplus.id — Cisco Umbrella Rank: 183025
136 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
104 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 6862
841 B
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
92 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
92 KB
3 inews.co.id
img.inews.co.id — Cisco Umbrella Rank: 98196
137 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
662 B
3 affinitymatrix.com
cdn4-hbs.affinitymatrix.com — Cisco Umbrella Rank: 41898
182 KB
3 izooto.com
cdn.izooto.com — Cisco Umbrella Rank: 17609
77 KB
2 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 534
126 KB
2 idxchannel.com
img.idxchannel.com — Cisco Umbrella Rank: 145085
20 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 903
42 KB
2 rctiplus.com
www.rctiplus.com — Cisco Umbrella Rank: 143509
analytics.rctiplus.com — Cisco Umbrella Rank: 188366
6 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
2 MB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
12 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
3 KB
2 affinity.com
hbs.ph.affinity.com — Cisco Umbrella Rank: 43201
2 KB
1 adskeeper.co.uk
a.adskeeper.co.uk — Cisco Umbrella Rank: 29706
271 B
1 imghosts.com
cl.imghosts.com — Cisco Umbrella Rank: 11295
43 KB
1 rctiplus.id
static.rctiplus.id — Cisco Umbrella Rank: 141026
11 KB
1 sindonews.net
pict.sindonews.net — Cisco Umbrella Rank: 41378
6 KB
1 mnctrijaya.com
www.mnctrijaya.com — Cisco Umbrella Rank: 224033
275 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
276 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1376
202 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1383
5 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139
1 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1585
15 KB
382 42
Domain Requested by
53 cdn.okezone.com bola.okezone.com
cdn.okezone.com
sindikasi.okezone.com
24 pagead2.googlesyndication.com bola.okezone.com
d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
24 tpc.googlesyndication.com bola.okezone.com
d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
tpc.googlesyndication.com
c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
24 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
cdnjs.cloudflare.com
static.criteo.net
d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
21 img.okezone.com bola.okezone.com
www.rctiplus.com
20 securepubads.g.doubleclick.net bola.okezone.com
securepubads.g.doubleclick.net
d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
www.visionplus.id
www.googletagservices.com
c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com
13 imageproxy.eu.criteo.net ads.eu.criteo.com
13 www.googletagmanager.com bola.okezone.com
www.googletagmanager.com
www.google-analytics.com
www.visionplus.id
www.rctiplus.com
11 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
8 cdn.mgid.com bola.okezone.com
jsc.mgid.com
8 region1.analytics.google.com www.googletagmanager.com
8 bola.okezone.com 1 redirects bola.okezone.com
cdn.okezone.com
7 csi.gstatic.com cdn.ampproject.org
securepubads.g.doubleclick.net
6 www.googletagservices.com securepubads.g.doubleclick.net
d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com
6 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
6 sb.scorecardresearch.com bola.okezone.com
www.visionplus.id
www.rctiplus.com
5 c.mgid.com bola.okezone.com
www.visionplus.id
5 csm.eu.criteo.net ads.eu.criteo.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 www.google.com bola.okezone.com
www.visionplus.id
tpc.googlesyndication.com
5 www.google.de bola.okezone.com
www.visionplus.id
4 cm.mgid.com jsc.mgid.com
4 cluster-images.visionplus.id www.visionplus.id
4 cdnjs.cloudflare.com ads.eu.criteo.com
www.visionplus.id
cdnjs.cloudflare.com
4 googleads4.g.doubleclick.net bola.okezone.com
4 jsc.mgid.com securepubads.g.doubleclick.net
jsc.mgid.com
c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com
4 sindikasi.okezone.com cdn.okezone.com
3 s-img.mgid.com bola.okezone.com
3 region1.google-analytics.com www.googletagmanager.com
3 img.inews.co.id sindikasi.okezone.com
www.rctiplus.com
3 cdn.id5-sync.com securepubads.g.doubleclick.net
jsc.mgid.com
3 cdn4-hbs.affinitymatrix.com hbs.ph.affinity.com
cdn4-hbs.affinitymatrix.com
3 cdn.izooto.com bola.okezone.com
cdn.izooto.com
2 a.mgid.com
2 ads.pubmatic.com jsc.mgid.com
2 servicer.mgid.com jsc.mgid.com
2 c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 img.idxchannel.com sindikasi.okezone.com
www.rctiplus.com
2 unpkg.com 1 redirects sindikasi.okezone.com
2 rtb.nl3.eu.criteo.com d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
2 cat.nl3.eu.criteo.com ads.eu.criteo.com
2 ads.eu.criteo.com d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
2 s0.2mdn.net d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
2 googleads.g.doubleclick.net d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com securepubads.g.doubleclick.net
www.visionplus.id
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects bola.okezone.com
2 cdn.jsdelivr.net cdn4-hbs.affinitymatrix.com
securepubads.g.doubleclick.net
2 hbs.ph.affinity.com bola.okezone.com
cdn4-hbs.affinitymatrix.com
1 a.adskeeper.co.uk
1 cl.imghosts.com bola.okezone.com
1 analytics.rctiplus.com www.rctiplus.com
1 static.rctiplus.id www.rctiplus.com
1 pict.sindonews.net sindikasi.okezone.com
1 www.mnctrijaya.com sindikasi.okezone.com
1 id5-sync.com cdn.id5-sync.com
1 www.rctiplus.com bola.okezone.com
1 www.visionplus.id bola.okezone.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 a.okezone.com bola.okezone.com
1 mug.criteo.com bola.okezone.com
1 ping.chartbeat.net bola.okezone.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 static.chartbeat.com bola.okezone.com
382 72
Subject Issuer Validity Valid
*.okezone.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-24 -
2024-09-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-14 -
2024-05-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.ph.affinity.com
Go Daddy Secure Certificate Authority - G2		 2023-04-10 -
2024-04-16		 a year crt.sh
*.affinitymatrix.com
Go Daddy Secure Certificate Authority - G2		 2023-05-17 -
2024-05-16		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.visionplus.id
Amazon RSA 2048 M01		 2023-07-31 -
2024-08-29		 a year crt.sh
*.rctiplus.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-07-26 -
2024-07-26		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
inews.co.id
E1		 2023-11-01 -
2024-01-30		 3 months crt.sh
idxchannel.com
GTS CA 1P5		 2023-09-18 -
2023-12-17		 3 months crt.sh
mnctrijaya.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.sindonews.net
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-03-02 -
2024-04-01		 a year crt.sh
*.rctiplus.id
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-08-02 -
2024-08-30		 a year crt.sh
rctiplus.com
GTS CA 1P5		 2023-10-05 -
2024-01-03		 3 months crt.sh
cl.imghosts.com
Cloudflare Inc ECC CA-3		 2023-10-03 -
2024-10-02		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 29 frames:

Primary Page: https://bola.okezone.com/
Frame ID: 188FA253BB2ACA7671681F7C99619A0D
Requests: 124 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: F54500461E34772E5C15DD4EC7964C47
Requests: 1 HTTP requests in this frame

Frame: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5843439CD7C8FFD92895594D49D6727B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=bola.okezone.com
Frame ID: 778FC0F8E0B5CE68D13C9C76FA09C67F
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 88188E4184A4D0A85BD7AC6AC2F31E7B
Requests: 1 HTTP requests in this frame

Frame: https://sindikasi.okezone.com/widget/groupklasemen
Frame ID: 66B00DA091F3174D70388323C2A2CB8B
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuW6hA6JpBV0KHqzI3kb78G0BPJd0jlMzcKzQhoO2wXbxWubxaGxv23u6_RPeVwjH-tu1G3awz4SGDDspTEOnLSTWpxNmG4PWfw1UgeD1uWQVZ5RuPLBxqN3zRRrmwAabMTMlEUCYe9bRNfG6hJbR-tuxgHWHukELb-oX8ovzjTTEFQOw9y1iOsox28GEHkj6Od4p2xteLtc8QjmYv0uFP4uscR8ic1Vna1xDm6NJUANwtR0t-z4K4pZWNQWlhU3MEASJHYlEepPrkLUqpcAQSUqKyeA5teX7T0KonTA3pkZymHw6g5qm-5dGCCeaC2_hMdG7tNN4fCfvbvl4EMZcPWBr4O9xE1ro_xMrmG2e5QTIzFceanNV-xMpBY-mm6SBgJd9C5lHuwTbQ&sai=AMfl-YQgHZmqCuvTh4gZ-HPpmcunCYyC-qSDbwlPS1flGUOFP8vFCdwSglep0SkNznxmPd9wFlXrTy1AuLq4oJEtSpvtT1S-J7kkndAbzj3LMrMDUYLJ5TPs1l8RrG04LsVizL7wOMcWlslhqQ4LuA-I&sig=Cg0ArKJSzDwmy1I4sL35EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 44130A61493788E565E19631D488F688
Requests: 30 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs
Frame ID: 4D25C81270B3ADB11FD6838264864DF5
Requests: 16 HTTP requests in this frame

Frame: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FE3070233F4B133324BDFB014EAFA5F8
Requests: 15 HTTP requests in this frame

Frame: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1D7D6FF885E7D23ECB77EA9CF539188C
Requests: 15 HTTP requests in this frame

Frame: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8F8FBCF7DE713CD05D64D62913252960
Requests: 10 HTTP requests in this frame

Frame: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ECC280CEBF7FA84A95B0406B07824195
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDPsMiRBRjG_sz5ATAB&v=APEucNXub_FOpHUUW7T4jJoqIVd6Jul2SLXTHowoFbwU5MIXYEKgS4XA5N_sMih_V4UlTBWUH7va69iTUItHip_IU_vnbJS5pg
Frame ID: 948DAE8656E2D9E8F318F43C5E97703E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjH5JDkATAB&v=APEucNWnwyQKHIzV4hkdPh1WPZGRGefWImAf3zMGPHcHLl9-fn33s9k-cy15_oXW40VuevinS-4J0nQS-zeQulKZTU4gqzIXwA
Frame ID: C66576CB3DAF7F2AE98EABAE1D328331
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgP8Ke7FIAAds6LuVhbE9mX67PJdaRw&u=%7C4U7PSCOMCtMN3xCETrFt4l5hGxfjtUcFJdHKOWkgti4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF1NewNbVHyiBZNvuDnVF5bHxSiAGJhDf6bRs77-hEYFGd_XyzjhEFRaWQxv1wE9zRYmcMEx52_b6kZkU7-WUmKZ3kLoLXcduo_CzO5LUaPvhk4vwi0oziq12Pn7nukOmkr6K9WVYSnAlI68JXTfhK059BrTlKXzJwPtn3xkScFx78fpCNKGeWZvn2gswMhTDOGUbz-1_mJVTCDPc486HuRj7IgFvT0fAPNqSX5GZE4X4EJUO1-o_17emobMszGfLQ0DFjk2VCnip_g1G_8TsajOCvVPvRriGnCO60hp1BYJWjbtFshfrb0CY-nvoi-pcj8wfP7NJRyI3MDJSyIHowlfi9_kLSKuS2rVKn_qfxkbAASLEtVEUyvw-wRr4Aoqn_-WcTNjal0ZMbF7CSbtpZ8bclg7Y6r937t6grVDGjkkAjGC8DfYFpCutkIDn_Emxcnltx4Lj6NOlflb973VzOU5PWTGvA_nUlFh7-4g_IRmIG-RFUq7vneeZaI6slx_7A3uyU6YHDCs0qss0IuWoLX4l8nUNkyE1UIZLjApj896cBh8-cJqZtRK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw2KHrdJHZf-BKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBLQCT9DxVIQyI99k2jIJnuxA0d9l_3XaLiRV7hzYACyQSSvSfEf8aqF84YcLs5SEOk6yw8xm98FPQ2Pq_J48q0RnGnGdm3C2GMTqvevZ_cosr2CxGrpYK8BhcAK5JAf6v4LOVgcFjGHxGc0mot7Pru5M9MipJaApsHrsOR93a6ofvN48aR8zxXf-_I6sSWyaHbnRyeVeMNFND1Eoi207WdcLWZ9rPRae7nocHYI7vUOdYtzjp5DDwD0br9TavH1_vVpyQhdBZ4Sn3HZ_Hydv5q3QQrUeqox7-Mphrzrb1CPvOHtR-apIU813fXUnnBWfgkSX8jYOlTQnjqBzSu9wDxMxZrFl_RqKfKZW_tKcbJTdvxQfgJ-sjkb-GjD0_ZRBMEkr20AVTRhQEi-1O5GyeN1uVsMuLAjgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Bud9Zuq_nj8_iRsSA97TcqfdexQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Frame ID: 1B3195989405644421AC73FF5DEAB2C8
Requests: 21 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Frame ID: 2AC8223924E48F6B5BBAFFE985003DCA
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3699EF0861C1464DBA0714CD7A92D533
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 602A72F8D0477F3B86270A7150E49332
Requests: 3 HTTP requests in this frame

Frame: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Frame ID: B98413F3454C5390703269540937244C
Requests: 19 HTTP requests in this frame

Frame: https://www.visionplus.id/wat-23110512/merah-padam/berstatus/rekap-yasin-bagian-2-lupa-al-quran?fr=oz&v=1699205806455
Frame ID: EBDF7FB5AF70BA336469C904F9F9AD84
Requests: 39 HTTP requests in this frame

Frame: https://www.rctiplus.com/khsusus/4097199/ac-milan-dipermalukan-udinese-stefano-pioli-kami-pantas-diejek?1699205806226
Frame ID: 43D0259FA1B222C5173B282CFD708D2F
Requests: 15 HTTP requests in this frame

Frame: https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E87847F3F888D314F399D45993FE9635
Requests: 1 HTTP requests in this frame

Frame: https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: DFA91506BFB09D7E49A98ACE0701CD77
Requests: 21 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1699205808673398220006
Frame ID: 4A5FAAF705604CE159AA71CED22A412B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 500EDAA820CBAC5FCE37B87172D01A9A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7E26890D7023EBBE5230ABBEE317DC6F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 357082994C1A2F93CAE07BE8AE29B508
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 969FF0EE42CC63F025A05D57D7AC5A26
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1699205809322820127920
Frame ID: 667962CEE8AB0B66B7D4AB1BF77E992A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Okezone Bola Berita dan Jadwal Bola Indonesia Internasional

Page URL History Show full URLs

  1. http://bola.okezone.com/ HTTP 301
    https://bola.okezone.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.izooto\.\w+
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

382
Requests

97 %
HTTPS

71 %
IPv6

42
Domains

72
Subdomains

63
IPs

7
Countries

10905 kB
Transfer

18874 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bola.okezone.com/ HTTP 301
    https://bola.okezone.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fbola.okezone.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fbola.okezone.com%2F&rid=esp&cc=1
Request Chain 104
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=okezone.com&sn=ChromeSyncframe&so=0&topUrl=bola.okezone.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=n-zQ03xRbGQ0dTFxN1JBQzQvQVZJSzJvV293UW1ueElEMXBFMUtHbVB3Vm9pOEZBWnNiR044c1BwaFloZ2pYWWNwMHZIcXpzQmZiQUFLVllpQ1o1OTlZTWROcC91ajlQbVdOMnlGdXltOG4zN2tBVURHTnBOYnRsL2luUm1xYmFkK29tWDRLbWxmUHp2SHdVcmJUSkVYMy9Dc2pQQVZYVitocCttRW9EUjNXSHhrQjlTQVV0bkVuUVoxSmQ3NjZ2MUtvbDNwSVpHcDVBN1d2L2JRVFg4MUdwbTVEeEhid3BJMzhmcVhtQWFvc0lHKzJNK3BBT3JGYmI2alhvWkFGM2k3Ymh4Z2tHbnhZdmVlK1VRZ0FyTXE0MTlTQT09fA&cppv=2
Request Chain 255
  • https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
  • https://unpkg.com/swiper@11.0.3/swiper-bundle.min.js

382 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bola.okezone.com/
Redirect Chain
  • http://bola.okezone.com/
  • https://bola.okezone.com/
188 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:a400:11:2efd:e680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b641afa760ea3bc0b6f19a5a026fd6ada46f07c81e90a3ceaad28a778c8a99d8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
19
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 05 Nov 2023 17:36:25 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
via
1.1 c9b630de734c38e36e97554a32ac1a68.cloudfront.net (CloudFront)
x-amz-cf-id
SBTiVX90df4jLKsmQuQT-U5f7pyYO3JQvuglEO4GTdbt6K6SG9RL5w==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-device
desktop
x-fastcgi-cache
STALE

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Sun, 05 Nov 2023 17:36:44 GMT
Location
https://bola.okezone.com/
Server
CloudFront
Via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
TwMwHfaWScaEfVJkibb4OlFjc8PaoZIcyOYX-7I_WR9w8emKFyjZAA==
X-Amz-Cf-Pop
DUS51-P4
X-Cache
Redirect from cloudfront
jquery.min.js
cdn.okezone.com/www/2016/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/www/2016/js/jquery.min.js
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
0d6271f6c1c509d78ee10f14174542be0db49486fe7c23201c1b517a063f578e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:44 GMT
content-encoding
gzip
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
95992
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"PSA-aj-iDyG3vc4gw"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-cache
Miss from cloudfront
cache-control
max-age=1635363
content-length
33196
x-amz-cf-id
MPhRmNcHzhTWTH8Z6KBF68rLYUzPEsWzuNr0cmtMWH7TZwjQhejDlw==
expires
Fri, 24 Nov 2023 15:52:48 GMT
style.min.css
cdn.okezone.com/underwood/revamp/2018/home/css/01/ 		555 KB
90 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
a2733d5e431d0259163ae20d5f0afb1ab5e4d5e902a9ba83d41bcfbcc3992115

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:44 GMT
content-encoding
gzip
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
567811
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"6509570c-8aa03"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
content-length
91764
x-amz-cf-id
8lSjXnN6HSkTLkYpHXMmdHU7KBgZj9HhLcWyHvVKXqbujmv2brV_6A==
expires
Sat, 18 Nov 2023 07:02:07 GMT
pildun.css
cdn.okezone.com/underwood/revamp/2022/remake/desktop/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/2022/remake/desktop/css/pildun.css?v=2023110600AM
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e98eed857ed56ed41f03f9b1fc2ad6e2ed0378f0f75c2b57a54880318e88b50b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:44 GMT
content-encoding
gzip
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
3575
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"PSA-aj-UnpWGGvnop"
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1259693
content-length
1005
x-amz-cf-id
LQ3wXlKWUJgQjlIYh4b5r-oLsPfCWzl7qeN2zOhdB_cUV_hUG9HPxA==
expires
Mon, 20 Nov 2023 07:31:38 GMT
js
www.googletagmanager.com/gtag/ 		174 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-153789817-2
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
885d5f1e627910e9354399d09de78dd403a7bea36da7dd0b4714f2b4c150edf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64916
x-xss-protection
0
last-modified
Sun, 05 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 05 Nov 2023 17:36:45 GMT
e3856a189fb9ffaaded586b63c8ccf1f1206ef4b.js
cdn.izooto.com/scripts/ 		1 KB
907 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/e3856a189fb9ffaaded586b63c8ccf1f1206ef4b.js
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3d15550fc858ce1ab5f0189216ba3d71c0ba5790019c88c9a1c9c5c43aedce4
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:44 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 13:13:59 GMT
server
cloudflare
age
259430
etag
W/"64f9cc97-473"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
8216dc57e8206abb-FRA
x-xss-protection
1; mode=block
expires
Mon, 06 Nov 2023 17:36:44 GMT
lama.min.css
cdn.okezone.com/underwood/revamp/2023/sso/desktop/css/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/2023/sso/desktop/css/lama.min.css
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
1916f9c6bb1bc522f12781fb54fa235dee34f448fc0d0ab2a02b6e4ed7fedfa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
content-encoding
gzip
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
14239
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"64521611-379f"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
content-length
2135
x-amz-cf-id
_Qrapt-z2OH0Cf76jxZWm1T3JaQa07iKl5wJhJDKdQzaIwT1GVJuQA==
expires
Wed, 29 Nov 2023 09:28:33 GMT
ic_logo.png
cdn.okezone.com/underwood/revamp/2017/home/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2017/home/img/ic_logo.png
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
bfc4a082238c7c4304d0a8fcf6038061ac3bb3ac9defceddb43048c1ad7e8a8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:44 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"616410db-514"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1300
x-amz-cf-id
fT68J2rFuxe16xrjh3LqmNdnpQZGBqx4fXZo6DzwO30d5wTbVQo2WQ==
expires
Tue, 21 Nov 2023 10:31:02 GMT
dendy-sulistyawan-tak-gentar-bersaing-dengan-calon-striker-naturalisasi-timnas-indonesia-7hZQuiw1Jp.JPG
img.okezone.com/okz/400/content/2023/11/05/51/2914905/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/okz/400/content/2023/11/05/51/2914905/dendy-sulistyawan-tak-gentar-bersaing-dengan-calon-striker-naturalisasi-timnas-indonesia-7hZQuiw1Jp.JPG
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
04480da5573cb4d856930aa2c4e83253a096ffbb1ff51212a6287a10f33a3797
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:44 GMT
strict-transport-security
max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
13222
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sun, 05 Nov 2023 15:20:47 GMT
server
nginx/1.20.1
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000, s-maxage=10
link
<http://127.0.0.1:81//okz/400/content/2023/11/05/51/2914905/dendy-sulistyawan-tak-gentar-bersaing-dengan-calon-striker-naturalisasi-timnas-indonesia-7hZQuiw1Jp.JPG>; rel="canonical", <http://img.okezone.com/okz/400/content/2023/11/05/51/2914905/dendy-sulistyawan-tak-gentar-bersaing-dengan-calon-striker-naturalisasi-timnas-indonesia-7hZQuiw1Jp.JPG>; rel="canonical"
x-amz-cf-id
i7t237CE1yXkMrC8bF7LvoLuZIThV2w7qJTUY-yh0xcTiKUY58SB1Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-play.png
cdn.okezone.com/underwood/revamp/2017/home/img/ 		460 B
810 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2017/home/img/icon-play.png
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
12aca12da1419069c66943e2c663a4d3663893f390794a5753dd4f59d702e1c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"616410db-1cc"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
460
x-amz-cf-id
XJWVAuh88Gj1RUFxWXXZ2C3r53z3_rcMt0Gru8SXCxNJGggq2faI_g==
expires
Wed, 22 Nov 2023 02:08:11 GMT
icon-foto-kanal.png
cdn.okezone.com/underwood/revamp/2017/home/img/ 		917 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2017/home/img/icon-foto-kanal.png
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
cd7415ef41b21effad801867f8fc8dab7eb264c016698a21f0ebfcae09e35999

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"616410db-395"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
917
x-amz-cf-id
0JR8H7YyfOjF_tSxayt0QmP6kjh1tI1orc0VZTtkTlie2gseLPG_pg==
expires
Tue, 21 Nov 2023 23:23:05 GMT
main-v2.min.js
cdn.okezone.com/underwood/revamp/2017/home/js/01/ 		317 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/2017/home/js/01/main-v2.min.js
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c562ac1e333810fb5f9ae057ae04a344a93223e5a48e8a1d1a3b2ec45230eebf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
content-encoding
gzip
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
324709
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"PSA-aj-DGVmCt1aX7"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1383851
content-length
93760
x-amz-cf-id
P5TAOnvXeaMxYqPfLbyncdd6X3yQJoEWLbEK2-CpLBj5gRRujlIvXg==
expires
Tue, 21 Nov 2023 18:00:57 GMT
widget-iframe-master.js
cdn.okezone.com/underwood/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/js/widget-iframe-master.js
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
fa1187480d177518f552c5c1f03f5cecf8e2e43cf3defd3a53bf19a708723122
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
content-encoding
gzip
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
2380
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"PSA-aj-5GIUE_Pq_X"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-cache
Miss from cloudfront
cache-control
max-age=929403
content-length
706
x-amz-cf-id
i_UkV-sB0u7RTJaodxZRuvgjUNKM7XiPQxWLQkCbvTolAzF1DgR5ng==
expires
Thu, 16 Nov 2023 11:46:49 GMT
socket.js
cdn.okezone.com/underwood/js/ 		1 KB
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/js/socket.js
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c20330c1a308d4735499bbbcefe2759902938cddc458a5509138914883ba8d87
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
content-encoding
gzip
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
1629
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"PSA-aj-jdgWcQbxeD"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-cache
Miss from cloudfront
cache-control
max-age=929393
content-length
490
x-amz-cf-id
Q3pnIuc-E97dd2fgZseAvlkevWQvblmtUc432mShd1FZxbe58TC9oA==
expires
Thu, 16 Nov 2023 11:46:39 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dda61b68eaef0f31272b7d933a3bfb9ee8772ebdc28cb890df5c5db28ed5fd34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31578
x-xss-protection
0
server
cafe
etag
249 / 19666 / 31079420 / config-hash: 7101305502720886139
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 17:36:45 GMT
set-uuid
bola.okezone.com/ 		45 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bola.okezone.com/set-uuid
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:a400:11:2efd:e680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b74daa6d5f7db3405e43b0b0e0e6068ff875a220c2d6943f3b5b70cc572fbf89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:45 GMT
content-encoding
gzip
via
1.1 c9b630de734c38e36e97554a32ac1a68.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
DUS51-P4
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
x-fastcgi-cache
BYPASS
cache-control
no-store, no-cache, must-revalidate
x-robots-tag
noindex, nofollow
x-device
desktop
x-amz-cf-id
qD1LpR-8iTFVIs7OYHyo2cRpGtHvehL7B2MQ0PKUKuBf_QKJftYV_A==
expires
Thu, 19 Nov 1981 08:52:00 GMT
gtm.js
www.googletagmanager.com/ 		257 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T7STHLB&gtm_auth=76w83INIQaVRLL2wpVeSrQ&gtm_preview=env-1&gtm_cookies_win=x
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1bf0cd18b33ed52070d9fa2b32b03ed0e9e755379ef5749434787cc57b879e42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82560
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-56.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 06:14:39 GMT
content-encoding
gzip
via
1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
41355
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
cCb5UPCK912CN0Dj7ba9HFydRaTWVi26QfrerwTtY3yqBQMDD91WAw==
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:9c00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:22:16 GMT
content-encoding
gzip
via
1.1 7dbea139a5c4f501bc4b0e9d19a50c9a.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 00:45:38 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
age
869
etag
W/"64d2e1b2-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
nt8wBiZhIA7faN85hUiCkWE2xiJsw0owEUy14aQ3ljnq40baynLcsQ==
expires
Mon, 06 Nov 2023 17:22:16 GMT
index.php
hbs.ph.affinity.com/v5/okezone.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbs.ph.affinity.com/v5/okezone.com/index.php?t=51018
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.1.141 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
141.1.117.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a304656a72824bbbdf07e873f2329ebd93e02067922fc96a179a3d94d06a373b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
content-encoding
gzip
via
1.1 google
server
nginx
vary
Accept-Encoding
content-type
application/Javascript; charset=utf-8
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 04 Nov 2024 17:36:45 GMT
izooto.js
cdn.izooto.com/scripts/sdk/ 		320 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sdk/izooto.js
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/e3856a189fb9ffaaded586b63c8ccf1f1206ef4b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40c9c48954a862e96ee3c7994d6f4faf824430590163113af313a9133d6b91a0
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 01 Nov 2023 13:46:54 GMT
server
cloudflare
age
359368
etag
W/"654256ce-500c8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1382400
cf-ray
8216dc5a7b4d6abb-FRA
x-xss-protection
1; mode=block
expires
Tue, 21 Nov 2023 17:36:45 GMT
iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame F545 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bola.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
2012858
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
8216dc5acbc06abb-FRA
content-encoding
br
content-type
text/html
date
Sun, 05 Nov 2023 17:36:45 GMT
expires
Wed, 06 Dec 2023 17:36:45 GMT
last-modified
Tue, 07 Feb 2023 10:27:13 GMT
server
cloudflare
vary
Accept-Encoding
x-xss-protection
1; mode=block
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=9013027&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1699205805263&ns_c=UTF-8&c7=https%3A%2F%2Fbola.okezone.com%2F&c8=Okezone%20Bola%20Berita%20dan%20Jadwal%20Bola%20Indonesia%20Internasional&c9=
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-56.ams1.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS1-P1
x-amz-cf-id
14P94zEGeUEw3d65aI07qA3YlrhUoWc4cKbOi3TVx48J5Si8KqOf8Q==
x-cache
Miss from cloudfront
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153789817-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 05 Nov 2023 15:51:32 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6313
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 05 Nov 2023 17:51:32 GMT
destination
www.googletagmanager.com/gtag/ 		257 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-MZ0Q248WBF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153789817-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0d0ba2e7f5389bacd4616df8e09854ff588476ecfb6d48846a80c03b00e846fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89224
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 05 Nov 2023 17:36:45 GMT
icon.png
cdn.okezone.com/underwood/revamp/2019/logo/desktop/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2019/logo/desktop/icon.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
84d332ddc3d18693cb9bbf81ae74643f091a6a96b92025578c9f5091aa232a6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
1408
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"PSA-aj-WUJRYREJJF"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1792708
accept-ranges
bytes
content-length
1123
x-amz-cf-id
wBjZEAgJEBwRMVzUMb1QKD1HGqDGNICfsmsvQGwpmn0f8MzvjdkVsQ==
expires
Sun, 26 Nov 2023 11:35:14 GMT
icon-dropdown.png
cdn.okezone.com/www/2016/img/ 		230 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/www/2016/img/icon-dropdown.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
aa0a295660f159606aaf184459c2efdce0b9674411905b0884707cce4ce23234
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"61641179-e6"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
230
x-amz-cf-id
LO84y_wBhrJ5fW58FkuFD0puri4-q3DzzHJVeweLtUqNgGSeGvfzkQ==
expires
Thu, 23 Nov 2023 22:45:35 GMT
search.png
cdn.okezone.com/m/2016/img/ 		368 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/m/2016/img/search.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
86c4b6c92752f01e526244a3b1f0faa63efe5d1cfceaec8b73025ff297732459
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"616410aa-170"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
368
x-amz-cf-id
suYAXAAiGnGe-It1tlVasJ0uD36YrQwH8_C1SLDLJbjrkzhndhATHw==
expires
Thu, 16 Nov 2023 22:35:37 GMT
follow-ico.png
cdn.okezone.com/underwood/revamp/2018/home/img/ 		192 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2018/home/img/follow-ico.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
7368b808366157c04aa433a1e913bcf2e07584dbf09a3578b3278b24afcbc197

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"616410dd-c0"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
192
x-amz-cf-id
QxpEvHSnWAGRBGClJjYnnsfkuE0GBfIJJJCkzj1Il4FagqyWOY8KWw==
expires
Sat, 25 Nov 2023 11:01:06 GMT
fb-ico.png
cdn.okezone.com/underwood/revamp/2018/home/img/ 		413 B
762 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2018/home/img/fb-ico.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
47f1e5908be88e33fff7ed5e8684786b914edfe5c39d324c4a78d535e78436e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"616410dd-19d"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
413
x-amz-cf-id
eqd_OswKhbulH-sev-9FaMdEKGYA_KDZg3NVRuyGSg76DWzH8CuhEA==
expires
Tue, 21 Nov 2023 23:37:08 GMT
twitter-ico.png
cdn.okezone.com/underwood/revamp/2018/home/img/ 		489 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2018/home/img/twitter-ico.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
2905f6466b563cfab96451f14df6a914a6c09c2bdf1dc21914025c0017e24610

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"616410dc-1e9"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
489
x-amz-cf-id
AD8U9QPTJUNWN3ESBbfn4KWgRZHDwhQlupcUsBmeXJP3IEsPA-HA0A==
expires
Fri, 24 Nov 2023 23:56:36 GMT
gplus-ico.png
cdn.okezone.com/underwood/revamp/2018/home/img/ 		589 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2018/home/img/gplus-ico.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
f0e55db35d3396494019102a8d1413a0740e848e07070cd213a6930aae984449

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"616410dc-24d"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
589
x-amz-cf-id
ImzeCV1HiC3-Azm6rUh-Mx-Uahhn_M6bZXVr3tXLO1AGObawxVm6Hg==
expires
Tue, 21 Nov 2023 23:46:40 GMT
ig-ico.png
cdn.okezone.com/underwood/revamp/2018/home/img/ 		538 B
888 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2018/home/img/ig-ico.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
296e4fa6895898a2b00b59108fda4d3aa48f156ea7ee4627012b8580969af3ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"616410de-21a"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
538
x-amz-cf-id
eTpZOhgV83WSC08FOvDlx_woBMmMzRISLzzxaiEABsRAuNsBNpXBkQ==
expires
Sat, 25 Nov 2023 07:39:09 GMT
logo-bola.png
cdn.okezone.com/underwood/revamp/2019/logo/desktop/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2019/logo/desktop/logo-bola.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
4bceeaaba5739f18a63cfb97224bd42429ba93c567b8cb6d4b7675cddfed56bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
8344
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"PSA-aj--GRP50XR2G"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1934755
accept-ranges
bytes
content-length
4942
x-amz-cf-id
LW4yE6Ibzq2Uy5fdxV-KKHPpogyAQP-MEPp9V6qLjlkqQ8Py2h1h5g==
expires
Tue, 28 Nov 2023 03:02:41 GMT
ac-milan-diminta-tak-ratapi-kekalahan-dari-udinese-fokus-bangkit-hadapi-psg-di-liga-champions-2023-2024-Gs2cPLLr6r.JPG
img.okezone.com/okz/400/content/2023/11/05/261/2914876/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/okz/400/content/2023/11/05/261/2914876/ac-milan-diminta-tak-ratapi-kekalahan-dari-udinese-fokus-bangkit-hadapi-psg-di-liga-champions-2023-2024-Gs2cPLLr6r.JPG
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
6564cf5331df3f668b2a78e790bac2837673ca5a33979c8397fa9288be9cfa1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
strict-transport-security
max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
17220
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sun, 05 Nov 2023 13:49:49 GMT
server
nginx/1.20.1
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000, s-maxage=10
link
<http://127.0.0.1:81//okz/400/content/2023/11/05/261/2914876/ac-milan-diminta-tak-ratapi-kekalahan-dari-udinese-fokus-bangkit-hadapi-psg-di-liga-champions-2023-2024-Gs2cPLLr6r.JPG>; rel="canonical", <http://img.okezone.com/okz/400/content/2023/11/05/261/2914876/ac-milan-diminta-tak-ratapi-kekalahan-dari-udinese-fokus-bangkit-hadapi-psg-di-liga-champions-2023-2024-Gs2cPLLr6r.JPG>; rel="canonical"
x-amz-cf-id
ZQa_Z4B8co0pJkZF5V_4JfviAuQskURDbVO2_bwGxRfAEOw72pKrpg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
jelang-laga-fiorentina-vs-juventus-massimiliano-allegri-sanjung-skuad-la-viola-FarZJRvpeg.JPG
img.okezone.com/okz/400/content/2023/11/05/47/2914842/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/okz/400/content/2023/11/05/47/2914842/jelang-laga-fiorentina-vs-juventus-massimiliano-allegri-sanjung-skuad-la-viola-FarZJRvpeg.JPG
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
0c781e7047fbb5cf8121a879ee0e7f49e60bb85734639b5784b2b0489f987b7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
strict-transport-security
max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
14308
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sun, 05 Nov 2023 11:04:33 GMT
server
nginx/1.20.1
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000, s-maxage=10
link
<http://127.0.0.1:81//okz/400/content/2023/11/05/47/2914842/jelang-laga-fiorentina-vs-juventus-massimiliano-allegri-sanjung-skuad-la-viola-FarZJRvpeg.JPG>; rel="canonical", <http://img.okezone.com/okz/400/content/2023/11/05/47/2914842/jelang-laga-fiorentina-vs-juventus-massimiliano-allegri-sanjung-skuad-la-viola-FarZJRvpeg.JPG>; rel="canonical"
x-amz-cf-id
dbAoQxdIIJ7UTPU-e2QQZ8MPGz7DVApcDHVanmIPTKZKPT4V7Zr69g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
3-nama-yang-mencuat-usai-erick-thohir-sebut-akan-naturalisasi-gelandang-dan-striker-untuk-timnas-indonesia-RQnstrok6c.jpg
img.okezone.com/okz/400/content/2023/11/05/51/2914863/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/okz/400/content/2023/11/05/51/2914863/3-nama-yang-mencuat-usai-erick-thohir-sebut-akan-naturalisasi-gelandang-dan-striker-untuk-timnas-indonesia-RQnstrok6c.jpg
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
0e40222441f53e4f44d65a1d9daeb56728bf32423b097f603eb97974c5ae20bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
strict-transport-security
max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
13341
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sun, 05 Nov 2023 12:25:22 GMT
server
nginx/1.20.1
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000, s-maxage=10
link
<http://127.0.0.1:81//okz/400/content/2023/11/05/51/2914863/3-nama-yang-mencuat-usai-erick-thohir-sebut-akan-naturalisasi-gelandang-dan-striker-untuk-timnas-indonesia-RQnstrok6c.jpg>; rel="canonical", <http://img.okezone.com/okz/400/content/2023/11/05/51/2914863/3-nama-yang-mencuat-usai-erick-thohir-sebut-akan-naturalisasi-gelandang-dan-striker-untuk-timnas-indonesia-RQnstrok6c.jpg>; rel="canonical"
x-amz-cf-id
IQiZ2YDca_DWkJkjkS1ZUSYjArgpUlXrZlhHdLdIPzHygdm92Cowdw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
5-pemain-persib-bandung-yang-berpotensi-dilepas-bojan-hodak-pada-bursa-transfer-liga-1-2023-2024-nomor-1-pemain-asing-u79Y3yOWC5.jpg
img.okezone.com/okz/400/content/2023/11/05/49/2914817/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/okz/400/content/2023/11/05/49/2914817/5-pemain-persib-bandung-yang-berpotensi-dilepas-bojan-hodak-pada-bursa-transfer-liga-1-2023-2024-nomor-1-pemain-asing-u79Y3yOWC5.jpg
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
08175b3c2bcdbf8753a79855b9a9bf718e95ac98e422905edb8e3f9dea8d70ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
strict-transport-security
max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
22626
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sun, 05 Nov 2023 09:22:05 GMT
server
nginx/1.20.1
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000, s-maxage=10
link
<http://127.0.0.1:81//okz/400/content/2023/11/05/49/2914817/5-pemain-persib-bandung-yang-berpotensi-dilepas-bojan-hodak-pada-bursa-transfer-liga-1-2023-2024-nomor-1-pemain-asing-u79Y3yOWC5.jpg>; rel="canonical", <http://img.okezone.com/okz/400/content/2023/11/05/49/2914817/5-pemain-persib-bandung-yang-berpotensi-dilepas-bojan-hodak-pada-bursa-transfer-liga-1-2023-2024-nomor-1-pemain-asing-u79Y3yOWC5.jpg>; rel="canonical"
x-amz-cf-id
MJiHTuToRL7Zlnd_4fqrhpv0d9UULnGEPD7poz0USSB0I0pONZtCqQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
jelang-pembukaan-piala-dunia-u-17-2023-presiden-fifa-gianni-infantino-sebut-indonesia-sebagai-negara-yang-indah-Lkgdqao5Gd.JPG
img.okezone.com/content/2023/11/04/51/2914297/ 		241 KB
242 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2023/11/04/51/2914297/jelang-pembukaan-piala-dunia-u-17-2023-presiden-fifa-gianni-infantino-sebut-indonesia-sebagai-negara-yang-indah-Lkgdqao5Gd.JPG
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
7f0a8c8b84ce6c093d5c508af54430d5b6471eb17d2675c8b2a3a64071a22bba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
247220
x-xss-protection
1; mode=block
last-modified
Sat, 04 Nov 2023 05:15:40 GMT
server
nginx/1.20.1
etag
"6545d37c-3c5b4"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2023/11/04/51/2914297/jelang-pembukaan-piala-dunia-u-17-2023-presiden-fifa-gianni-infantino-sebut-indonesia-sebagai-negara-yang-indah-Lkgdqao5Gd.JPG>; rel="canonical"
x-amz-cf-id
d81Ha72Sp--nAyTYo2EUtu_YrRlp3jT5v29xnNyEolLEAPw616C7Yg==
expires
Mon, 04 Nov 2024 17:36:45 GMT
ketua-umum-pssi-erick-thohir-tawarkan-indonesia-sebagai-kandang-timnas-palestina-wapres-pssi-nya-palestina-terima-kasih-UaNYDiysdj.jpg
img.okezone.com/content/2023/11/04/51/2914496/ 		160 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2023/11/04/51/2914496/ketua-umum-pssi-erick-thohir-tawarkan-indonesia-sebagai-kandang-timnas-palestina-wapres-pssi-nya-palestina-terima-kasih-UaNYDiysdj.jpg
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
a874b0005f6f27f9d8bef432e068e1ed4d2127321c3914fb34b2e0dd344bb030
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
164011
x-xss-protection
1; mode=block
last-modified
Sat, 04 Nov 2023 13:29:46 GMT
server
nginx/1.20.1
etag
"6546474a-280ab"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2023/11/04/51/2914496/ketua-umum-pssi-erick-thohir-tawarkan-indonesia-sebagai-kandang-timnas-palestina-wapres-pssi-nya-palestina-terima-kasih-UaNYDiysdj.jpg>; rel="canonical"
x-amz-cf-id
iKCF_9a7GNYXKcUz2Utdon9JHp64cxdavB5ZbmoeOMjdK0BdOgKYtQ==
expires
Mon, 04 Nov 2024 17:36:45 GMT
5-negara-asia-yang-mendukung-israel-bikin-fifa-enggan-hukum-israel-dXjMgK0nWM.jpg
img.okezone.com/content/2023/11/05/51/2914615/ 		117 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2023/11/05/51/2914615/5-negara-asia-yang-mendukung-israel-bikin-fifa-enggan-hukum-israel-dXjMgK0nWM.jpg
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
593b388162285cb27618bdfe687b1088d190066117a8f88e841055b071e0473f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
119860
x-xss-protection
1; mode=block
last-modified
Sun, 05 Nov 2023 00:12:12 GMT
server
nginx/1.20.1
etag
"6546dddc-1d434"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2023/11/05/51/2914615/5-negara-asia-yang-mendukung-israel-bikin-fifa-enggan-hukum-israel-dXjMgK0nWM.jpg>; rel="canonical"
x-amz-cf-id
G69NHij9S-DDJsSui7GuYDp7JXhi0DZFoqL1u8mQvVZamce1dBDlAw==
expires
Mon, 04 Nov 2024 17:36:45 GMT
erick-thohir-beberkan-kisah-tonci-shouter-pemain-timnas-indonesia-u-17-asal-papua-yang-berlatih-dengan-4-jam-jalan-kaki-C1jhQtl2Ef.jpg
img.okezone.com/content/2023/11/05/51/2914751/ 		295 KB
296 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2023/11/05/51/2914751/erick-thohir-beberkan-kisah-tonci-shouter-pemain-timnas-indonesia-u-17-asal-papua-yang-berlatih-dengan-4-jam-jalan-kaki-C1jhQtl2Ef.jpg
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e962317ea541ed763331c2e08b77d56dfa1fefd234bc6e4de9c1f3b356f9ed36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
302121
x-xss-protection
1; mode=block
last-modified
Sun, 05 Nov 2023 07:04:57 GMT
server
nginx/1.20.1
etag
"65473e99-49c29"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2023/11/05/51/2914751/erick-thohir-beberkan-kisah-tonci-shouter-pemain-timnas-indonesia-u-17-asal-papua-yang-berlatih-dengan-4-jam-jalan-kaki-C1jhQtl2Ef.jpg>; rel="canonical"
x-amz-cf-id
TbW5qT4_GiMdAf6Sk5Az-uMOcJGlf9x8b-bBwfG84Nxs1URJzJ_cmQ==
expires
Mon, 04 Nov 2024 17:36:45 GMT
reaksi-pelatih-timnas-brasil-u-17-soal-welber-jardim-bela-timnas-indonesia-u-17-di-piala-dunia-u-17-2023-l4bs4NvFrL.jpg
img.okezone.com/content/2023/11/05/51/2914686/ 		203 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2023/11/05/51/2914686/reaksi-pelatih-timnas-brasil-u-17-soal-welber-jardim-bela-timnas-indonesia-u-17-di-piala-dunia-u-17-2023-l4bs4NvFrL.jpg
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
1337d72044445a757af75a931895293195b9295c45d661bc2acbff55e71da631
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
208378
x-xss-protection
1; mode=block
last-modified
Sun, 05 Nov 2023 03:58:42 GMT
server
nginx/1.20.1
etag
"654712f2-32dfa"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2023/11/05/51/2914686/reaksi-pelatih-timnas-brasil-u-17-soal-welber-jardim-bela-timnas-indonesia-u-17-di-piala-dunia-u-17-2023-l4bs4NvFrL.jpg>; rel="canonical"
x-amz-cf-id
VeXeUSXJbZyJxciQV9Qn-Z7jBWvq8TXbGXXQlTgvOaOG-4v104RMcg==
expires
Mon, 04 Nov 2024 17:36:45 GMT
erling-haaland-jadi-tumbal-kemenangan-besar-manchester-city-atas-bournemouth-6-1-j02tD0V299.jpg
img.okezone.com/content/2023/11/05/45/2914657/ 		331 KB
332 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2023/11/05/45/2914657/erling-haaland-jadi-tumbal-kemenangan-besar-manchester-city-atas-bournemouth-6-1-j02tD0V299.jpg
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
21627740d16f5b73472abd41baf9178397f7830e0cab7c7649b1c81c63aeaf52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
338790
x-xss-protection
1; mode=block
last-modified
Sun, 05 Nov 2023 02:53:58 GMT
server
nginx/1.20.1
etag
"654703c6-52b66"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2023/11/05/45/2914657/erling-haaland-jadi-tumbal-kemenangan-besar-manchester-city-atas-bournemouth-6-1-j02tD0V299.jpg>; rel="canonical"
x-amz-cf-id
yRoLLpo7xExjDGwx1DX6dXRxMppbQeWJaE0saDp7XFt013j_pTeICA==
expires
Mon, 04 Nov 2024 17:36:45 GMT
5-pemain-persib-bandung-yang-berpotensi-dilepas-bojan-hodak-pada-bursa-transfer-liga-1-2023-2024-nomor-1-pemain-asing-XW127hfEZU.jpg
img.okezone.com/content/2023/11/05/49/2914817/ 		299 KB
300 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2023/11/05/49/2914817/5-pemain-persib-bandung-yang-berpotensi-dilepas-bojan-hodak-pada-bursa-transfer-liga-1-2023-2024-nomor-1-pemain-asing-XW127hfEZU.jpg
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
9255fe86dd1cd2a0ef2dce455e7a663b9b5b5026c3d0e296572d22f16772df07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
305921
x-xss-protection
1; mode=block
last-modified
Sun, 05 Nov 2023 09:22:05 GMT
server
nginx/1.20.1
etag
"65475ebd-4ab01"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2023/11/05/49/2914817/5-pemain-persib-bandung-yang-berpotensi-dilepas-bojan-hodak-pada-bursa-transfer-liga-1-2023-2024-nomor-1-pemain-asing-XW127hfEZU.jpg>; rel="canonical"
x-amz-cf-id
Y0zLjhpjEIN3WJyDssstQv4WNqqj1lM9xVnZJqIUrDQS30mDL7n7_A==
expires
Mon, 04 Nov 2024 17:36:45 GMT
raphael-maitimo-tak-pernah-lupakan-indonesia-meski-bantu-timnas-kanada-u-17-di-piala-dunia-u-17-2023-d3WA5hEGXb.jpg
img.okezone.com/content/2023/11/04/51/2914250/ 		191 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2023/11/04/51/2914250/raphael-maitimo-tak-pernah-lupakan-indonesia-meski-bantu-timnas-kanada-u-17-di-piala-dunia-u-17-2023-d3WA5hEGXb.jpg
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
144399df59370710243e57f947d9b8e6616d8b3a9682b9c94b932377440988fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
195106
x-xss-protection
1; mode=block
last-modified
Sat, 04 Nov 2023 03:03:02 GMT
server
nginx/1.20.1
etag
"6545b466-2fa22"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2023/11/04/51/2914250/raphael-maitimo-tak-pernah-lupakan-indonesia-meski-bantu-timnas-kanada-u-17-di-piala-dunia-u-17-2023-d3WA5hEGXb.jpg>; rel="canonical"
x-amz-cf-id
_4p3931Uws-8nhU5QuLWY-99gGWW4L2Nz72KY_QesfajPtm4kgBjHQ==
expires
Mon, 04 Nov 2024 17:36:45 GMT
3-pertanda-thom-haye-segera-perkuat-timnas-indonesia-nomor-1-sinyal-kuat-dari-erick-thohir-c4osOAydrY.jpg
img.okezone.com/content/2023/11/05/51/2914736/ 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2023/11/05/51/2914736/3-pertanda-thom-haye-segera-perkuat-timnas-indonesia-nomor-1-sinyal-kuat-dari-erick-thohir-c4osOAydrY.jpg
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
3151956f95a89491db0eeeeb4afaa2a654193ac0c55bc4b69f8754ba4fc113d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
114042
x-xss-protection
1; mode=block
last-modified
Sun, 05 Nov 2023 06:20:08 GMT
server
nginx/1.20.1
etag
"65473418-1bd7a"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2023/11/05/51/2914736/3-pertanda-thom-haye-segera-perkuat-timnas-indonesia-nomor-1-sinyal-kuat-dari-erick-thohir-c4osOAydrY.jpg>; rel="canonical"
x-amz-cf-id
B4uRktFZeOAJpdS4o0N6RhaJH8DgI1u_c5gQdYSashIFSkvmqXP2Iw==
expires
Mon, 04 Nov 2024 17:36:45 GMT
3-nama-yang-mencuat-usai-erick-thohir-sebut-akan-naturalisasi-gelandang-dan-striker-untuk-timnas-indonesia-573zwkiuIW.jpg
img.okezone.com/content/2023/11/05/51/2914863/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2023/11/05/51/2914863/3-nama-yang-mencuat-usai-erick-thohir-sebut-akan-naturalisasi-gelandang-dan-striker-untuk-timnas-indonesia-573zwkiuIW.jpg
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
495b635917ddb18ecc916e44fd62f6ca1a22ddcb0f9342317ffe2c057faa7fd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
74131
x-xss-protection
1; mode=block
last-modified
Sun, 05 Nov 2023 12:25:22 GMT
server
nginx/1.20.1
etag
"654789b2-12193"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2023/11/05/51/2914863/3-nama-yang-mencuat-usai-erick-thohir-sebut-akan-naturalisasi-gelandang-dan-striker-untuk-timnas-indonesia-573zwkiuIW.jpg>; rel="canonical"
x-amz-cf-id
FAeNCcLtBXLqXG9mHC5xtFFBlvTfdQGvHQqN2211M-olk30MzoL42A==
expires
Mon, 04 Nov 2024 17:36:45 GMT
next.svg
cdn.okezone.com/underwood/revamp/2019/img/headline/ 		936 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2019/img/headline/next.svg
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
8612cda75121d16330a454458c073c53e3699308f447b08f61933ef607d63046

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
content-encoding
gzip
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:24:31 GMT
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"616410df-3a8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-id
j3DDKLuEvNHzBLl2a9MnH2Ye_ocNoSlEcMgKYPtBcSxOpmSTOigGkw==
expires
Tue, 05 Dec 2023 17:36:45 GMT
prev.svg
cdn.okezone.com/underwood/revamp/2019/img/headline/ 		928 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2019/img/headline/prev.svg
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
9ef45f12c8c70e0efce63fc8c0d0f0ea366521da05593a6445b82a9b1e7ae917

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
content-encoding
gzip
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:24:31 GMT
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"616410df-3a0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
x-amz-cf-id
9Ivfwyti4b1f7HA9NbMiMsUyhZd9VETzf4BO6STkv67fT-_2QQ3Uog==
expires
Tue, 05 Dec 2023 17:36:45 GMT
logo-wp-footer.svg
cdn.okezone.com/underwood/revamp/2019/logo/desktop/ 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2019/logo/desktop/logo-wp-footer.svg
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
002dc3cce74f753869c357fb411cd7df90d6bb0c96dc7cc569875947161bede9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
content-encoding
gzip
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:24:33 GMT
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"616410e1-2bd9"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-id
E5eTikmfpUpnoMvlCtofVtL2OWJEn61ejDSa2NaIPtOgGFrZa6Nrww==
expires
Tue, 05 Dec 2023 17:36:45 GMT
sprites-fot.png
cdn.okezone.com/underwood/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/img/sprites-fot.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
f786379a23ccc3bd7bd84111b2b2237a7e759ad40fb0628214b292119bac4779
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"61641111-e73"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3699
x-amz-cf-id
L_dPyaRqAAA6kL56JHYbMA_smfoyUITYh77Q_hu1bTmwdGNMyrisXg==
expires
Fri, 01 Dec 2023 18:44:28 GMT
mnc-media-log.png
cdn.okezone.com/underwood/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/img/mnc-media-log.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b47ec721017e692a55cea350222c082fe654f140a289ba22b932806350ad4346
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"61641110-8c4"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2244
x-amz-cf-id
KhnzPdAOAUSuzAx6JYFQ6NfZd_RsGhG8gtdg8k1ZH0qt7uKDAFFtEQ==
expires
Mon, 06 Nov 2023 20:41:01 GMT
play-normal.png
cdn.okezone.com//underwood/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com//underwood/img/play-normal.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ecca83e1c4d9a1de89b4afec8843dce564b8c3f5061aefb451818a3318e5b9ed
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"61641110-84d"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2125
x-amz-cf-id
-oYbQHpZgCOC-6DkCVwd-JMcZ-am3Mlhb0qC1_9OWtSb3WUlVfyVJA==
expires
Wed, 22 Nov 2023 22:07:33 GMT
roboto-bold-webfont.woff2
cdn.okezone.com/underwood/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/fonts/roboto-bold-webfont.woff2
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
71cedce3e82185a1b5ffe23f4b4b2ae2f32b26c7616719ab631731d520881b8a

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Origin
https://bola.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 96715c2264ed86dcc0da2beca3559080.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:23:46 GMT
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"616410b2-48f4"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
18676
x-amz-cf-id
2DjxzF9yO9N4EAmCTlaINFfh6WmuHJ3WMn64fro6tOKYFp5NZD8DxA==
expires
Tue, 05 Dec 2023 17:36:45 GMT
roboto-medium-webfont.woff2
cdn.okezone.com/underwood/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/fonts/roboto-medium-webfont.woff2
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
f7cec4cd8f2b83766b6c8c4bd514186c5e23e96e6d327546ff7ac2c80bfc02c2

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Origin
https://bola.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 96715c2264ed86dcc0da2beca3559080.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:23:45 GMT
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"616410b1-492c"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
18732
x-amz-cf-id
UAUXdd9m1iHpzh7ucnuAueOKbiutwX21vIkq6QhyWypHSOCETajpgw==
expires
Tue, 05 Dec 2023 17:36:45 GMT
overpass-light-webfont.woff2
cdn.okezone.com/underwood/fonts/fontsmin/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/fonts/fontsmin/overpass-light-webfont.woff2
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
66669a175c1a9f1c8424abeaa084e340b621abb65c375e117b21a164e76d9acc

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Origin
https://bola.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 96715c2264ed86dcc0da2beca3559080.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:23:46 GMT
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"616410b2-61c0"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
25024
x-amz-cf-id
CnCw2e-CU4HtZGte85v_jB-JW-1vU59FkzHRdM7_0Zavvk_Xw_PQ1Q==
expires
Tue, 05 Dec 2023 17:36:45 GMT
roboto-regular-webfont.woff2
cdn.okezone.com/underwood/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/fonts/roboto-regular-webfont.woff2
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
d92f2d3f9c6dbf5571b787b387034f121fa55b4b22c66ae057531b4a038b20de

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Origin
https://bola.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 96715c2264ed86dcc0da2beca3559080.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:23:46 GMT
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"616410b2-4a48"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
19016
x-amz-cf-id
jVQGbMOS3KxvZgIVj1rUroKjCWtLNou-wGgl4Pp5yRb_w2BH-56Yqg==
expires
Tue, 05 Dec 2023 17:36:45 GMT
overpass-bold-webfont.woff2
cdn.okezone.com/underwood/fonts/fontsmin/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/fonts/fontsmin/overpass-bold-webfont.woff2
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
05684cf92cad6ae0e8e53e2de7ef08e0f6bfe8ef337779f99f9af4d0215a1041

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Origin
https://bola.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 96715c2264ed86dcc0da2beca3559080.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:23:46 GMT
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"616410b2-5858"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
22616
x-amz-cf-id
2-4vUeKDvQcRgpVkib3ILft8tWqJcuonqHInqHHCGaXtooPGHxIcpg==
expires
Tue, 05 Dec 2023 17:36:45 GMT
overpass-regular-webfont.woff2
cdn.okezone.com/underwood/fonts/fontsmin/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/fonts/fontsmin/overpass-regular-webfont.woff2
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
0623c22d7c4c71a3f6a7829e7936d3970d1bc62ed20b0dd35cd7a048c1029a23

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Origin
https://bola.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 96715c2264ed86dcc0da2beca3559080.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:23:46 GMT
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"616410b2-59a4"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
22948
x-amz-cf-id
-KTDGYTcriN_r_Na9KGgeD6Uz1Bx70HrAVUxspBM6PPCIGdH5zJCXA==
expires
Tue, 05 Dec 2023 17:36:45 GMT
collect
www.google-analytics.com/j/ 		1 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1184309274&t=pageview&_s=1&dl=https%3A%2F%2Fbola.okezone.com%2F&ul=en-us&de=UTF-8&dt=Okezone%20Bola%20Berita%20dan%20Jadwal%20Bola%20Indonesia%20Internasional&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=10818380&gjid=1017938677&cid=605566569.1699205805&tid=UA-153789817-2&_gid=1874651922.1699205805&_r=1&gtm=457e3b11&gcd=11l1l1l1l1&jsscut=1&z=1435653373
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bola.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bola.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		16 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1184309274&t=pageview&_s=1&dl=https%3A%2F%2Fbola.okezone.com%2F&ul=en-us&de=UTF-8&dt=Okezone%20Bola%20Berita%20dan%20Jadwal%20Bola%20Indonesia%20Internasional&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1507150217&gjid=764132582&cid=605566569.1699205805&tid=UA-82922228-1&_gid=1874651922.1699205805&_r=1&_slc=1&gtm=45He3b11n81T7STHLBv832431297&gcd=11l1l1l1l1&z=672279747
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
626127d718174de7439efdeecc895b8736309a97c182a4669a3c7777b9046eae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bola.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bola.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1184309274&t=pageview&_s=1&dl=https%3A%2F%2Fbola.okezone.com%2F&ul=en-us&de=UTF-8&dt=Okezone%20Bola%20Berita%20dan%20Jadwal%20Bola%20Indonesia%20Internasional&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAEK~&jid=34244785&gjid=1099505055&cid=605566569.1699205805&tid=UA-153789817-1&_gid=1874651922.1699205805&_r=1&_slc=1&gtm=45He3b11n81T7STHLBv832431297&gcd=11l1l1l1l1&cd5=GTM-T7STHLB&cd6=1699205805287.vv12op2a&cd8=2023-11-05T18%3A36%3A45.287%2B01%3A00&cd9=gtm.js&cd7=605566569.1699205805&z=412570248
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bola.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bola.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-82922228-1&cid=605566569.1699205805&jid=1507150217&gjid=764132582&_gid=1874651922.1699205805&_u=YEDAAUABAAAAACAAI~&z=1447021892
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bola.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 05 Nov 2023 17:36:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bola.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		228 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L1BHTHEZ01&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a3925fdb4751fff78d83e4bd8ede7f9a300709648c26a400adf88720a6e17427
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82876
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 05 Nov 2023 17:36:45 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-153789817-1&cid=605566569.1699205805&jid=34244785&gjid=1099505055&_gid=1874651922.1699205805&_u=YEDAAUABAAAAACAEK~&z=1589613114
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bola.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 05 Nov 2023 17:36:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bola.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2.js
cdn4-hbs.affinitymatrix.com/hvrlib/okezone.com/1663580454/ 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4-hbs.affinitymatrix.com/hvrlib/okezone.com/1663580454/v2.js
Requested by
Host: hbs.ph.affinity.com
URL: https://hbs.ph.affinity.com/v5/okezone.com/index.php?t=51018
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:fc48:bc4b::bc:238 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS
Software
v/6.7.6/6.5.25/v10fra1-www /
Resource Hash
925484a7a64b0dbeeeb8bc856c5f4f29feae9fbe37a5720fb443042155c81f4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-version
9
date
Fri, 03 Nov 2023 04:23:55 GMT
content-encoding
gzip
x-real-ip
2a01:4a0:5a::10
server
v/6.7.6/6.5.25/v10fra1-www
age
243175
x-tata-request-id
6570b6be4aac1c0bdf86a11df62bfc84, 6570b6be4aac1c0bdf86a11df62bfc84
vary
Accept-Encoding
x-cache
HIT,v10fra1
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
22673
expires
Mon, 04 Nov 2024 17:36:45 GMT
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MZ0Q248WBF&gtm=45je3b11v886545465z8832431297&_p=1699205805191&_gaz=1&gcd=11l1l1l1l1&cid=605566569.1699205805&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699205805&sct=1&seg=0&dl=https%3A%2F%2Fbola.okezone.com%2F&dt=Okezone%20Bola%20Berita%20dan%20Jadwal%20Bola%20Indonesia%20Internasional&en=page_view&_fv=1&_ss=1&up.custom_client_id=605566569.1699205805.&tfd=771
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-MZ0Q248WBF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bola.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
48 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MZ0Q248WBF&cid=605566569.1699205805&gtm=45je3b11v886545465z8832431297&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-MZ0Q248WBF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bola.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MZ0Q248WBF&cid=605566569.1699205805&gtm=45je3b11v886545465z8832431297&aip=1&z=475292429
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-L1BHTHEZ01&gtm=45je3b11v9134490747&_p=1699205805191&_gaz=1&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=605566569.1699205805&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fbola.okezone.com%2F&dt=Okezone%20Bola%20Berita%20dan%20Jadwal%20Bola%20Indonesia%20Internasional&sid=1699205805&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=821
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L1BHTHEZ01&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bola.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
46 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-L1BHTHEZ01&cid=605566569.1699205805&gtm=45je3b11v9134490747&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L1BHTHEZ01&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bola.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-L1BHTHEZ01&cid=605566569.1699205805&gtm=45je3b11v9134490747&aip=1&z=771581196
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-82922228-1&cid=605566569.1699205805&jid=1507150217&_u=YEDAAUABAAAAACAAI~&z=208092656
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-82922228-1&cid=605566569.1699205805&jid=1507150217&_u=YEDAAUABAAAAACAAI~&z=208092656
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
affhb.data.js.php
cdn4-hbs.affinitymatrix.com/v5/hvr_man_okezone.com/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4-hbs.affinitymatrix.com/v5/hvr_man_okezone.com/affhb.data.js.php?t=51018
Requested by
Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/hvrlib/okezone.com/1663580454/v2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:fc48:bc4b::bc:238 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS
Software
v/6.7.6/6.5.25/v10fra1-www /
Resource Hash
c9489d9fe1f113fcfc3ef61c73c0a747aff8b18a68550303ca058d9be4bc9b62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-version
9
date
Tue, 24 Oct 2023 15:48:04 GMT
content-encoding
gzip
x-real-ip
2a01:4a0:5a::10
server
v/6.7.6/6.5.25/v10fra1-www
age
1044700
x-tata-request-id
53ec5106aaea230a347516818e982d5c, 53ec5106aaea230a347516818e982d5c
vary
Accept-Encoding
x-cache
HIT,v10fra1
content-type
application/Javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20243
expires
Mon, 04 Nov 2024 17:36:45 GMT
prebid7.40.0-56451ce3d1a61f1d5aef0a68188e1cfe-cur-sch-gdpr-ccpa-ucrit.js
cdn4-hbs.affinitymatrix.com/app/pbjs/2023A/ 		380 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4-hbs.affinitymatrix.com/app/pbjs/2023A/prebid7.40.0-56451ce3d1a61f1d5aef0a68188e1cfe-cur-sch-gdpr-ccpa-ucrit.js
Requested by
Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/v5/hvr_man_okezone.com/affhb.data.js.php?t=51018
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:fc48:bc4b::bc:238 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS
Software
v/6.7.6/6.5.25/v10fra1-www /
Resource Hash
82f52a6ce9f7bf392d9889d417a35d48ca4f1309b1034cfb7be0bfeb19e6d6de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-version
9
date
Fri, 03 Nov 2023 00:33:53 GMT
content-encoding
gzip
last-modified
Tue, 19 Sep 2023 09:08:31 GMT
server
v/6.7.6/6.5.25/v10fra1-www
age
239933
x-tata-request-id
0dfa212bfbb45aabac9b562482d8af7d, 0dfa212bfbb45aabac9b562482d8af7d
x-real-ip
2a01:4a0:5a::10
vary
Accept-Encoding
x-cache
HIT,v10fra1
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
142571
expires
Mon, 04 Nov 2024 17:36:45 GMT
cfg.php
hbs.ph.affinity.com/app/ 		147 B
256 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hbs.ph.affinity.com/app/cfg.php?d=hvr_man_okezone.com
Requested by
Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/v5/hvr_man_okezone.com/affhb.data.js.php?t=51018
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.1.141 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
141.1.117.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1c278ea2be331870f751e2c3305e9768ba751704e4eb02c5ac0566bf23e09e24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:45 GMT
content-encoding
gzip
via
1.1 google
server
nginx
vary
Accept-Encoding
content-type
application/Javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/ 		426 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 13:49:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
13623
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136626
x-xss-protection
0
server
cafe
etag
12374074705736737879
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 04 Nov 2024 13:49:42 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231105
Requested by
Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/app/pbjs/2023A/prebid7.40.0-56451ce3d1a61f1d5aef0a68188e1cfe-cur-sch-gdpr-ccpa-ucrit.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4618c73b3cda93073557b27a3b8abd09750e3d720b9dbfd999aa49e9a0d13f38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bola.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5757
x-jsd-version
1.0.1864
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"63f-Q/mYDhq873DCPDDzGNyalyoNhAQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTG8aIauSsE7lighVSHRezWwmLTr1XWU5N2w6sc8ovUVeI6M7YStkWAOAjfByLULH1fh4NH%2By%2Bh0HTRWJrrGwECsgjbKa35qbX2IiKjvlVAgjb%2BF4SfcXx7VZrjE%2FAPmct12rDinZnZZQHd05u4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8216dc5d0d6a1941-FRA
rum.js
securepubads.g.doubleclick.net/pagead/js/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df0d3f5eed86511fa9135f21cbee65b08c1efc23fea10175b0f2db4bca19b670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 16:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
2849
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24425
x-xss-protection
0
server
cafe
etag
2680689839065237785
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 17:49:16 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 06 Nov 2023 17:36:45 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-12.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 03:16:17 GMT
content-encoding
gzip
via
1.1 6f348d610065e2c8eb4f3a0d2f7caa8e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P6
age
51629
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
BSsNT8U7_VP379p-Q3TMYM5LOAStptcnWeRWrOJfYIchmgXgi0vXwg==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
5896507643749a09ee2687f18a791744
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 02:29:26 GMT
content-encoding
gzip
age
918439
x-guploader-uploadid
ABPtcPqHbjqPhKh2g3rLNDONjQOKU61Px7tzqzBh7WkCYt0i0BsdHalj9-b0OPiPUoULQhA2lZHQGq8cBXCis3HntxktCwlYb4qI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Fri, 25 Oct 2024 02:29:26 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
502640
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8216dc5d783a371a-FRA
expires
Wed, 08 Nov 2023 17:36:45 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:7a00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Sun, 05 Nov 2023 05:14:56 GMT
Via
1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
44510
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
uQYq7UxuRMaqCdi1joRex-TJbIUYSU_mzYhD7sDaLiF1DLfC4Vd_ZQ==
esp.js
cdn.id5-sync.com/api/1.0/ 		143 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 08:11:43 GMT
server
cloudflare
x-amz-request-id
YC88ZAK0BT4TV1QS
age
1520
etag
W/"8a9ad568d94062c0186983f6aac0be50"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8216dc5d58581d94-FRA
x-amz-id-2
3tPdeywrS2ZGfOvvBHdUm35bzzhfjLgQkaQJ9ZZf+ANtV1xLI/PXt4eIeOu5L+IY+8KIk1FeUcrdkLkz++N6vQ==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5292
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230066-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5yogDN4ow%2FS4C5%2FcygLPW7mvAWCet1CP5FOOjJYKuqGFThk28c%2F7BNbSVPmGXV3OAvPRCOH3N%2Bw0BKN73KlrzlJBVg9DiFkFoIoGbOXk3WXXM7BRDJbwWbDDGP6oeZOF2BcbVFPRnNo7SKw8PM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8216dc5d58a63647-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		412 KB
91 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=821912577806818&correlator=4126638178321833&eid=31079420%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=105246217%2Cokezone%2Cdesktop%2Cbola%2Chome%2Ctopleaderboard%2Cbillboard%2Crectangle1%2Cgiantrec%2Cbottomrec%2Cleaderboard%2Chorizonad%2Cskinad%2COkezone_Desktop_Interstitial%2COkezone_logo&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F6%2C%2F0%2F1%2F2%2F3%2F4%2F7%2C%2F0%2F1%2F2%2F3%2F4%2F8%2C%2F0%2F1%2F2%2F3%2F4%2F9%2C%2F0%2F1%2F2%2F3%2F4%2F10%2C%2F0%2F1%2F2%2F3%2F4%2F11%2C%2F0%2F1%2F2%2F3%2F4%2F12%2C%2F0%2F1%2F2%2F13%2C%2F0%2F1%2F14&prev_iu_szs=728x90%2C970x250%2C300x250%2C300x600%2C300x250%2C728x90%2C1100x50%2C120x600%2C1x1%2C168x42&ifi=1&didk=381809099~3903806592~3328664595~1789861474~3622892470~3528349444~1812364883~3956285495~1670274262~643505690&sfv=1-0-40&ists=2&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C8%2C0&sc=1&cookie_enabled=1&abxe=1&dt=1699205805619&lmt=1699205805&adxs=592%2C280%2C-9%2C-9%2C-9%2C280%2C-12245933%2C-12245933%2C-9%2C-9&adys=60%2C208%2C-9%2C-9%2C-9%2C1095%2C-12245933%2C-12245933%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C-1%7C-1%7C-1%7C0%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbola.okezone.com%2F&rumc=821912577806818&rume=1&vis=1&psz=748x0%7C1040x20%7C0x-1%7C0x-1%7C0x-1%7C724x20%7C0x-1%7C120x-1%7C0x-1%7C0x-1&msz=728x0%7C1040x0%7C0x-1%7C0x-1%7C0x-1%7C724x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=4%2C4%2C2%2C2%2C2%2C4%2C644%2C644%2C2%2C2&ohw=748%2C1040%2C0%2C0%2C0%2C724%2C1600%2C120%2C0%2C0&ga_vid=605566569.1699205805&ga_sid=1699205806&ga_hid=1184309274&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYrOy7hLoxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKzsu4S6MUgAUgIIZBIXCghydGJob3VzZRis7LuEujFIAFICCGQSFAoFb3BlbngYrOy7hLoxSABSAghk&dlt=1699205804752&idt=828&prev_scp=%7C%7C%7C%7C%7C%7C%7C%7CMPI%3DInterstitial%7C&adks=3008733920%2C3616101633%2C3833774299%2C2413034830%2C1788998965%2C3959144198%2C3097018523%2C4144544727%2C3141112520%2C3944320852&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be1d9056f4c874d8e738deb22168e69bcf186b3ff1a795d53a84cf360e27845f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92831
x-xss-protection
0
google-lineitem-id
6230456083,-1,-1,-1,-1,-2,-2,-1,-2,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138423480128,-1,-1,-1,-1,-2,-2,-1,-2,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bola.okezone.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5843 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 17:36:45 GMT
expires
Mon, 04 Nov 2024 17:36:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl_page_level_ads.js?cb=31079420
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
821b5ea3bad8371ee991b1347a507ca208deaca7cffa778fa1db64b8fc17f1b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 10:38:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
25087
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13760
x-xss-protection
0
server
cafe
etag
8051071232551270508
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 04 Nov 2024 10:38:38 GMT
ajax-loader.gif
cdn.okezone.com/news/news_2015a/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/news/news_2015a/img/ajax-loader.gif
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
271978b06de1a969aabd38bdeb72771935f8cedee9b284af9d54328710983627
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"6164114b-a30"
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2608
x-amz-cf-id
Bw-KE3i5e3HmnymrKvxXhSbwaKYwJy4HOSn-tPSHaEz7HqtE2Gj93A==
expires
Tue, 21 Nov 2023 16:41:45 GMT
14
bola.okezone.com/leftsidebar/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bola.okezone.com/leftsidebar/14
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2017/home/js/01/main-v2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:a400:11:2efd:e680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bac67162d7b1c88b4a9ddbc85e83f309b7fb8a8a5a98733b2c049c3f6a97d87b

Request headers

Accept
*/*
Referer
https://bola.okezone.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
gzip
via
1.1 c9b630de734c38e36e97554a32ac1a68.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
DUS51-P4
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
x-fastcgi-cache
STALE
x-robots-tag
noindex, nofollow
x-device
desktop
x-amz-cf-id
xdaE2CPS6jX26VK8qCsxWg3YVcU3oElnozLnObc3vZGtA1aXzOttag==
home
bola.okezone.com/rightsidebar/14/ 		30 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bola.okezone.com/rightsidebar/14/home
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2017/home/js/01/main-v2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:a400:11:2efd:e680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b5fea2e45d2e706a2d1b8fb470e7e0aa9142fad12991e6e2fc253a2d7e72743e

Request headers

Accept
*/*
Referer
https://bola.okezone.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
content-encoding
gzip
via
1.1 c9b630de734c38e36e97554a32ac1a68.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
DUS51-P4
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
x-fastcgi-cache
STALE
x-robots-tag
noindex, nofollow
x-device
desktop
x-amz-cf-id
irPd6ABoKfIxMLQsQfZ5WrExOH3N0EggHEr-1i6CM6sbL0_51O-2Ww==
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fbola.okezone.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fbola.okezone.com%2F&rid=esp&cc=1
85 B
195 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fbola.okezone.com%2F&rid=esp&cc=1
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
b8c7d4bc0da6b75225e4aae9abb706589379625c0126acafc1c3ae0437146068

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-yiin55svFPZEAd4d+hG64Wx+HCA"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bola.okezone.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://bola.okezone.com
location
/esp?url=https%3A%2F%2Fbola.okezone.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
syncframe
gum.criteo.com/ Frame 778F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=bola.okezone.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://bola.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 17:36:44 GMT
server
Kestrel
server-processing-duration-in-ticks
366198
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
map
bcp.crwdcntrl.net/6/ 		60 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-99-225.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
1b0a74ab5b9a4555216e807e83a77fe3565b427d60a90ea89f393c2eb32e4fae

Request headers

Referer
https://bola.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:45 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://bola.okezone.com
cache-control
no-cache
x-server
10.45.4.113
access-control-allow-credentials
true
content-length
60
expires
0
ping
ping.chartbeat.net/ 		43 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=okezone.com&p=%2F&u=E6jf1CRn--0BbhFDY&d=bola.okezone.com&g=67041&g0=no%20section&g1=no%20author&n=1&f=00001&c=0&x=0&m=0&y=7807&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fbola.okezone.com%2F&b=1125&t=KtgjABlPQmADnSlrDWW98LCVcpIy&V=141&i=Okezone%20Bola%20Berita%20dan%20Jadwal%20Bola%20Indonesia%20Internasional&tz=-60&sn=1&sv=_iZzLCjw69VCS9j9MDDcwCZCh5ALc&sd=1&im=061b0fff&_
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.47.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-47-153.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 05 Nov 2023 17:36:46 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
widgetrctiplus
sindikasi.okezone.com/widget/iframe/ 		174 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sindikasi.okezone.com/widget/iframe/widgetrctiplus
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2017/home/js/01/main-v2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:8e00:1f:789c:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.55 (Unix) /
Resource Hash
2d5201030227927c56a4f24c21bf4f29c878c59213b6c4445dd3dd3830ac01c3

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://bola.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
server
Apache/2.4.55 (Unix)
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
174
x-amz-cf-id
PqhRRuVAmnYrD9WL9kTcghuL_wOLIybh67AUoA8fEJdh-h7GntS6rA==
widgetvisionplus
sindikasi.okezone.com/widget/iframe/ 		140 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sindikasi.okezone.com/widget/iframe/widgetvisionplus
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2017/home/js/01/main-v2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:8e00:1f:789c:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.55 (Unix) /
Resource Hash
b41894ad5e25c24318be493eef3df7dc33dde3b2ed812da784a2f0690db02c92

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://bola.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
server
Apache/2.4.55 (Unix)
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
140
x-amz-cf-id
liemIf0ARV3yb7b_dHuekalbU-1cvPcqSHrn9WY8Qpe4tex7vdQ6NQ==
aHR0cHM6Ly9ib2xhLm9rZXpvbmUuY29tLw==
bola.okezone.com/set-alert/ 		1 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bola.okezone.com/set-alert/aHR0cHM6Ly9ib2xhLm9rZXpvbmUuY29tLw==
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2017/home/js/01/main-v2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:a400:11:2efd:e680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept
text/html, */*; q=0.01
Referer
https://bola.okezone.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
gzip
via
1.1 c9b630de734c38e36e97554a32ac1a68.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
DUS51-P4
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
x-fastcgi-cache
BYPASS
cache-control
no-store, no-cache, must-revalidate
x-robots-tag
noindex, nofollow
x-device
desktop
x-amz-cf-id
hhAt-BfFPe8TdzNcTsiINFr1ZTZuIGez2RfCOOvs0gqXW_ukCFH3Xw==
expires
Thu, 19 Nov 1981 08:52:00 GMT
header
bola.okezone.com/set-sso/aHR0cHM6Ly9ib2xhLm9rZXpvbmUuY29tLw==/ 		216 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bola.okezone.com/set-sso/aHR0cHM6Ly9ib2xhLm9rZXpvbmUuY29tLw==/header
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2017/home/js/01/main-v2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:a400:11:2efd:e680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4f9149f4e24d48e006d4d809200ecb9f82787d08ae06a2055288cb1f30a1b390

Request headers

Accept
text/html, */*; q=0.01
Referer
https://bola.okezone.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
gzip
via
1.1 c9b630de734c38e36e97554a32ac1a68.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
DUS51-P4
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
x-fastcgi-cache
BYPASS
cache-control
no-store, no-cache, must-revalidate
x-robots-tag
noindex, nofollow
x-device
desktop
x-amz-cf-id
FVPjsm8zTitBR5TDa_YhbVXXWALakOannUZY0zpZSE5ndtC63zCmHA==
expires
Thu, 19 Nov 1981 08:52:00 GMT
sticky
bola.okezone.com/set-sso/aHR0cHM6Ly9ib2xhLm9rZXpvbmUuY29tLw==/ 		223 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bola.okezone.com/set-sso/aHR0cHM6Ly9ib2xhLm9rZXpvbmUuY29tLw==/sticky
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2017/home/js/01/main-v2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:a400:11:2efd:e680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
86a4b489e0bbf5146a92912a33b0d7ed8e9ac2f60b15ab634c6519210b386f83

Request headers

Accept
text/html, */*; q=0.01
Referer
https://bola.okezone.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
gzip
via
1.1 c9b630de734c38e36e97554a32ac1a68.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
DUS51-P4
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
x-fastcgi-cache
BYPASS
cache-control
no-store, no-cache, must-revalidate
x-robots-tag
noindex, nofollow
x-device
desktop
x-amz-cf-id
dJdj2DgXt9qVV7S30AW2GL4MNe2muScIi4s5KKenigmW9svi72nuOQ==
expires
Thu, 19 Nov 1981 08:52:00 GMT
hasil-babak-pertama-luton-town-vs-liverpool-di-liga-inggris-2023-2024-sengit-laga-masih-0-0-os2usqtT4z.JPG
img.okezone.com/okz/500/content/2023/11/06/45/2914925/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/okz/500/content/2023/11/06/45/2914925/hasil-babak-pertama-luton-town-vs-liverpool-di-liga-inggris-2023-2024-sengit-laga-masih-0-0-os2usqtT4z.JPG
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
a16b602ce6b9b987264243eae3cf8b19d7dcd2926109b3d62ea13c485ff5eee4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
36875
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sun, 05 Nov 2023 17:18:39 GMT
server
nginx/1.20.1
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000, s-maxage=10
link
<http://127.0.0.1:81//okz/500/content/2023/11/06/45/2914925/hasil-babak-pertama-luton-town-vs-liverpool-di-liga-inggris-2023-2024-sengit-laga-masih-0-0-os2usqtT4z.JPG>; rel="canonical", <http://img.okezone.com/okz/500/content/2023/11/06/45/2914925/hasil-babak-pertama-luton-town-vs-liverpool-di-liga-inggris-2023-2024-sengit-laga-masih-0-0-os2usqtT4z.JPG>; rel="canonical"
x-amz-cf-id
OJaR0Q_bUZ3SUCoc1NRwswqmN-x5OqRHX1wb8TD1oi_RnJoTrx7gmQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
sid
mug.criteo.com/ Frame 778F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=okezone.com&sn=ChromeSyncframe&so=0&topUrl=bola.okezone.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=n-zQ03xRbGQ0dTFxN1JBQzQvQVZJSzJvV293UW1ueElEMXBFMUtHbVB3Vm9pOEZBWnNiR044c1BwaFloZ2pYWWNwMHZIcXpzQmZiQUFLVllpQ1o1OTlZTWROcC91ajlQbVdOMnlGdXltOG4zN2tBVURHTnBOYnRsL2luUm...
433 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=n-zQ03xRbGQ0dTFxN1JBQzQvQVZJSzJvV293UW1ueElEMXBFMUtHbVB3Vm9pOEZBWnNiR044c1BwaFloZ2pYWWNwMHZIcXpzQmZiQUFLVllpQ1o1OTlZTWROcC91ajlQbVdOMnlGdXltOG4zN2tBVURHTnBOYnRsL2luUm1xYmFkK29tWDRLbWxmUHp2SHdVcmJUSkVYMy9Dc2pQQVZYVitocCttRW9EUjNXSHhrQjlTQVV0bkVuUVoxSmQ3NjZ2MUtvbDNwSVpHcDVBN1d2L2JRVFg4MUdwbTVEeEhid3BJMzhmcVhtQWFvc0lHKzJNK3BBT3JGYmI2alhvWkFGM2k3Ymh4Z2tHbnhZdmVlK1VRZ0FyTXE0MTlTQT09fA&cppv=2
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4d835b6fdb5367f066ee30c9de6f63f1922e479484f393c17a6225b146dad0f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:45 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1251214
expires
0

Redirect headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:45 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=n-zQ03xRbGQ0dTFxN1JBQzQvQVZJSzJvV293UW1ueElEMXBFMUtHbVB3Vm9pOEZBWnNiR044c1BwaFloZ2pYWWNwMHZIcXpzQmZiQUFLVllpQ1o1OTlZTWROcC91ajlQbVdOMnlGdXltOG4zN2tBVURHTnBOYnRsL2luUm1xYmFkK29tWDRLbWxmUHp2SHdVcmJUSkVYMy9Dc2pQQVZYVitocCttRW9EUjNXSHhrQjlTQVV0bkVuUVoxSmQ3NjZ2MUtvbDNwSVpHcDVBN1d2L2JRVFg4MUdwbTVEeEhid3BJMzhmcVhtQWFvc0lHKzJNK3BBT3JGYmI2alhvWkFGM2k3Ymh4Z2tHbnhZdmVlK1VRZ0FyTXE0MTlTQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
224451
content-length
0
expires
0
434098_medium.jpg
a.okezone.com/okz/200/photos/2023/11/05//94672/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.okezone.com/okz/200/photos/2023/11/05//94672/434098_medium.jpg
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
de51cd9a052d8ff4610f6ad2fe09279f93ef91601aa866d0861f876af95f69f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
5537
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sun, 05 Nov 2023 03:42:06 GMT
server
nginx/1.20.1
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000, s-maxage=10
link
<http://127.0.0.1:82//okz/200/photos/2023/11/05/94672/434098_medium.jpg>; rel="canonical", <http://a.okezone.com/okz/200/photos/2023/11/05//94672/434098_medium.jpg>; rel="canonical"
x-amz-cf-id
9Fx_XLU6kUWoao30yotBJ95QH-zK7_-VXEvYTXJgTsnUAazd23_hog==
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-galeri.png
cdn.okezone.com/underwood/revamp/2018/home/img/ 		620 B
970 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2018/home/img/icon-galeri.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
1f684e7448e781c0902c836d07607135ede6e753eff3bee27398e9eed12f2922

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"616410dc-26c"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
620
x-amz-cf-id
TMqvODb1PH3W7bpnW1vECZ1Rcvz-Wz4asphbGLzCbYpe_Ti5jUR--Q==
expires
Sun, 26 Nov 2023 14:33:45 GMT
fontawesome-webfont.woff2
cdn.okezone.com/underwood/fonts/font-awesome/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/fonts/font-awesome/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Origin
https://bola.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:45 GMT
via
1.1 96715c2264ed86dcc0da2beca3559080.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:23:45 GMT
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"616410b1-fbd0"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
64464
x-amz-cf-id
8Bz0YC4lSoAu8FtLh1AZ7oUTKtS1kBOD0InhZs67rEvP4dt7LXdB7Q==
expires
Tue, 05 Dec 2023 17:36:45 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 8818 		0
168 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bola.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 05 Nov 2023 17:36:47 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
groupklasemen
sindikasi.okezone.com/widget/ Frame 66B0 		6 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sindikasi.okezone.com/widget/groupklasemen
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2017/home/js/01/main-v2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:8e00:1f:789c:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.55 (Unix) /
Resource Hash
c5b400cfa880c8f417e22d843197e6e0212a410e5cb7a7ed7b7fe2f51edf0e5c

Request headers

Referer
https://bola.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 05 Nov 2023 17:36:46 GMT
server
Apache/2.4.55 (Unix)
vary
Accept-Encoding
via
1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
x-amz-cf-id
8slbPYS2okxHFdkk8395sFCxRGYPmMsdV95ZQ9K3N3cDcRrlnu9QlA==
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
16-bencana-terjadi-di-kabupaten-bogor-hari-ini-pbELr6I8rh.jpg
img.okezone.com/okz/400/content/2023/11/05/338/2914915/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/okz/400/content/2023/11/05/338/2914915/16-bencana-terjadi-di-kabupaten-bogor-hari-ini-pbELr6I8rh.jpg
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
4e6840bf0c0b9cd71ce1fea1f39d28608adaa9be98b61c31ad63a0a0d2e847a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
35242
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sun, 05 Nov 2023 16:08:34 GMT
server
nginx/1.20.1
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000, s-maxage=10
link
<http://127.0.0.1:81//okz/400/content/2023/11/05/338/2914915/16-bencana-terjadi-di-kabupaten-bogor-hari-ini-pbELr6I8rh.jpg>; rel="canonical", <http://img.okezone.com/okz/400/content/2023/11/05/338/2914915/16-bencana-terjadi-di-kabupaten-bogor-hari-ini-pbELr6I8rh.jpg>; rel="canonical"
x-amz-cf-id
MbRkMXD9F8lF1qY37bpsXa-3PGdXR8he5h-o-8N0u7wexYwsqdQqOw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
ui-itb-uns-borong-juara-di-kontes-mobil-hemat-energi-2023-Mi16RmvPqn.jfif
img.okezone.com/okz/400/content/2023/11/04/65/2914362/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/okz/400/content/2023/11/04/65/2914362/ui-itb-uns-borong-juara-di-kontes-mobil-hemat-energi-2023-Mi16RmvPqn.jfif
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
1391e7678292a56bd86c734b666fe1f2dcd94cd77eae307c9c54fc84f481961d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; includeSubdomains;, max-age=31536000; includeSubdomains;
x-content-type-options
nosniff, nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
19546
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Sat, 04 Nov 2023 08:11:29 GMT
server
nginx/1.20.1
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000, s-maxage=10
link
<http://127.0.0.1:81//okz/400/content/2023/11/04/65/2914362/ui-itb-uns-borong-juara-di-kontes-mobil-hemat-energi-2023-Mi16RmvPqn.jfif>; rel="canonical", <http://img.okezone.com/okz/400/content/2023/11/04/65/2914362/ui-itb-uns-borong-juara-di-kontes-mobil-hemat-energi-2023-Mi16RmvPqn.jfif>; rel="canonical"
x-amz-cf-id
p1RK142d5cqXt2NwjShgLb_vZRqxQtN4W0OeUijQFnghqLOC3oG9uw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
cabincondensed-regular-webfont.woff2
cdn.okezone.com/underwood/fonts/fontsmin/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/fonts/fontsmin/cabincondensed-regular-webfont.woff2
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
658c16ac199a42cd86d76bc52ac50bc7068f454c0cca785527258a5de8a40b1f

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2018/home/css/01/style.min.css?v=2023110600AM
Origin
https://bola.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
via
1.1 96715c2264ed86dcc0da2beca3559080.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:23:46 GMT
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"616410b2-5428"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
21544
x-amz-cf-id
qk0I21k_lpgu7QcgXykvCzqjXZqfU8blGxKHTDg7psSEOuEylM9w3Q==
expires
Tue, 05 Dec 2023 17:36:46 GMT
logo-news.png
cdn.okezone.com/underwood/revamp/2019/logo/desktop/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2019/logo/desktop/logo-news.png
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
d20048a3cf773079d8450c15a53fec50b9a2f09555504c3e492410947c6785ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
8381
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"PSA-aj-eB1K8VZrLV"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1553892
accept-ranges
bytes
content-length
4906
x-amz-cf-id
1amM9gYT0y11vNRPfwKO9L6C8ajzHrKMn_buz4dafXaYxTvuGCsDhA==
expires
Thu, 23 Nov 2023 17:14:59 GMT
logo.png
cdn.okezone.com/underwood/revamp/2021/okedukasi/desktop/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2021/okedukasi/desktop/img/logo.png
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c81781599a43a0e41bd387db119a171955c363000fa4eaf371a0ac6b18a64d8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
1948
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"PSA-aj-Ct0sSTRASE"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=252738
accept-ranges
bytes
content-length
1935
x-amz-cf-id
KDilrP3R_2FgZbgepLTt_I0OIOHnq9h9s1VQ1DbCPhIGUooJ2eLOVQ==
expires
Wed, 08 Nov 2023 15:49:05 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4413 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuW6hA6JpBV0KHqzI3kb78G0BPJd0jlMzcKzQhoO2wXbxWubxaGxv23u6_RPeVwjH-tu1G3awz4SGDDspTEOnLSTWpxNmG4PWfw1UgeD1uWQVZ5RuPLBxqN3zRRrmwAabMTMlEUCYe9bRNfG6hJbR-tuxgHWHukELb-oX8ovzjTTEFQOw9y1iOsox28GEHkj6Od4p2xteLtc8QjmYv0uFP4uscR8ic1Vna1xDm6NJUANwtR0t-z4K4pZWNQWlhU3MEASJHYlEepPrkLUqpcAQSUqKyeA5teX7T0KonTA3pkZymHw6g5qm-5dGCCeaC2_hMdG7tNN4fCfvbvl4EMZcPWBr4O9xE1ro_xMrmG2e5QTIzFceanNV-xMpBY-mm6SBgJd9C5lHuwTbQ&sai=AMfl-YQgHZmqCuvTh4gZ-HPpmcunCYyC-qSDbwlPS1flGUOFP8vFCdwSglep0SkNznxmPd9wFlXrTy1AuLq4oJEtSpvtT1S-J7kkndAbzj3LMrMDUYLJ5TPs1l8RrG04LsVizL7wOMcWlslhqQ4LuA-I&sig=Cg0ArKJSzDwmy1I4sL35EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 05 Nov 2023 17:36:46 GMT
okezone.com.1408815.js
jsc.mgid.com/o/k/ Frame 4413 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/o/k/okezone.com.1408815.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7950af3915c459daf37035aaa17a418bb9efdbbeeaeaa5cc3caa47ffab0cb6fa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
x-amz-version-id
KvbH0aniESqhf8Mefai40LnvkcCuDhLM
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
HRXT0D2R41TWBVKV
cf-polished
origSize=3923
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
UIYaUOnHREY74yzOVtF7FiZ7qynUQiKQ+An7/mjRVdFAebd8rUkPQ6akIinjEfuSskU1hYuy6L0=
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 14:15:53 GMT
server
cloudflare
etag
W/"cb2420f77f122d816db99bf10aa2879c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
8216dc61ba0f7738-LHR
expires
Sun, 05 Nov 2023 20:36:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4413 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 17:36:46 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310201815000/ Frame 4D25 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85297a9778e3138e5c9393984e9a5fc6dbce360e5017087bfe160c67ed2462af
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
519893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56123
x-xss-protection
0
server
sffe
etag
"ee0c45c0e6d03a96"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 4D25 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dcc1beab58e7315392e4371eaf02041138288ab7b329fa2403894f60e5f65f4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
519893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5236
x-xss-protection
0
server
sffe
etag
"56e8153251b9d132"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 4D25 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e28625c9340698b7968ba0cb1642f8db7a941ba0c07198bdcf7846f56ea5c99
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
519893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29064
x-xss-protection
0
server
sffe
etag
"2b86ba6a96452dbe"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 4D25 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eda037ef70b5587c93b2677785521e8642e1e791cdcaebd5efa8647faf2b633
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
519893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1923
x-xss-protection
0
server
sffe
etag
"560b2476df5f84c1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 4D25 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53de6b3616f57459d3f1b898926fb83eafca2116a34feae66a807ea244291e8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
519893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12957
x-xss-protection
0
server
sffe
etag
"143af65c0fcbfced"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
css
fonts.googleapis.com/ Frame 4D25 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 05 Nov 2023 15:39:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Nov 2023 17:36:46 GMT
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4D25 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 04:10:54 GMT
x-content-type-options
nosniff
server
cafe
age
48352
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3020
x-xss-protection
0
expires
Mon, 06 Nov 2023 04:10:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4D25 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 12:49:12 GMT
x-content-type-options
nosniff
server
cafe
age
17254
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 06 Nov 2023 12:49:12 GMT
container.html
d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FE30 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 17:36:45 GMT
expires
Mon, 04 Nov 2024 17:36:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1D7D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 17:36:45 GMT
expires
Mon, 04 Nov 2024 17:36:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8F8F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 17:36:45 GMT
expires
Mon, 04 Nov 2024 17:36:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ECC2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 17:36:45 GMT
expires
Mon, 04 Nov 2024 17:36:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/4187086493986456570/ Frame 4D25 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4187086493986456570/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b30a21aad22a9db28ba44ddfef0af1dec4c663961d4127dacfcf8166ff0051c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 23:58:07 GMT
x-content-type-options
nosniff
age
236319
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30657
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 20:32:48 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Nov 2024 23:58:07 GMT
truncated
/ Frame 4D25 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 4D25 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 4D25 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7236bd500664abebb9ef037ef82c949b1def11ca832d5175aa41c69cbe6ebe7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MZ0Q248WBF&gtm=45je3b11v886545465&_p=1699205805191&gcd=11l1l1l1l1&cid=605566569.1699205805&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=2&sid=1699205805&sct=1&seg=0&dl=https%3A%2F%2Fbola.okezone.com%2F&dt=Okezone%20Bola%20Berita%20dan%20Jadwal%20Bola%20Indonesia%20Internasional&en=ad_impression&_c=1&ep.query_id=CNiyyfOyrYIDFUixewod6GwHuQ&tfd=1768
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-MZ0Q248WBF&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bola.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MZ0Q248WBF&gtm=45je3b11v886545465&_p=1699205805191&gcd=11l1l1l1l1&cid=605566569.1699205805&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=3&sid=1699205805&sct=1&seg=0&dl=https%3A%2F%2Fbola.okezone.com%2F&dt=Okezone%20Bola%20Berita%20dan%20Jadwal%20Bola%20Indonesia%20Internasional&en=ad_impression&_c=1&ep.query_id=CLyMy_OyrYIDFUixewod6GwHuQ&tfd=1771
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-MZ0Q248WBF&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bola.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MZ0Q248WBF&gtm=45je3b11v886545465&_p=1699205805191&gcd=11l1l1l1l1&cid=605566569.1699205805&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=4&sid=1699205805&sct=1&seg=0&dl=https%3A%2F%2Fbola.okezone.com%2F&dt=Okezone%20Bola%20Berita%20dan%20Jadwal%20Bola%20Indonesia%20Internasional&en=ad_impression&_c=1&ep.query_id=CL2My_OyrYIDFUixewod6GwHuQ&tfd=1775
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-MZ0Q248WBF&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bola.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MZ0Q248WBF&gtm=45je3b11v886545465&_p=1699205805191&gcd=11l1l1l1l1&cid=605566569.1699205805&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=5&sid=1699205805&sct=1&seg=0&dl=https%3A%2F%2Fbola.okezone.com%2F&dt=Okezone%20Bola%20Berita%20dan%20Jadwal%20Bola%20Indonesia%20Internasional&en=ad_impression&_c=1&ep.query_id=CL6My_OyrYIDFUixewod6GwHuQ&tfd=1779
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-MZ0Q248WBF&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bola.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MZ0Q248WBF&gtm=45je3b11v886545465&_p=1699205805191&gcd=11l1l1l1l1&cid=605566569.1699205805&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=6&sid=1699205805&sct=1&seg=0&dl=https%3A%2F%2Fbola.okezone.com%2F&dt=Okezone%20Bola%20Berita%20dan%20Jadwal%20Bola%20Indonesia%20Internasional&en=ad_impression&_c=1&ep.query_id=CL-My_OyrYIDFUixewod6GwHuQ&tfd=1786
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-MZ0Q248WBF&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bola.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MZ0Q248WBF&gtm=45je3b11v886545465&_p=1699205805191&gcd=11l1l1l1l1&cid=605566569.1699205805&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=7&sid=1699205805&sct=1&seg=0&dl=https%3A%2F%2Fbola.okezone.com%2F&dt=Okezone%20Bola%20Berita%20dan%20Jadwal%20Bola%20Indonesia%20Internasional&en=ad_impression&_c=1&ep.query_id=CMKMy_OyrYIDFUixewod6GwHuQ&tfd=1790
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-MZ0Q248WBF&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bola.okezone.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
icon.svg
cdn.okezone.com/underwood/revamp/2023/sso/desktop/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2023/sso/desktop/img/icon.svg
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2023/sso/desktop/css/lama.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
43cadce942acabefe0504bc562e87ca3df1d906f746d7d04359d4f2f27d86797

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2023/sso/desktop/css/lama.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
gzip
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
last-modified
Thu, 06 Apr 2023 04:30:10 GMT
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"642e4ad2-8f2"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-id
uuoAL19LWj8yHCLQaXmlwBYHNld6VuZAwf36gBMgfEKV87KckKqxuw==
expires
Tue, 05 Dec 2023 17:36:46 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 4D25 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bola.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 09:09:18 GMT
x-content-type-options
nosniff
age
462448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Oct 2024 09:09:18 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 948D 		0
342 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDPsMiRBRjG_sz5ATAB&v=APEucNXub_FOpHUUW7T4jJoqIVd6Jul2SLXTHowoFbwU5MIXYEKgS4XA5N_sMih_V4UlTBWUH7va69iTUItHip_IU_vnbJS5pg
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 17:36:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame FE30 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
80231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9345
x-xss-protection
0
server
cafe
etag
15168757854195530193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 19:19:35 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame FE30 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
80231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 19:19:35 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FE30 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6AMyz06qZDIIeFZ-J7qLaglTkA-K57KhOA2LOdHVjdnRSMicIwWpwbdyG1Na1vvgOr2n6efgFaz6aSr8UQm3JPDCmHeHMiZXj8jTkhf53eHgu6InORmo4Oe6-v24BiKsMfZAyMAt8FfR3Z_XOSwwpOxDG1-jLRIibJEsogjGVw_ISknXp5mpC31YoptarvypMqJexJCpOUusv9RuPBFQSBwsDM_j4m0WCSS8H0vefMeBZr1pZZtU5HjWqOxfsglwnfgCEJX629eKlmFCTWbBO8epuTQvrH39dqt6P_ZL2zMpkKqqL1hErGF3r7P1wIg-cjQcpPZaAnQ6bemLF3nQ00D-hkQ_05u9l2ifiWOE_CJvpCw0ug7OvvM09ZbgVyT6A4wiZpnT9f-6h_iV6XVJ0sk6xHHELENeckqTSPkjiJlXdtUekkKP602gSAmCYIuD7a7fKynZ84suyib9DjKbZ7FXCPXlBNN3mcuRFrs1CEYxm7tQdQnT4qu52iVS6ldnuxYM4TcchNfYYrZvkhMLK2P46zyFBuvOU9ceTqbr8WsMSPmgGM_SPJphOcm7_j0lvqunhSSLiik6bxmWgN4OcNzLKsMdW4dxC1dMb6fX86m2HYTJfrn_uYL06HJyM8EOe9RuBjNjZcTI10Y4SX4j-bx_isIXi0jhq9L5Tpit8gP1SqvG7f7-H8FKKAjU308lpVPwHDWPHHegsXvszgoyXLL1GSK4eJFqNP9sifbKNcF60iF2yQSv8n57QhjOt0gdVW5KWedZ4FVWmmmjY6iLJbhTrjrKACKxyOYAnYbpRdga3_o3PbohT3IfMMRWayuVm7UrH0Z3EV2Nk34G3dJPrxkcb9e3Ii4idt4KxhtfcVrpp_pPOEp5iawEUJeaVUnca3ZmQmpVcZS_n5GwPhbbhEJCs86oyFBR9fbAK7ly8hNjxCnEpWsF49aTk5-tDg8FS8Aqo_CBi6XoaTZmN1Wvi3bgwgsoLc9i7H0xxW90KlThHBF5imj6fFEIP2DAnuhxViI6flr37sdUZneazh9GR2xsxaYjvqwjtnbFKQlaTKpDIBizRMnHImSycCuwxTZCbeOdxaZnwQ8MNF-oK2uXyVk4tnUBS_nr_OVf5pO2YxzK7x7t4slfGQuKfgQd8NW3vmnB2pxraq1NtVeoSgE88hrz7NUvWGqkIgow4-arfptBwfotGtKuYvTrDf7LbiWGv0icMvI6OpwMRKi-01ZW3XamRMp6KqwTclv1KfjhAMic8mxfTctFRPg2WhIm1d7eWJC1uPs5jQkS_Cdz7L_XPaEkVnlPQsWID7ylsC4Kobzzi3cStpZUArGB7HV3IV0zKAt3HkZlIvYDXoV_FHusYWnB-1In5IZVBNmmyngULeACI60-RDS8AsiQoI1ezoBKczgg&sai=AMfl-YSRiQLHL7EZ2O5tortVvuYTxI0AKvXqkSE9mpB7yk87fTBDwaJgYrSVFY9Kd4aLXUTfT3JGbgCRQWbT6tfpuseTmCGibPPfjovVauUXVDxeScxEyZaJoCjHJPgRL2adFF4dCxDwsZvRlG2zx2RbpjM4guUKcm8dFhrVNeuJIZZBYDINpJIi9ScxgpDfdwzLl2cGxAEfkfj-Y2Io6bdEYTSXsr10DhZffjlZ2uxMc9wSIMgcVRn0DHDtFfHdg9N8h7kpCRa6t3vj1Xwk_MViz85eeLmfG3ILKZ3DUJXfxJuX-Ok7uUGmuuIdsZPYWWpGdqXYLEPHjsJaQjSXGAm3HRFUETEdfS3I8tUMVOY3V13jo6ulPre0DhcVN82wDWRN9hDyKy3EXiWC_uhAy6-r5_vT8PuM6UtLysGAvsrjuvUEXTANwIQmW5mdIJEI9xKvlu50w4V6L-2le_isk1Ic52e-N6pXG4cYhpdnczhRMi-d0gM&sig=Cg0ArKJSzMDWC7MkW3NHEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231101.62848&arae=0&ftch=1&adurl=
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 05 Nov 2023 17:36:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame FE30 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 02:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
314060
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 02:22:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame FE30 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 12:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
18016
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 12:36:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame FE30 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
80206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 19:20:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FE30 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A75-Ju7fPpDroE4G-wO7sgYvDWGk_EqKV5jpV7y2E4CLoe13HMOpxkhSCeh4eFWBsSOUmbdUyKZUd_6B7sNMs-JIOTxcK6RFicFKIhF11WA1B1zFA
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FE30 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 17:36:46 GMT
12481120408790302549
s0.2mdn.net/simgad/ Frame FE30 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12481120408790302549
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d827b7092b85194c337e4b55387a576f74ce467cb231362d23bf136bebef2e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 17:23:00 GMT
x-content-type-options
nosniff
age
260026
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2278216
x-xss-protection
0
last-modified
Wed, 04 Oct 2023 13:20:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Nov 2024 17:23:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C665 		0
54 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjH5JDkATAB&v=APEucNWnwyQKHIzV4hkdPh1WPZGRGefWImAf3zMGPHcHLl9-fn33s9k-cy15_oXW40VuevinS-4J0nQS-zeQulKZTU4gqzIXwA
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 17:36:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 1D7D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
80231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9345
x-xss-protection
0
server
cafe
etag
15168757854195530193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 19:19:35 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 1D7D 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
80231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 19:19:35 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1D7D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvYml3zAR_T_YDuTELACURng3oGCLwKk2VdjDLgBd5pRMP7_6S_UFKxeEkOIwBrNSKT3vBhnLWnW5q0rO_qAvlQQZ3u_L-0hZIaQyfwYINPr8c2I_6N_BamQi89JKdjEN12PRWiKap4sPUxU9SoWo2n1e8suczqtK98KkK64_LBewPCLN_UXwWgtZGqhS25Di3u55RrRKGoH2IQ5pfx43k8pBWa428jd4Iv7Orbn7Poe-upaC2AWY2ePANqZmMWeAcyY_8HHFRlh9NYaKCDQ8w1qT9h7h3LKED4jEuwAQm5tKvSj7atVz9LvR9GmIeyVX4_aeLFDir7TA4bmyDhVaGxRQx0vuM9hkhvpB0pp-ZiSuoG40mfHs836ubAtJcLj_agJjrI1KCYFl_9XfitN7Ew_912d6-nh3fysGt_cX9nYSNiofDVE8DPS0Ue9QF8cQcLuadZbE_9LM_nRawbaitZnjtXsgTYPMTqppGjpx7nfGPuwiFdYFaTMy-GC3iInxTdKM3Bqh5XyxiXbRdzrG9ywG6puZLZ5_b0ackGOhF8JCOx6oM0aJM3LpUpQTNvrAvkFcmbOfPtqzyCu8SqFaht7ju88BYJig1N_YF0vfc0AcheZsOUFg47aovAN63tQ1GG3Uel_8cXF-K63wWXhADLDeMQYYg30eAfw0w17hZIu99VGOhnzrINZKPBvuw5fIguMCD9CdOVB8CSZHoIeJNJnna4DqXGrKce7z-1wj9qtgyjyiCL_R_ig5mx9wADPI-D_gbcyZa_LsZiCH3oAWUoAAJs2JDCqkzaTO0NcEfet9Uf7xNsuoOro695ELv3hCEzIDZ9lIGx187YASNKZnG8IzkJdbxEmB8_j4nrKRag5UHkC-wg08Xh_prPYAzygfh00vcUP66Mn9Tv9Lkb-lcxNSOXOoQL4hHg3zYcUn9PQX_lpwB64JHp6bBCr4z4iH_v9KpA56vcj2-r9F9aZFeN4Ho8jdddTXpcUw4IXPplNWeIuJK3so6WzdAlSnJ9mtVGIcaJg_hg5MvVyoB-bH-wZprGxGexCWLnOiezB64w0HjxKIpEAqfXo-JbXiKsA7uL61rSdkSDmRtOYB0dLU820LmF0UHeJKa4ts4xz5B5ouT0f8mfZJVJpRdkRl8myKyCXCp_j8j-aeflzVmzhA-b0-pHtWqHYYlmvFQchPQbY7Y7YByjgfK-PMfdKxNuEZrlbnC4IU8vPgRyqmXcfST48Y1j_qhAB3JVRPG3Fxyjb4qJKppILbcw_wIexWnLdIrIrY8Nie9BJMi-3ma8JOiNkBGhL6QBEV9do9tpHNIAHEpJwSDirj_XMGQv9CX3j1RKgTA6oKXuI87o4_DAP9Igjc3gmpqbEX_pm2YA&sai=AMfl-YShSxrNJvSpnBe14a6PI6llSU3sHYhmgJ2OILwcc6cWF9J3yJtaiUmDVtbZmfHAFCdG1pp2LVyTaDVwtDhfFCzBu5CbLBEAtre4V_IOKV1zb26UMJErb8j4EBZ2QrMxD-Ury3YavpmcTddajARuJDJUmOSrMDNku4M0bRbIJX3Vjbf1CC8aayamTnlxC-5XLC2DpF87wSVt8sezfwb_BzG-xVsvid0XCuNq3WzqrJA9TXuIlGQppnbLG-v2K9_-ZaDoml8J6LqlmXmzLKAzZvRLVMTWLB3SQ84TqX4qV5ACcWOqEYvcuSXgdBXj4aSDPmFpAR8MyMOPVjDrH7Z3hUgDOwLsLsJ-xAS58pJ4D6gPQiyeBUQxvhieoGlUfUwqek8beOinvpClux9VobMVg64hCeJaoGaGviuIn9V-_u56G5dwriKc4oY5lUqISuak1TH4AGHJqqA9altUqKykkiM7_kmbG1utrScinsjTQLfoSs8&sig=Cg0ArKJSzGbpE2WXdMsMEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231101.84998&arae=0&ftch=1&adurl=
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 05 Nov 2023 17:36:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 1D7D 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 02:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
314060
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 02:22:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 1D7D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 12:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
18016
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 12:36:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 1D7D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
80206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 19:20:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D7D 		42 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D7J6cr6a7Y3gJX3uGKf49KYEs7pWOZAYtkRQSkEfOjFqkJ_8ESozIxjHNlAHA_2tgBZD4goQSK3OHhSkcAtdgkE0wCPG9pBnlzpiuUQTA_Uz1Xl0E
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1D7D 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 17:36:46 GMT
13558391332194122314
s0.2mdn.net/simgad/ Frame 1D7D 		159 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13558391332194122314
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03c37ba25008396febb9fa979c48ed7f0657806ca27ae3960ebf727739a06d28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 21:46:15 GMT
x-content-type-options
nosniff
age
589831
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163304
x-xss-protection
0
last-modified
Thu, 05 Oct 2023 06:14:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Oct 2024 21:46:15 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 1B31 		162 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgP8Ke7FIAAds6LuVhbE9mX67PJdaRw&u=%7C4U7PSCOMCtMN3xCETrFt4l5hGxfjtUcFJdHKOWkgti4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF1NewNbVHyiBZNvuDnVF5bHxSiAGJhDf6bRs77-hEYFGd_XyzjhEFRaWQxv1wE9zRYmcMEx52_b6kZkU7-WUmKZ3kLoLXcduo_CzO5LUaPvhk4vwi0oziq12Pn7nukOmkr6K9WVYSnAlI68JXTfhK059BrTlKXzJwPtn3xkScFx78fpCNKGeWZvn2gswMhTDOGUbz-1_mJVTCDPc486HuRj7IgFvT0fAPNqSX5GZE4X4EJUO1-o_17emobMszGfLQ0DFjk2VCnip_g1G_8TsajOCvVPvRriGnCO60hp1BYJWjbtFshfrb0CY-nvoi-pcj8wfP7NJRyI3MDJSyIHowlfi9_kLSKuS2rVKn_qfxkbAASLEtVEUyvw-wRr4Aoqn_-WcTNjal0ZMbF7CSbtpZ8bclg7Y6r937t6grVDGjkkAjGC8DfYFpCutkIDn_Emxcnltx4Lj6NOlflb973VzOU5PWTGvA_nUlFh7-4g_IRmIG-RFUq7vneeZaI6slx_7A3uyU6YHDCs0qss0IuWoLX4l8nUNkyE1UIZLjApj896cBh8-cJqZtRK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw2KHrdJHZf-BKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBLQCT9DxVIQyI99k2jIJnuxA0d9l_3XaLiRV7hzYACyQSSvSfEf8aqF84YcLs5SEOk6yw8xm98FPQ2Pq_J48q0RnGnGdm3C2GMTqvevZ_cosr2CxGrpYK8BhcAK5JAf6v4LOVgcFjGHxGc0mot7Pru5M9MipJaApsHrsOR93a6ofvN48aR8zxXf-_I6sSWyaHbnRyeVeMNFND1Eoi207WdcLWZ9rPRae7nocHYI7vUOdYtzjp5DDwD0br9TavH1_vVpyQhdBZ4Sn3HZ_Hydv5q3QQrUeqox7-Mphrzrb1CPvOHtR-apIU813fXUnnBWfgkSX8jYOlTQnjqBzSu9wDxMxZrFl_RqKfKZW_tKcbJTdvxQfgJ-sjkb-GjD0_ZRBMEkr20AVTRhQEi-1O5GyeN1uVsMuLAjgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Bud9Zuq_nj8_iRsSA97TcqfdexQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
69cd6d91d3e2140f0a646191845d4ed59044df39c7a57928a837d6c30408356c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 17:36:46 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=KKxN2S5JysNXgSUlnbivhK-LBNnfsjH3uMx1_jGcfemkdFW-yBa-Xse8dzl3tGaHHedpoPsMQtspl4dDauWNS6_yNB--Z6yb4inqcgBGteasuPKhxi7lIiHwlxDV_Pb5kFCSOM2nZNDgc30VZTMcIBXYDThws3myRQVuV-CSZU9Ex0ojyQu5iWPGtM_mxEO3sTygU5vLS_m7FmAHGzhWSDIcraEJN_vRLtUOtcQ7kNIiZ0dF2IVWW0CQq_-UA-maPxcfBA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
54180149
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 8F8F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 12:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
18016
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 12:36:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 8F8F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
80206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 19:20:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8F8F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 19:44:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
597108
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 28 Oct 2024 19:44:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8F8F 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 17:36:46 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 2AC8 		205 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5a8cbd668a880022eb988a4919371ab3f3c2b7cb235d20e8eb2da9687b293292
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 17:36:45 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=vIykLC5JysNXgSUl7q_xEKaOF5cD4ZfM1z4IvZxj1kVnG0AMBEfJkE_ulMWFdwse86RTMnuTmQC-c-zO6354fmYMrROKN6QT446AChAr0Qb5f0TsJzkcxIH1YcTVvImumwJu62k4njJUkramn6sD-TE2Dq8LSW8kwuUhS7txp693cGzWwvpKW-0ZLEx1Q4R8ClrtuCdRAUboswLu4Imi7k4hUSOVZjXMrjlgVDUFcPK7aonDn1zNsK55c1s"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
56891999
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame ECC2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 12:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
18016
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 12:36:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame ECC2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 19:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
80206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Nov 2023 19:20:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame ECC2 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 19:44:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
597108
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 28 Oct 2024 19:44:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ECC2 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 17:36:46 GMT
truncated
/ Frame 4413 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c05c72951798046e6c0392640bf868f1ef1c0c29301ad59ab72e0e29468fd65e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 1D7D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvYml3zAR_T_YDuTELACURng3oGCLwKk2VdjDLgBd5pRMP7_6S_UFKxeEkOIwBrNSKT3vBhnLWnW5q0rO_qAvlQQZ3u_L-0hZIaQyfwYINPr8c2I_6N_BamQi89JKdjEN12PRWiKap4sPUxU9SoWo2n1e8suczqtK98KkK64_LBewPCLN_UXwWgtZGqhS25Di3u55RrRKGoH2IQ5pfx43k8pBWa428jd4Iv7Orbn7Poe-upaC2AWY2ePANqZmMWeAcyY_8HHFRlh9NYaKCDQ8w1qT9h7h3LKED4jEuwAQm5tKvSj7atVz9LvR9GmIeyVX4_aeLFDir7TA4bmyDhVaGxRQx0vuM9hkhvpB0pp-ZiSuoG40mfHs836ubAtJcLj_agJjrI1KCYFl_9XfitN7Ew_912d6-nh3fysGt_cX9nYSNiofDVE8DPS0Ue9QF8cQcLuadZbE_9LM_nRawbaitZnjtXsgTYPMTqppGjpx7nfGPuwiFdYFaTMy-GC3iInxTdKM3Bqh5XyxiXbRdzrG9ywG6puZLZ5_b0ackGOhF8JCOx6oM0aJM3LpUpQTNvrAvkFcmbOfPtqzyCu8SqFaht7ju88BYJig1N_YF0vfc0AcheZsOUFg47aovAN63tQ1GG3Uel_8cXF-K63wWXhADLDeMQYYg30eAfw0w17hZIu99VGOhnzrINZKPBvuw5fIguMCD9CdOVB8CSZHoIeJNJnna4DqXGrKce7z-1wj9qtgyjyiCL_R_ig5mx9wADPI-D_gbcyZa_LsZiCH3oAWUoAAJs2JDCqkzaTO0NcEfet9Uf7xNsuoOro695ELv3hCEzIDZ9lIGx187YASNKZnG8IzkJdbxEmB8_j4nrKRag5UHkC-wg08Xh_prPYAzygfh00vcUP66Mn9Tv9Lkb-lcxNSOXOoQL4hHg3zYcUn9PQX_lpwB64JHp6bBCr4z4iH_v9KpA56vcj2-r9F9aZFeN4Ho8jdddTXpcUw4IXPplNWeIuJK3so6WzdAlSnJ9mtVGIcaJg_hg5MvVyoB-bH-wZprGxGexCWLnOiezB64w0HjxKIpEAqfXo-JbXiKsA7uL61rSdkSDmRtOYB0dLU820LmF0UHeJKa4ts4xz5B5ouT0f8mfZJVJpRdkRl8myKyCXCp_j8j-aeflzVmzhA-b0-pHtWqHYYlmvFQchPQbY7Y7YByjgfK-PMfdKxNuEZrlbnC4IU8vPgRyqmXcfST48Y1j_qhAB3JVRPG3Fxyjb4qJKppILbcw_wIexWnLdIrIrY8Nie9BJMi-3ma8JOiNkBGhL6QBEV9do9tpHNIAHEpJwSDirj_XMGQv9CX3j1RKgTA6oKXuI87o4_DAP9Igjc3gmpqbEX_pm2YA&sai=AMfl-YShSxrNJvSpnBe14a6PI6llSU3sHYhmgJ2OILwcc6cWF9J3yJtaiUmDVtbZmfHAFCdG1pp2LVyTaDVwtDhfFCzBu5CbLBEAtre4V_IOKV1zb26UMJErb8j4EBZ2QrMxD-Ury3YavpmcTddajARuJDJUmOSrMDNku4M0bRbIJX3Vjbf1CC8aayamTnlxC-5XLC2DpF87wSVt8sezfwb_BzG-xVsvid0XCuNq3WzqrJA9TXuIlGQppnbLG-v2K9_-ZaDoml8J6LqlmXmzLKAzZvRLVMTWLB3SQ84TqX4qV5ACcWOqEYvcuSXgdBXj4aSDPmFpAR8MyMOPVjDrH7Z3hUgDOwLsLsJ-xAS58pJ4D6gPQiyeBUQxvhieoGlUfUwqek8beOinvpClux9VobMVg64hCeJaoGaGviuIn9V-_u56G5dwriKc4oY5lUqISuak1TH4AGHJqqA9altUqKykkiM7_kmbG1utrScinsjTQLfoSs8&sig=Cg0ArKJSzGbpE2WXdMsMEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=163&vt=11&dtpt=161&dett=2&cstd=0&cisv=r20231101.84998&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 1B31 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgP8Ke7FIAAds6LuVhbE9mX67PJdaRw&u=%7C4U7PSCOMCtMN3xCETrFt4l5hGxfjtUcFJdHKOWkgti4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF1NewNbVHyiBZNvuDnVF5bHxSiAGJhDf6bRs77-hEYFGd_XyzjhEFRaWQxv1wE9zRYmcMEx52_b6kZkU7-WUmKZ3kLoLXcduo_CzO5LUaPvhk4vwi0oziq12Pn7nukOmkr6K9WVYSnAlI68JXTfhK059BrTlKXzJwPtn3xkScFx78fpCNKGeWZvn2gswMhTDOGUbz-1_mJVTCDPc486HuRj7IgFvT0fAPNqSX5GZE4X4EJUO1-o_17emobMszGfLQ0DFjk2VCnip_g1G_8TsajOCvVPvRriGnCO60hp1BYJWjbtFshfrb0CY-nvoi-pcj8wfP7NJRyI3MDJSyIHowlfi9_kLSKuS2rVKn_qfxkbAASLEtVEUyvw-wRr4Aoqn_-WcTNjal0ZMbF7CSbtpZ8bclg7Y6r937t6grVDGjkkAjGC8DfYFpCutkIDn_Emxcnltx4Lj6NOlflb973VzOU5PWTGvA_nUlFh7-4g_IRmIG-RFUq7vneeZaI6slx_7A3uyU6YHDCs0qss0IuWoLX4l8nUNkyE1UIZLjApj896cBh8-cJqZtRK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw2KHrdJHZf-BKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBLQCT9DxVIQyI99k2jIJnuxA0d9l_3XaLiRV7hzYACyQSSvSfEf8aqF84YcLs5SEOk6yw8xm98FPQ2Pq_J48q0RnGnGdm3C2GMTqvevZ_cosr2CxGrpYK8BhcAK5JAf6v4LOVgcFjGHxGc0mot7Pru5M9MipJaApsHrsOR93a6ofvN48aR8zxXf-_I6sSWyaHbnRyeVeMNFND1Eoi207WdcLWZ9rPRae7nocHYI7vUOdYtzjp5DDwD0br9TavH1_vVpyQhdBZ4Sn3HZ_Hydv5q3QQrUeqox7-Mphrzrb1CPvOHtR-apIU813fXUnnBWfgkSX8jYOlTQnjqBzSu9wDxMxZrFl_RqKfKZW_tKcbJTdvxQfgJ-sjkb-GjD0_ZRBMEkr20AVTRhQEi-1O5GyeN1uVsMuLAjgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Bud9Zuq_nj8_iRsSA97TcqfdexQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Oct 2024 17:36:46 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 1B31 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgP8Ke7FIAAds6LuVhbE9mX67PJdaRw&u=%7C4U7PSCOMCtMN3xCETrFt4l5hGxfjtUcFJdHKOWkgti4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF1NewNbVHyiBZNvuDnVF5bHxSiAGJhDf6bRs77-hEYFGd_XyzjhEFRaWQxv1wE9zRYmcMEx52_b6kZkU7-WUmKZ3kLoLXcduo_CzO5LUaPvhk4vwi0oziq12Pn7nukOmkr6K9WVYSnAlI68JXTfhK059BrTlKXzJwPtn3xkScFx78fpCNKGeWZvn2gswMhTDOGUbz-1_mJVTCDPc486HuRj7IgFvT0fAPNqSX5GZE4X4EJUO1-o_17emobMszGfLQ0DFjk2VCnip_g1G_8TsajOCvVPvRriGnCO60hp1BYJWjbtFshfrb0CY-nvoi-pcj8wfP7NJRyI3MDJSyIHowlfi9_kLSKuS2rVKn_qfxkbAASLEtVEUyvw-wRr4Aoqn_-WcTNjal0ZMbF7CSbtpZ8bclg7Y6r937t6grVDGjkkAjGC8DfYFpCutkIDn_Emxcnltx4Lj6NOlflb973VzOU5PWTGvA_nUlFh7-4g_IRmIG-RFUq7vneeZaI6slx_7A3uyU6YHDCs0qss0IuWoLX4l8nUNkyE1UIZLjApj896cBh8-cJqZtRK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw2KHrdJHZf-BKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBLQCT9DxVIQyI99k2jIJnuxA0d9l_3XaLiRV7hzYACyQSSvSfEf8aqF84YcLs5SEOk6yw8xm98FPQ2Pq_J48q0RnGnGdm3C2GMTqvevZ_cosr2CxGrpYK8BhcAK5JAf6v4LOVgcFjGHxGc0mot7Pru5M9MipJaApsHrsOR93a6ofvN48aR8zxXf-_I6sSWyaHbnRyeVeMNFND1Eoi207WdcLWZ9rPRae7nocHYI7vUOdYtzjp5DDwD0br9TavH1_vVpyQhdBZ4Sn3HZ_Hydv5q3QQrUeqox7-Mphrzrb1CPvOHtR-apIU813fXUnnBWfgkSX8jYOlTQnjqBzSu9wDxMxZrFl_RqKfKZW_tKcbJTdvxQfgJ-sjkb-GjD0_ZRBMEkr20AVTRhQEi-1O5GyeN1uVsMuLAjgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Bud9Zuq_nj8_iRsSA97TcqfdexQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Oct 2024 17:36:46 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 1B31 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgP8Ke7FIAAds6LuVhbE9mX67PJdaRw&u=%7C4U7PSCOMCtMN3xCETrFt4l5hGxfjtUcFJdHKOWkgti4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF1NewNbVHyiBZNvuDnVF5bHxSiAGJhDf6bRs77-hEYFGd_XyzjhEFRaWQxv1wE9zRYmcMEx52_b6kZkU7-WUmKZ3kLoLXcduo_CzO5LUaPvhk4vwi0oziq12Pn7nukOmkr6K9WVYSnAlI68JXTfhK059BrTlKXzJwPtn3xkScFx78fpCNKGeWZvn2gswMhTDOGUbz-1_mJVTCDPc486HuRj7IgFvT0fAPNqSX5GZE4X4EJUO1-o_17emobMszGfLQ0DFjk2VCnip_g1G_8TsajOCvVPvRriGnCO60hp1BYJWjbtFshfrb0CY-nvoi-pcj8wfP7NJRyI3MDJSyIHowlfi9_kLSKuS2rVKn_qfxkbAASLEtVEUyvw-wRr4Aoqn_-WcTNjal0ZMbF7CSbtpZ8bclg7Y6r937t6grVDGjkkAjGC8DfYFpCutkIDn_Emxcnltx4Lj6NOlflb973VzOU5PWTGvA_nUlFh7-4g_IRmIG-RFUq7vneeZaI6slx_7A3uyU6YHDCs0qss0IuWoLX4l8nUNkyE1UIZLjApj896cBh8-cJqZtRK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw2KHrdJHZf-BKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBLQCT9DxVIQyI99k2jIJnuxA0d9l_3XaLiRV7hzYACyQSSvSfEf8aqF84YcLs5SEOk6yw8xm98FPQ2Pq_J48q0RnGnGdm3C2GMTqvevZ_cosr2CxGrpYK8BhcAK5JAf6v4LOVgcFjGHxGc0mot7Pru5M9MipJaApsHrsOR93a6ofvN48aR8zxXf-_I6sSWyaHbnRyeVeMNFND1Eoi207WdcLWZ9rPRae7nocHYI7vUOdYtzjp5DDwD0br9TavH1_vVpyQhdBZ4Sn3HZ_Hydv5q3QQrUeqox7-Mphrzrb1CPvOHtR-apIU813fXUnnBWfgkSX8jYOlTQnjqBzSu9wDxMxZrFl_RqKfKZW_tKcbJTdvxQfgJ-sjkb-GjD0_ZRBMEkr20AVTRhQEi-1O5GyeN1uVsMuLAjgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Bud9Zuq_nj8_iRsSA97TcqfdexQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 30 Oct 2024 17:36:46 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 1B31 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgP8Ke7FIAAds6LuVhbE9mX67PJdaRw&u=%7C4U7PSCOMCtMN3xCETrFt4l5hGxfjtUcFJdHKOWkgti4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF1NewNbVHyiBZNvuDnVF5bHxSiAGJhDf6bRs77-hEYFGd_XyzjhEFRaWQxv1wE9zRYmcMEx52_b6kZkU7-WUmKZ3kLoLXcduo_CzO5LUaPvhk4vwi0oziq12Pn7nukOmkr6K9WVYSnAlI68JXTfhK059BrTlKXzJwPtn3xkScFx78fpCNKGeWZvn2gswMhTDOGUbz-1_mJVTCDPc486HuRj7IgFvT0fAPNqSX5GZE4X4EJUO1-o_17emobMszGfLQ0DFjk2VCnip_g1G_8TsajOCvVPvRriGnCO60hp1BYJWjbtFshfrb0CY-nvoi-pcj8wfP7NJRyI3MDJSyIHowlfi9_kLSKuS2rVKn_qfxkbAASLEtVEUyvw-wRr4Aoqn_-WcTNjal0ZMbF7CSbtpZ8bclg7Y6r937t6grVDGjkkAjGC8DfYFpCutkIDn_Emxcnltx4Lj6NOlflb973VzOU5PWTGvA_nUlFh7-4g_IRmIG-RFUq7vneeZaI6slx_7A3uyU6YHDCs0qss0IuWoLX4l8nUNkyE1UIZLjApj896cBh8-cJqZtRK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw2KHrdJHZf-BKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBLQCT9DxVIQyI99k2jIJnuxA0d9l_3XaLiRV7hzYACyQSSvSfEf8aqF84YcLs5SEOk6yw8xm98FPQ2Pq_J48q0RnGnGdm3C2GMTqvevZ_cosr2CxGrpYK8BhcAK5JAf6v4LOVgcFjGHxGc0mot7Pru5M9MipJaApsHrsOR93a6ofvN48aR8zxXf-_I6sSWyaHbnRyeVeMNFND1Eoi207WdcLWZ9rPRae7nocHYI7vUOdYtzjp5DDwD0br9TavH1_vVpyQhdBZ4Sn3HZ_Hydv5q3QQrUeqox7-Mphrzrb1CPvOHtR-apIU813fXUnnBWfgkSX8jYOlTQnjqBzSu9wDxMxZrFl_RqKfKZW_tKcbJTdvxQfgJ-sjkb-GjD0_ZRBMEkr20AVTRhQEi-1O5GyeN1uVsMuLAjgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Bud9Zuq_nj8_iRsSA97TcqfdexQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 30 Oct 2024 17:36:46 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 1B31 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=j_IIRYhCc0J_hVYncQzQ1osolY1JeHSyBW-5-R8RWYqacV5ZHxbdADb1nZuVA89YLREz0M3zqG8GA0QZLDZKiObgpT8YcetWqe3gt0QXor8wXxlGFwTzjrK0t5-84zoYkJ7LRjBT9wEDHKSeO0KI7su34zwMNyc0AU_qOKqa3-RCefGnpu3I0gij2tXzcra2ZCJimT2WVZwd2qnWkCebk3tRpFZtAKjRDXCOSezGbmImUEiHkDnG6zrEJz6bC4zVncluu0c67yp2lhfuR_b3515aFvL3KJSr7drckdnWcrBZE6-eTGCTpCgdr2lrKl6Z3HRCoLJ6WB7fXEJBxYKfs5opuviMl5rqEoaEaDl9x5zdnHxtJuC7i-GQvcsCTcsy5qlfOdCkdhvo8qOTbeJRzDroTjXA5D0n_BwZCIXdX9wuKbY80EDKXhtjohKgWjfcAtuH8Q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgP8Ke7FIAAds6LuVhbE9mX67PJdaRw&u=%7C4U7PSCOMCtMN3xCETrFt4l5hGxfjtUcFJdHKOWkgti4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF1NewNbVHyiBZNvuDnVF5bHxSiAGJhDf6bRs77-hEYFGd_XyzjhEFRaWQxv1wE9zRYmcMEx52_b6kZkU7-WUmKZ3kLoLXcduo_CzO5LUaPvhk4vwi0oziq12Pn7nukOmkr6K9WVYSnAlI68JXTfhK059BrTlKXzJwPtn3xkScFx78fpCNKGeWZvn2gswMhTDOGUbz-1_mJVTCDPc486HuRj7IgFvT0fAPNqSX5GZE4X4EJUO1-o_17emobMszGfLQ0DFjk2VCnip_g1G_8TsajOCvVPvRriGnCO60hp1BYJWjbtFshfrb0CY-nvoi-pcj8wfP7NJRyI3MDJSyIHowlfi9_kLSKuS2rVKn_qfxkbAASLEtVEUyvw-wRr4Aoqn_-WcTNjal0ZMbF7CSbtpZ8bclg7Y6r937t6grVDGjkkAjGC8DfYFpCutkIDn_Emxcnltx4Lj6NOlflb973VzOU5PWTGvA_nUlFh7-4g_IRmIG-RFUq7vneeZaI6slx_7A3uyU6YHDCs0qss0IuWoLX4l8nUNkyE1UIZLjApj896cBh8-cJqZtRK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw2KHrdJHZf-BKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBLQCT9DxVIQyI99k2jIJnuxA0d9l_3XaLiRV7hzYACyQSSvSfEf8aqF84YcLs5SEOk6yw8xm98FPQ2Pq_J48q0RnGnGdm3C2GMTqvevZ_cosr2CxGrpYK8BhcAK5JAf6v4LOVgcFjGHxGc0mot7Pru5M9MipJaApsHrsOR93a6ofvN48aR8zxXf-_I6sSWyaHbnRyeVeMNFND1Eoi207WdcLWZ9rPRae7nocHYI7vUOdYtzjp5DDwD0br9TavH1_vVpyQhdBZ4Sn3HZ_Hydv5q3QQrUeqox7-Mphrzrb1CPvOHtR-apIU813fXUnnBWfgkSX8jYOlTQnjqBzSu9wDxMxZrFl_RqKfKZW_tKcbJTdvxQfgJ-sjkb-GjD0_ZRBMEkr20AVTRhQEi-1O5GyeN1uVsMuLAjgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Bud9Zuq_nj8_iRsSA97TcqfdexQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2321084
expires
Mon, 26 Jul 1997 05:00:00 GMT
okezone.com.1408815.es6.js
jsc.mgid.com/o/k/ Frame 4413 		309 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/o/k/okezone.com.1408815.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/o/k/okezone.com.1408815.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa485276ccd9bbd861a9d707b03419cb2a18726495e7d5e0e5b3550a51cc74fc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
x-amz-version-id
bU6.Mh73FmrpWVXS4V_.PVhUk6NyS7pj
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
EKDGM6GFRV2N87ZQ
cf-polished
origSize=316597
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
n5Xpm5/uNXCQo6ueK0f23akKW2HsQ7Rk9BN++85Vj3xngX/rdUvgRFWk0toEOfEItMYdY+5eMN4=
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 14:15:52 GMT
server
cloudflare
etag
W/"af1231b9a57d8fc46a9391405477b38a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
8216dc641e667738-LHR
expires
Sun, 05 Nov 2023 20:36:47 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1B31 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgP8Ke7FIAAds6LuVhbE9mX67PJdaRw&u=%7C4U7PSCOMCtMN3xCETrFt4l5hGxfjtUcFJdHKOWkgti4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF1NewNbVHyiBZNvuDnVF5bHxSiAGJhDf6bRs77-hEYFGd_XyzjhEFRaWQxv1wE9zRYmcMEx52_b6kZkU7-WUmKZ3kLoLXcduo_CzO5LUaPvhk4vwi0oziq12Pn7nukOmkr6K9WVYSnAlI68JXTfhK059BrTlKXzJwPtn3xkScFx78fpCNKGeWZvn2gswMhTDOGUbz-1_mJVTCDPc486HuRj7IgFvT0fAPNqSX5GZE4X4EJUO1-o_17emobMszGfLQ0DFjk2VCnip_g1G_8TsajOCvVPvRriGnCO60hp1BYJWjbtFshfrb0CY-nvoi-pcj8wfP7NJRyI3MDJSyIHowlfi9_kLSKuS2rVKn_qfxkbAASLEtVEUyvw-wRr4Aoqn_-WcTNjal0ZMbF7CSbtpZ8bclg7Y6r937t6grVDGjkkAjGC8DfYFpCutkIDn_Emxcnltx4Lj6NOlflb973VzOU5PWTGvA_nUlFh7-4g_IRmIG-RFUq7vneeZaI6slx_7A3uyU6YHDCs0qss0IuWoLX4l8nUNkyE1UIZLjApj896cBh8-cJqZtRK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw2KHrdJHZf-BKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBLQCT9DxVIQyI99k2jIJnuxA0d9l_3XaLiRV7hzYACyQSSvSfEf8aqF84YcLs5SEOk6yw8xm98FPQ2Pq_J48q0RnGnGdm3C2GMTqvevZ_cosr2CxGrpYK8BhcAK5JAf6v4LOVgcFjGHxGc0mot7Pru5M9MipJaApsHrsOR93a6ofvN48aR8zxXf-_I6sSWyaHbnRyeVeMNFND1Eoi207WdcLWZ9rPRae7nocHYI7vUOdYtzjp5DDwD0br9TavH1_vVpyQhdBZ4Sn3HZ_Hydv5q3QQrUeqox7-Mphrzrb1CPvOHtR-apIU813fXUnnBWfgkSX8jYOlTQnjqBzSu9wDxMxZrFl_RqKfKZW_tKcbJTdvxQfgJ-sjkb-GjD0_ZRBMEkr20AVTRhQEi-1O5GyeN1uVsMuLAjgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Bud9Zuq_nj8_iRsSA97TcqfdexQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
382641
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zr7uU49AxTgAAGviFS10Hd14Pk8NE7xpBc59p6hc6R0Ziy%2Bn9hIcoha21Y9bM7PC1v97WA15cyxUAj%2F61mbBcII6apY16oFA4%2F3szvLjYbCSvR6kvpFBRh2pVk1oqXQo9%2FQeyFpHG%2FR60JZNYK3TMNie"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8216dc643a121959-FRA
expires
Fri, 25 Oct 2024 17:36:46 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FE30 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6AMyz06qZDIIeFZ-J7qLaglTkA-K57KhOA2LOdHVjdnRSMicIwWpwbdyG1Na1vvgOr2n6efgFaz6aSr8UQm3JPDCmHeHMiZXj8jTkhf53eHgu6InORmo4Oe6-v24BiKsMfZAyMAt8FfR3Z_XOSwwpOxDG1-jLRIibJEsogjGVw_ISknXp5mpC31YoptarvypMqJexJCpOUusv9RuPBFQSBwsDM_j4m0WCSS8H0vefMeBZr1pZZtU5HjWqOxfsglwnfgCEJX629eKlmFCTWbBO8epuTQvrH39dqt6P_ZL2zMpkKqqL1hErGF3r7P1wIg-cjQcpPZaAnQ6bemLF3nQ00D-hkQ_05u9l2ifiWOE_CJvpCw0ug7OvvM09ZbgVyT6A4wiZpnT9f-6h_iV6XVJ0sk6xHHELENeckqTSPkjiJlXdtUekkKP602gSAmCYIuD7a7fKynZ84suyib9DjKbZ7FXCPXlBNN3mcuRFrs1CEYxm7tQdQnT4qu52iVS6ldnuxYM4TcchNfYYrZvkhMLK2P46zyFBuvOU9ceTqbr8WsMSPmgGM_SPJphOcm7_j0lvqunhSSLiik6bxmWgN4OcNzLKsMdW4dxC1dMb6fX86m2HYTJfrn_uYL06HJyM8EOe9RuBjNjZcTI10Y4SX4j-bx_isIXi0jhq9L5Tpit8gP1SqvG7f7-H8FKKAjU308lpVPwHDWPHHegsXvszgoyXLL1GSK4eJFqNP9sifbKNcF60iF2yQSv8n57QhjOt0gdVW5KWedZ4FVWmmmjY6iLJbhTrjrKACKxyOYAnYbpRdga3_o3PbohT3IfMMRWayuVm7UrH0Z3EV2Nk34G3dJPrxkcb9e3Ii4idt4KxhtfcVrpp_pPOEp5iawEUJeaVUnca3ZmQmpVcZS_n5GwPhbbhEJCs86oyFBR9fbAK7ly8hNjxCnEpWsF49aTk5-tDg8FS8Aqo_CBi6XoaTZmN1Wvi3bgwgsoLc9i7H0xxW90KlThHBF5imj6fFEIP2DAnuhxViI6flr37sdUZneazh9GR2xsxaYjvqwjtnbFKQlaTKpDIBizRMnHImSycCuwxTZCbeOdxaZnwQ8MNF-oK2uXyVk4tnUBS_nr_OVf5pO2YxzK7x7t4slfGQuKfgQd8NW3vmnB2pxraq1NtVeoSgE88hrz7NUvWGqkIgow4-arfptBwfotGtKuYvTrDf7LbiWGv0icMvI6OpwMRKi-01ZW3XamRMp6KqwTclv1KfjhAMic8mxfTctFRPg2WhIm1d7eWJC1uPs5jQkS_Cdz7L_XPaEkVnlPQsWID7ylsC4Kobzzi3cStpZUArGB7HV3IV0zKAt3HkZlIvYDXoV_FHusYWnB-1In5IZVBNmmyngULeACI60-RDS8AsiQoI1ezoBKczgg&sai=AMfl-YSRiQLHL7EZ2O5tortVvuYTxI0AKvXqkSE9mpB7yk87fTBDwaJgYrSVFY9Kd4aLXUTfT3JGbgCRQWbT6tfpuseTmCGibPPfjovVauUXVDxeScxEyZaJoCjHJPgRL2adFF4dCxDwsZvRlG2zx2RbpjM4guUKcm8dFhrVNeuJIZZBYDINpJIi9ScxgpDfdwzLl2cGxAEfkfj-Y2Io6bdEYTSXsr10DhZffjlZ2uxMc9wSIMgcVRn0DHDtFfHdg9N8h7kpCRa6t3vj1Xwk_MViz85eeLmfG3ILKZ3DUJXfxJuX-Ok7uUGmuuIdsZPYWWpGdqXYLEPHjsJaQjSXGAm3HRFUETEdfS3I8tUMVOY3V13jo6ulPre0DhcVN82wDWRN9hDyKy3EXiWC_uhAy6-r5_vT8PuM6UtLysGAvsrjuvUEXTANwIQmW5mdIJEI9xKvlu50w4V6L-2le_isk1Ic52e-N6pXG4cYhpdnczhRMi-d0gM&sig=Cg0ArKJSzMDWC7MkW3NHEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=242&vt=11&dtpt=241&dett=2&cstd=0&cisv=r20231101.62848&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2AC8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Oct 2024 17:36:46 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2AC8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Oct 2024 17:36:46 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2AC8 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 30 Oct 2024 17:36:46 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 2AC8 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 30 Oct 2024 17:36:46 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 2AC8 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=fcCqvm89V6KexoefMIH02Cdb4M2ukOODbKq6XfMlUdCRBl8cnkk95cPzN1mpl_2P0sLvQo8t5HaHPgkQXHZiSG6y9XHLR384k-KnIlZPBhioECods7374vyFsEWb9r_8Hvwo34u9DDhRZ7bPOkXmqPsmqU_6vET5F0xmX3QWF47pj1oXUM3P6hRwt6n8eXptPbswOhXOmuttCbY5n27z88Yax9izHv1rkNxhd1YIA6ikU3u_iTV3Av4CVXn-cF8mEgo6e2I6uWYnOdwsbtUkf8eX8Zy4XzYprFhOvDp9HUIjAk2Lk5hUsQIlcIJ5rx9aJk0Yu4SCE-5h7yr2_7uAmFtJrJ494EAZz3ylIyDKtWi7FUrdWVIkIIGoM9g1wuuFyHUeSgvU2wueHIxo4Zi97m3GzkSeIlGvy-wQkYeyD8YBKvpGIj7LsU5WqmcJRMzPfLj5Ig
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2423082
expires
Mon, 26 Jul 1997 05:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 3699 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
206546
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 08:14:20 GMT
expires
Sat, 02 Nov 2024 08:14:20 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
styles.css
cdn.okezone.com/underwood/revamp/2023/widget/klasemen/desktop/ Frame 66B0 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/2023/widget/klasemen/desktop/styles.css
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/groupklasemen
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
fbc4a71d0ca91032f343240368da69e09f27dcad66dac8580ef4c396eea9a67f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
gzip
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
41168
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"64db3534-a0d0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
content-length
6805
x-amz-cf-id
mR6sjCU2gd04Ut_WBE3yGNlWjmNHXkRy6MPe25l3mbgAxOLrsD2LaA==
expires
Mon, 13 Nov 2023 08:30:57 GMT
truncated
/ Frame FE30 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd74787a174b19486c5da3545559e2530e7a6232b94f7eccd0b8c9cef91d710e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1D7D 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae4075c4e83f599bbdfa3a828e7dc15ec01a5b53fd42dcdf52af5a94de30c996

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 602A 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
206546
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 08:14:20 GMT
expires
Sat, 02 Nov 2024 08:14:20 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8F8F 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ebd4a6545e73a284ad171023dd514da625fcd042198001d8e8cd4cee3405067

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame ECC2 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ab4dfac396e2c38b1fb2427460844c36f41702cdb9420ecb8c1dfccaeccf718

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
animejs.js
static.criteo.net/animejs/ Frame 1B31 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgP8Ke7FIAAds6LuVhbE9mX67PJdaRw&u=%7C4U7PSCOMCtMN3xCETrFt4l5hGxfjtUcFJdHKOWkgti4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF1NewNbVHyiBZNvuDnVF5bHxSiAGJhDf6bRs77-hEYFGd_XyzjhEFRaWQxv1wE9zRYmcMEx52_b6kZkU7-WUmKZ3kLoLXcduo_CzO5LUaPvhk4vwi0oziq12Pn7nukOmkr6K9WVYSnAlI68JXTfhK059BrTlKXzJwPtn3xkScFx78fpCNKGeWZvn2gswMhTDOGUbz-1_mJVTCDPc486HuRj7IgFvT0fAPNqSX5GZE4X4EJUO1-o_17emobMszGfLQ0DFjk2VCnip_g1G_8TsajOCvVPvRriGnCO60hp1BYJWjbtFshfrb0CY-nvoi-pcj8wfP7NJRyI3MDJSyIHowlfi9_kLSKuS2rVKn_qfxkbAASLEtVEUyvw-wRr4Aoqn_-WcTNjal0ZMbF7CSbtpZ8bclg7Y6r937t6grVDGjkkAjGC8DfYFpCutkIDn_Emxcnltx4Lj6NOlflb973VzOU5PWTGvA_nUlFh7-4g_IRmIG-RFUq7vneeZaI6slx_7A3uyU6YHDCs0qss0IuWoLX4l8nUNkyE1UIZLjApj896cBh8-cJqZtRK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw2KHrdJHZf-BKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBLQCT9DxVIQyI99k2jIJnuxA0d9l_3XaLiRV7hzYACyQSSvSfEf8aqF84YcLs5SEOk6yw8xm98FPQ2Pq_J48q0RnGnGdm3C2GMTqvevZ_cosr2CxGrpYK8BhcAK5JAf6v4LOVgcFjGHxGc0mot7Pru5M9MipJaApsHrsOR93a6ofvN48aR8zxXf-_I6sSWyaHbnRyeVeMNFND1Eoi207WdcLWZ9rPRae7nocHYI7vUOdYtzjp5DDwD0br9TavH1_vVpyQhdBZ4Sn3HZ_Hydv5q3QQrUeqox7-Mphrzrb1CPvOHtR-apIU813fXUnnBWfgkSX8jYOlTQnjqBzSu9wDxMxZrFl_RqKfKZW_tKcbJTdvxQfgJ-sjkb-GjD0_ZRBMEkr20AVTRhQEi-1O5GyeN1uVsMuLAjgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Bud9Zuq_nj8_iRsSA97TcqfdexQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Oct 2024 17:36:46 GMT
6b0ee93c5cf8486b99ba2a7a7bfeb73d_cpn_300x250_1.jpeg
static.criteo.net/design/dt/3455/4786327/ Frame 1B31 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/3455/4786327/6b0ee93c5cf8486b99ba2a7a7bfeb73d_cpn_300x250_1.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgP8Ke7FIAAds6LuVhbE9mX67PJdaRw&u=%7C4U7PSCOMCtMN3xCETrFt4l5hGxfjtUcFJdHKOWkgti4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF1NewNbVHyiBZNvuDnVF5bHxSiAGJhDf6bRs77-hEYFGd_XyzjhEFRaWQxv1wE9zRYmcMEx52_b6kZkU7-WUmKZ3kLoLXcduo_CzO5LUaPvhk4vwi0oziq12Pn7nukOmkr6K9WVYSnAlI68JXTfhK059BrTlKXzJwPtn3xkScFx78fpCNKGeWZvn2gswMhTDOGUbz-1_mJVTCDPc486HuRj7IgFvT0fAPNqSX5GZE4X4EJUO1-o_17emobMszGfLQ0DFjk2VCnip_g1G_8TsajOCvVPvRriGnCO60hp1BYJWjbtFshfrb0CY-nvoi-pcj8wfP7NJRyI3MDJSyIHowlfi9_kLSKuS2rVKn_qfxkbAASLEtVEUyvw-wRr4Aoqn_-WcTNjal0ZMbF7CSbtpZ8bclg7Y6r937t6grVDGjkkAjGC8DfYFpCutkIDn_Emxcnltx4Lj6NOlflb973VzOU5PWTGvA_nUlFh7-4g_IRmIG-RFUq7vneeZaI6slx_7A3uyU6YHDCs0qss0IuWoLX4l8nUNkyE1UIZLjApj896cBh8-cJqZtRK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw2KHrdJHZf-BKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBLQCT9DxVIQyI99k2jIJnuxA0d9l_3XaLiRV7hzYACyQSSvSfEf8aqF84YcLs5SEOk6yw8xm98FPQ2Pq_J48q0RnGnGdm3C2GMTqvevZ_cosr2CxGrpYK8BhcAK5JAf6v4LOVgcFjGHxGc0mot7Pru5M9MipJaApsHrsOR93a6ofvN48aR8zxXf-_I6sSWyaHbnRyeVeMNFND1Eoi207WdcLWZ9rPRae7nocHYI7vUOdYtzjp5DDwD0br9TavH1_vVpyQhdBZ4Sn3HZ_Hydv5q3QQrUeqox7-Mphrzrb1CPvOHtR-apIU813fXUnnBWfgkSX8jYOlTQnjqBzSu9wDxMxZrFl_RqKfKZW_tKcbJTdvxQfgJ-sjkb-GjD0_ZRBMEkr20AVTRhQEi-1O5GyeN1uVsMuLAjgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Bud9Zuq_nj8_iRsSA97TcqfdexQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
01ef8ad56ec25edd203c3cd1f71170fc5bff7b4e7508f284a81128aeb1aa49b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 07:45:06 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"653b6a82-13bef"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
80879
expires
Wed, 30 Oct 2024 17:36:46 GMT
img
imageproxy.eu.criteo.net/img/ Frame 1B31 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=76&m=0&partner=3455&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3455%2F210331%2F6d4c617ae012456da1cfa367ffefe967_logo.png&v=3&w=596&rid=4&s=an99xu9Z2xaVljBqVmeKWiN0
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgP8Ke7FIAAds6LuVhbE9mX67PJdaRw&u=%7C4U7PSCOMCtMN3xCETrFt4l5hGxfjtUcFJdHKOWkgti4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF1NewNbVHyiBZNvuDnVF5bHxSiAGJhDf6bRs77-hEYFGd_XyzjhEFRaWQxv1wE9zRYmcMEx52_b6kZkU7-WUmKZ3kLoLXcduo_CzO5LUaPvhk4vwi0oziq12Pn7nukOmkr6K9WVYSnAlI68JXTfhK059BrTlKXzJwPtn3xkScFx78fpCNKGeWZvn2gswMhTDOGUbz-1_mJVTCDPc486HuRj7IgFvT0fAPNqSX5GZE4X4EJUO1-o_17emobMszGfLQ0DFjk2VCnip_g1G_8TsajOCvVPvRriGnCO60hp1BYJWjbtFshfrb0CY-nvoi-pcj8wfP7NJRyI3MDJSyIHowlfi9_kLSKuS2rVKn_qfxkbAASLEtVEUyvw-wRr4Aoqn_-WcTNjal0ZMbF7CSbtpZ8bclg7Y6r937t6grVDGjkkAjGC8DfYFpCutkIDn_Emxcnltx4Lj6NOlflb973VzOU5PWTGvA_nUlFh7-4g_IRmIG-RFUq7vneeZaI6slx_7A3uyU6YHDCs0qss0IuWoLX4l8nUNkyE1UIZLjApj896cBh8-cJqZtRK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw2KHrdJHZf-BKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBLQCT9DxVIQyI99k2jIJnuxA0d9l_3XaLiRV7hzYACyQSSvSfEf8aqF84YcLs5SEOk6yw8xm98FPQ2Pq_J48q0RnGnGdm3C2GMTqvevZ_cosr2CxGrpYK8BhcAK5JAf6v4LOVgcFjGHxGc0mot7Pru5M9MipJaApsHrsOR93a6ofvN48aR8zxXf-_I6sSWyaHbnRyeVeMNFND1Eoi207WdcLWZ9rPRae7nocHYI7vUOdYtzjp5DDwD0br9TavH1_vVpyQhdBZ4Sn3HZ_Hydv5q3QQrUeqox7-Mphrzrb1CPvOHtR-apIU813fXUnnBWfgkSX8jYOlTQnjqBzSu9wDxMxZrFl_RqKfKZW_tKcbJTdvxQfgJ-sjkb-GjD0_ZRBMEkr20AVTRhQEi-1O5GyeN1uVsMuLAjgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Bud9Zuq_nj8_iRsSA97TcqfdexQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
23569936dbb5eeaa2b8d3e2f7be862997eee6016d52a2c38f1911b3b9d04d029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
7094
expires
Wed, 02 Oct 2024 08:21:33 GMT
img
imageproxy.eu.criteo.net/img/ Frame 1B31 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_170516-44713_2010_110.jpg&v=3&w=400&rid=4&s=1noNYCYK6jDFaOibcxsEE8pX&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgP8Ke7FIAAds6LuVhbE9mX67PJdaRw&u=%7C4U7PSCOMCtMN3xCETrFt4l5hGxfjtUcFJdHKOWkgti4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF1NewNbVHyiBZNvuDnVF5bHxSiAGJhDf6bRs77-hEYFGd_XyzjhEFRaWQxv1wE9zRYmcMEx52_b6kZkU7-WUmKZ3kLoLXcduo_CzO5LUaPvhk4vwi0oziq12Pn7nukOmkr6K9WVYSnAlI68JXTfhK059BrTlKXzJwPtn3xkScFx78fpCNKGeWZvn2gswMhTDOGUbz-1_mJVTCDPc486HuRj7IgFvT0fAPNqSX5GZE4X4EJUO1-o_17emobMszGfLQ0DFjk2VCnip_g1G_8TsajOCvVPvRriGnCO60hp1BYJWjbtFshfrb0CY-nvoi-pcj8wfP7NJRyI3MDJSyIHowlfi9_kLSKuS2rVKn_qfxkbAASLEtVEUyvw-wRr4Aoqn_-WcTNjal0ZMbF7CSbtpZ8bclg7Y6r937t6grVDGjkkAjGC8DfYFpCutkIDn_Emxcnltx4Lj6NOlflb973VzOU5PWTGvA_nUlFh7-4g_IRmIG-RFUq7vneeZaI6slx_7A3uyU6YHDCs0qss0IuWoLX4l8nUNkyE1UIZLjApj896cBh8-cJqZtRK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw2KHrdJHZf-BKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBLQCT9DxVIQyI99k2jIJnuxA0d9l_3XaLiRV7hzYACyQSSvSfEf8aqF84YcLs5SEOk6yw8xm98FPQ2Pq_J48q0RnGnGdm3C2GMTqvevZ_cosr2CxGrpYK8BhcAK5JAf6v4LOVgcFjGHxGc0mot7Pru5M9MipJaApsHrsOR93a6ofvN48aR8zxXf-_I6sSWyaHbnRyeVeMNFND1Eoi207WdcLWZ9rPRae7nocHYI7vUOdYtzjp5DDwD0br9TavH1_vVpyQhdBZ4Sn3HZ_Hydv5q3QQrUeqox7-Mphrzrb1CPvOHtR-apIU813fXUnnBWfgkSX8jYOlTQnjqBzSu9wDxMxZrFl_RqKfKZW_tKcbJTdvxQfgJ-sjkb-GjD0_ZRBMEkr20AVTRhQEi-1O5GyeN1uVsMuLAjgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Bud9Zuq_nj8_iRsSA97TcqfdexQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b5697a11d7cc526d59877917cde1fbb821413cd68bd7b524ef9072cb42e8b424
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
16704
expires
Wed, 08 Nov 2023 08:47:26 GMT
img
imageproxy.eu.criteo.net/img/ Frame 1B31 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_280029-31429_5058_110.jpg&v=3&w=400&rid=4&s=I0Rd6dRIbTd0Itx89-s47Zzz&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgP8Ke7FIAAds6LuVhbE9mX67PJdaRw&u=%7C4U7PSCOMCtMN3xCETrFt4l5hGxfjtUcFJdHKOWkgti4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF1NewNbVHyiBZNvuDnVF5bHxSiAGJhDf6bRs77-hEYFGd_XyzjhEFRaWQxv1wE9zRYmcMEx52_b6kZkU7-WUmKZ3kLoLXcduo_CzO5LUaPvhk4vwi0oziq12Pn7nukOmkr6K9WVYSnAlI68JXTfhK059BrTlKXzJwPtn3xkScFx78fpCNKGeWZvn2gswMhTDOGUbz-1_mJVTCDPc486HuRj7IgFvT0fAPNqSX5GZE4X4EJUO1-o_17emobMszGfLQ0DFjk2VCnip_g1G_8TsajOCvVPvRriGnCO60hp1BYJWjbtFshfrb0CY-nvoi-pcj8wfP7NJRyI3MDJSyIHowlfi9_kLSKuS2rVKn_qfxkbAASLEtVEUyvw-wRr4Aoqn_-WcTNjal0ZMbF7CSbtpZ8bclg7Y6r937t6grVDGjkkAjGC8DfYFpCutkIDn_Emxcnltx4Lj6NOlflb973VzOU5PWTGvA_nUlFh7-4g_IRmIG-RFUq7vneeZaI6slx_7A3uyU6YHDCs0qss0IuWoLX4l8nUNkyE1UIZLjApj896cBh8-cJqZtRK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw2KHrdJHZf-BKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBLQCT9DxVIQyI99k2jIJnuxA0d9l_3XaLiRV7hzYACyQSSvSfEf8aqF84YcLs5SEOk6yw8xm98FPQ2Pq_J48q0RnGnGdm3C2GMTqvevZ_cosr2CxGrpYK8BhcAK5JAf6v4LOVgcFjGHxGc0mot7Pru5M9MipJaApsHrsOR93a6ofvN48aR8zxXf-_I6sSWyaHbnRyeVeMNFND1Eoi207WdcLWZ9rPRae7nocHYI7vUOdYtzjp5DDwD0br9TavH1_vVpyQhdBZ4Sn3HZ_Hydv5q3QQrUeqox7-Mphrzrb1CPvOHtR-apIU813fXUnnBWfgkSX8jYOlTQnjqBzSu9wDxMxZrFl_RqKfKZW_tKcbJTdvxQfgJ-sjkb-GjD0_ZRBMEkr20AVTRhQEi-1O5GyeN1uVsMuLAjgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Bud9Zuq_nj8_iRsSA97TcqfdexQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
458526c1f7718b3b190a9d63f03f019fa10c15ad982eb21f83f91d6ce011c5a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
5408
expires
Mon, 06 Nov 2023 20:30:53 GMT
all
csm.eu.criteo.net/ Frame 1B31 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=KKxN2S5JysNXgSUlnbivhK-LBNnfsjH3uMx1_jGcfemkdFW-yBa-Xse8dzl3tGaHHedpoPsMQtspl4dDauWNS6_yNB--Z6yb4inqcgBGteasuPKhxi7lIiHwlxDV_Pb5kFCSOM2nZNDgc30VZTMcIBXYDThws3myRQVuV-CSZU9Ex0ojyQu5iWPGtM_mxEO3sTygU5vLS_m7FmAHGzhWSDIcraEJN_vRLtUOtcQ7kNIiZ0dF2IVWW0CQq_-UA-maPxcfBA&sds=2&rev=89168&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgP8Ke7FIAAds6LuVhbE9mX67PJdaRw&u=%7C4U7PSCOMCtMN3xCETrFt4l5hGxfjtUcFJdHKOWkgti4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF1NewNbVHyiBZNvuDnVF5bHxSiAGJhDf6bRs77-hEYFGd_XyzjhEFRaWQxv1wE9zRYmcMEx52_b6kZkU7-WUmKZ3kLoLXcduo_CzO5LUaPvhk4vwi0oziq12Pn7nukOmkr6K9WVYSnAlI68JXTfhK059BrTlKXzJwPtn3xkScFx78fpCNKGeWZvn2gswMhTDOGUbz-1_mJVTCDPc486HuRj7IgFvT0fAPNqSX5GZE4X4EJUO1-o_17emobMszGfLQ0DFjk2VCnip_g1G_8TsajOCvVPvRriGnCO60hp1BYJWjbtFshfrb0CY-nvoi-pcj8wfP7NJRyI3MDJSyIHowlfi9_kLSKuS2rVKn_qfxkbAASLEtVEUyvw-wRr4Aoqn_-WcTNjal0ZMbF7CSbtpZ8bclg7Y6r937t6grVDGjkkAjGC8DfYFpCutkIDn_Emxcnltx4Lj6NOlflb973VzOU5PWTGvA_nUlFh7-4g_IRmIG-RFUq7vneeZaI6slx_7A3uyU6YHDCs0qss0IuWoLX4l8nUNkyE1UIZLjApj896cBh8-cJqZtRK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw2KHrdJHZf-BKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBLQCT9DxVIQyI99k2jIJnuxA0d9l_3XaLiRV7hzYACyQSSvSfEf8aqF84YcLs5SEOk6yw8xm98FPQ2Pq_J48q0RnGnGdm3C2GMTqvevZ_cosr2CxGrpYK8BhcAK5JAf6v4LOVgcFjGHxGc0mot7Pru5M9MipJaApsHrsOR93a6ofvN48aR8zxXf-_I6sSWyaHbnRyeVeMNFND1Eoi207WdcLWZ9rPRae7nocHYI7vUOdYtzjp5DDwD0br9TavH1_vVpyQhdBZ4Sn3HZ_Hydv5q3QQrUeqox7-Mphrzrb1CPvOHtR-apIU813fXUnnBWfgkSX8jYOlTQnjqBzSu9wDxMxZrFl_RqKfKZW_tKcbJTdvxQfgJ-sjkb-GjD0_ZRBMEkr20AVTRhQEi-1O5GyeN1uVsMuLAjgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Bud9Zuq_nj8_iRsSA97TcqfdexQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1B31 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgP8Ke7FIAAds6LuVhbE9mX67PJdaRw&u=%7C4U7PSCOMCtMN3xCETrFt4l5hGxfjtUcFJdHKOWkgti4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF1NewNbVHyiBZNvuDnVF5bHxSiAGJhDf6bRs77-hEYFGd_XyzjhEFRaWQxv1wE9zRYmcMEx52_b6kZkU7-WUmKZ3kLoLXcduo_CzO5LUaPvhk4vwi0oziq12Pn7nukOmkr6K9WVYSnAlI68JXTfhK059BrTlKXzJwPtn3xkScFx78fpCNKGeWZvn2gswMhTDOGUbz-1_mJVTCDPc486HuRj7IgFvT0fAPNqSX5GZE4X4EJUO1-o_17emobMszGfLQ0DFjk2VCnip_g1G_8TsajOCvVPvRriGnCO60hp1BYJWjbtFshfrb0CY-nvoi-pcj8wfP7NJRyI3MDJSyIHowlfi9_kLSKuS2rVKn_qfxkbAASLEtVEUyvw-wRr4Aoqn_-WcTNjal0ZMbF7CSbtpZ8bclg7Y6r937t6grVDGjkkAjGC8DfYFpCutkIDn_Emxcnltx4Lj6NOlflb973VzOU5PWTGvA_nUlFh7-4g_IRmIG-RFUq7vneeZaI6slx_7A3uyU6YHDCs0qss0IuWoLX4l8nUNkyE1UIZLjApj896cBh8-cJqZtRK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw2KHrdJHZf-BKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBLQCT9DxVIQyI99k2jIJnuxA0d9l_3XaLiRV7hzYACyQSSvSfEf8aqF84YcLs5SEOk6yw8xm98FPQ2Pq_J48q0RnGnGdm3C2GMTqvevZ_cosr2CxGrpYK8BhcAK5JAf6v4LOVgcFjGHxGc0mot7Pru5M9MipJaApsHrsOR93a6ofvN48aR8zxXf-_I6sSWyaHbnRyeVeMNFND1Eoi207WdcLWZ9rPRae7nocHYI7vUOdYtzjp5DDwD0br9TavH1_vVpyQhdBZ4Sn3HZ_Hydv5q3QQrUeqox7-Mphrzrb1CPvOHtR-apIU813fXUnnBWfgkSX8jYOlTQnjqBzSu9wDxMxZrFl_RqKfKZW_tKcbJTdvxQfgJ-sjkb-GjD0_ZRBMEkr20AVTRhQEi-1O5GyeN1uVsMuLAjgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Bud9Zuq_nj8_iRsSA97TcqfdexQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Oct 2024 17:36:46 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 1B31 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgP8Ke7FIAAds6LuVhbE9mX67PJdaRw&u=%7C4U7PSCOMCtMN3xCETrFt4l5hGxfjtUcFJdHKOWkgti4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF1NewNbVHyiBZNvuDnVF5bHxSiAGJhDf6bRs77-hEYFGd_XyzjhEFRaWQxv1wE9zRYmcMEx52_b6kZkU7-WUmKZ3kLoLXcduo_CzO5LUaPvhk4vwi0oziq12Pn7nukOmkr6K9WVYSnAlI68JXTfhK059BrTlKXzJwPtn3xkScFx78fpCNKGeWZvn2gswMhTDOGUbz-1_mJVTCDPc486HuRj7IgFvT0fAPNqSX5GZE4X4EJUO1-o_17emobMszGfLQ0DFjk2VCnip_g1G_8TsajOCvVPvRriGnCO60hp1BYJWjbtFshfrb0CY-nvoi-pcj8wfP7NJRyI3MDJSyIHowlfi9_kLSKuS2rVKn_qfxkbAASLEtVEUyvw-wRr4Aoqn_-WcTNjal0ZMbF7CSbtpZ8bclg7Y6r937t6grVDGjkkAjGC8DfYFpCutkIDn_Emxcnltx4Lj6NOlflb973VzOU5PWTGvA_nUlFh7-4g_IRmIG-RFUq7vneeZaI6slx_7A3uyU6YHDCs0qss0IuWoLX4l8nUNkyE1UIZLjApj896cBh8-cJqZtRK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw2KHrdJHZf-BKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBLQCT9DxVIQyI99k2jIJnuxA0d9l_3XaLiRV7hzYACyQSSvSfEf8aqF84YcLs5SEOk6yw8xm98FPQ2Pq_J48q0RnGnGdm3C2GMTqvevZ_cosr2CxGrpYK8BhcAK5JAf6v4LOVgcFjGHxGc0mot7Pru5M9MipJaApsHrsOR93a6ofvN48aR8zxXf-_I6sSWyaHbnRyeVeMNFND1Eoi207WdcLWZ9rPRae7nocHYI7vUOdYtzjp5DDwD0br9TavH1_vVpyQhdBZ4Sn3HZ_Hydv5q3QQrUeqox7-Mphrzrb1CPvOHtR-apIU813fXUnnBWfgkSX8jYOlTQnjqBzSu9wDxMxZrFl_RqKfKZW_tKcbJTdvxQfgJ-sjkb-GjD0_ZRBMEkr20AVTRhQEi-1O5GyeN1uVsMuLAjgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Bud9Zuq_nj8_iRsSA97TcqfdexQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Oct 2024 17:36:46 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
276 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
1c68df31e23fcfe0ebd66e97db5d3131b0488efc4b7630f874cc8a7af9c04942
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin
https://bola.okezone.com
date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 2AC8 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
382641
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKCWSWXt%2Flg5e%2Fvi6hnskvfpzGjp0Ef%2F6kmSQJm39ZKHsbtaCqDRaMLJisHDk0RryvGsMfTSkmze6hAHGXUKXre%2FK3rmOYSpOuLkdaWho4QLiHnh4z2D8x7GzpSuAUO0UPG4HinjieOjR0BWZqvQpnhi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8216dc655bca1959-FRA
expires
Fri, 25 Oct 2024 17:36:46 GMT
animejs.js
static.criteo.net/animejs/ Frame 2AC8 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Oct 2024 17:36:46 GMT
vertikal
sindikasi.okezone.com/widget/portal/okezone/ Frame B984 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2017/home/js/01/main-v2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:8e00:1f:789c:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.55 (Unix) /
Resource Hash
ca04a6a32011195e99b4c9369301de5deef66c7cf9644b679eeaa80cc27be1bf

Request headers

Referer
https://bola.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 05 Nov 2023 17:36:47 GMT
server
Apache/2.4.55 (Unix)
vary
Accept-Encoding
via
1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
x-amz-cf-id
6e_uggLV_c79Ca8cwTsEhrnVLU0WYULGLsKPP2hEOY_Xa3GHnALsCQ==
x-amz-cf-pop
DUS51-P1
x-cache
Miss from cloudfront
rekap-yasin-bagian-2-lupa-al-quran
www.visionplus.id/wat-23110512/merah-padam/berstatus/ Frame EBDF 		26 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.visionplus.id/wat-23110512/merah-padam/berstatus/rekap-yasin-bagian-2-lupa-al-quran?fr=oz&v=1699205806455
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:6e00:e:ddd6:52c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ceb65936377e2e9412f4a49e555ea2119b82bee7bbb3d1ec2e21db3f98cae065

Request headers

Referer
https://bola.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Sun, 05 Nov 2023 17:36:47 GMT
server
nginx/1.18.0 (Ubuntu)
via
1.1 9418ec5c8ad0c320eddf5061646e3d88.cloudfront.net (CloudFront)
x-amz-cf-id
It4YRqIFXPHeZyP8EmX6Zvb2RDvuDUGBKJnJp5eCTy3bNjd3K3yCww==
x-amz-cf-pop
AMS58-P3
x-cache
Miss from cloudfront
ac-milan-dipermalukan-udinese-stefano-pioli-kami-pantas-diejek
www.rctiplus.com/khsusus/4097199/ Frame 43D0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rctiplus.com/khsusus/4097199/ac-milan-dipermalukan-udinese-stefano-pioli-kami-pantas-diejek?1699205806226
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.238 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine / Dark Phoenix
Resource Hash
f9b23d992cf498a5fafa39d0142162a99528d0e74cabe33ce911d0c33efcd8ba

Request headers

Referer
https://bola.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
ali-swift-global-savetime
1699205808
cache-control
no-cache, private
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 05 Nov 2023 17:36:47 GMT
eagleid
a3b55ca316992058075963956e
server
Tengine
timing-allow-origin
*
vary
Accept-Encoding User-Agent
via
cache26.l2de2[478,477,200-0,M], cache8.l2de2[479,0], ens-cache9.de5[482,482,200-0,M], ens-cache15.de5[484,0]
x-cache
MISS TCP_MISS dirn:-2:-2
x-powered-by
Dark Phoenix
x-robots-tag
noindex
x-swift-cachetime
0
x-swift-savetime
Sun, 05 Nov 2023 17:36:48 GMT
f42b96353b1a43b1bfb1603f72d7c24b_sabonroman.woff
static.criteo.net/design/dt/ Frame 2AC8 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/f42b96353b1a43b1bfb1603f72d7c24b_sabonroman.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
272164e5b3fb96e072257a2b6439d17a64d72018196ea36e8a73024c380dc9cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 01 Mar 2021 13:06:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"603ce6bb-6d70"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Oct 2024 17:36:47 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2AC8 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=110&m=0&partner=3455&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3455%2F210331%2F6d4c617ae012456da1cfa367ffefe967_logo.png&v=3&w=236&rid=4&s=YxrRsJoN3MxGZH-VR0ErNTWj
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
12b80afebecfe126bbe6b1c849ef5c8ff4e964bd63648ab97ec909c51dbe4a08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
3759
expires
Wed, 02 Oct 2024 08:21:33 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2AC8 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_170516-44713_2010_110.jpg&v=3&w=800&rid=4&s=QNRCeeyaS_NDvYaSzN47JHVE&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b5697a11d7cc526d59877917cde1fbb821413cd68bd7b524ef9072cb42e8b424
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
16704
expires
Wed, 08 Nov 2023 08:47:26 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2AC8 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_271053-35734_1090_110.jpg&v=3&w=800&rid=4&s=tcpQJbeZSNfWqUCz2G0QAxRm&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
907023d33b2ef9e33a264bf2953227d8b49cbc7de512c9a0afa280445cf29d56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
17686
expires
Wed, 08 Nov 2023 06:13:06 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2AC8 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_170569-44740_204690_110.jpg&v=3&w=800&rid=4&s=Sq0_ImAL82retiB5s5VfOlsh&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f6d2dc3610fc4fe554b7636495eff8927a3fb930ba7142696b998c5477f601e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
6028
expires
Tue, 07 Nov 2023 20:15:04 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2AC8 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_170569-44740_30910_110.jpg&v=3&w=800&rid=4&s=RlkfWnd1DY6NUi9nvhE_EA5M&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bd65fb40e4055627f49df4e991bf4f54e3607c2a7baafa17b485c3a0f32051e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
6190
expires
Fri, 10 Nov 2023 12:48:09 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2AC8 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_280025-35701_2070_110.jpg&v=3&w=800&rid=4&s=TSAXS03IqgW8d05kyCQwic_a&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6e7510f66c1399bed56e18219b3000870133b49160e5a69a3e5b86f6e319bec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
7418
expires
Thu, 09 Nov 2023 12:50:55 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2AC8 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_170081-44002_5098_110.jpg&v=3&w=800&rid=4&s=r9AMfnmIg9ijNDgDbcr5JW87&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7f8752a035e1737a120e46720e49bca2019a5a75fb6c23b3a783fb81cd2b080a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
16864
expires
Thu, 09 Nov 2023 15:07:16 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2AC8 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_965029-66441_99600_110.jpg&v=3&w=800&rid=4&s=2QdG_FujPGeHb9TDeoMUGM9J&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
909946ff3314939eb3752c37307b758308a8406065159ceeba22f04c23c51955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
4476
expires
Fri, 10 Nov 2023 16:16:18 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2AC8 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_170559-44735_204690_110.jpg&v=3&w=800&rid=4&s=QKUg-pXx28JQhqZ_VOf5uhju&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
df892305dea13b6b04c0e8c01a3c328029b79260146bdd2b0d3163b6c38153cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
5834
expires
Mon, 06 Nov 2023 13:21:11 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2AC8 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3455&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F1_122085-66281_1090_110.jpg&v=3&w=800&rid=4&s=F-F2xdNNI8-7S3mRu5fXnqeq&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
562fef89fc63fbd370e23d39b0d0157743c9f038c7ea294ebffb92f4e45faa58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=604800
timing-allow-origin
*
content-length
7396
expires
Wed, 08 Nov 2023 12:29:25 GMT
all
csm.eu.criteo.net/ Frame 2AC8 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=vIykLC5JysNXgSUl7q_xEKaOF5cD4ZfM1z4IvZxj1kVnG0AMBEfJkE_ulMWFdwse86RTMnuTmQC-c-zO6354fmYMrROKN6QT446AChAr0Qb5f0TsJzkcxIH1YcTVvImumwJu62k4njJUkramn6sD-TE2Dq8LSW8kwuUhS7txp693cGzWwvpKW-0ZLEx1Q4R8ClrtuCdRAUboswLu4Imi7k4hUSOVZjXMrjlgVDUFcPK7aonDn1zNsK55c1s&sds=2&rev=89168&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2AC8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Oct 2024 17:36:47 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2AC8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Oct 2024 17:36:47 GMT
csi
csi.gstatic.com/ Frame 4D25 		0
235 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1699205806944&c=821912577806818&qqid=CLyMy_OyrYIDFUixewod6GwHuQ&rt=any.link.6.3l.1d.m.14.0.17jb.17az~any.script.6.3j.2.1u.0.0.49s.41g~any.script.6.3m.e.1m.0.0.mno.mfc~any.script.6.3g.2.1r.0.0.1pr.1hf~any.script.6.38.2.1j.0.0.a89.9zx~any.link.7.2a.1.1d.u.0.15o.xc~any.img.8.29.1.19.x.0.2k8.2bw~any.img.8.2a.1.19.0.0.hw.9k~any.css.2u.n.1.k.0.0.nvx.nnl&met.a4a=dcl.1~ol.1~nvs.1699205806283~ini.1699205806945
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310201815000/v0/amp-analytics-0.1.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1404::78 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bola.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4D25 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CEGbBrdJHZfyBKsji7gPo2Z3IC4z-uedzj8OensMSZBABILH4pCVglYKAgJgHoAGhxvCsAcgBCakCKtx0aBMBsj7gAgCoAwHIAwqqBMUCT9BsGhATiZYnXJD4Ui3KJ_7r6O4bquwYJ4KqVg2tFa2A3-YWCgZASwztHHAKUTi-L8HtQ7zjoj2VGMVz-W7vQQ5GERCSZJE6sSEHIZvdeHD1QuQq_0Zy1sJSyrJK1BM55Yay7rV74BMZSzbrwtdOwXxkAIEM20xEGfCqXUAdQFM_q7uN7KtJPgku_FvSP1OlYPmahcYiQG0va2Omio4QI9STHHBZt-kvyNMs1Zbg1_qkMQx7VjrRIa7HZJc2LP83XDb8oMlxFQFWZn4Nthmpo8dyZWFdDUITZAgN94N6Y90q-2SOa10PkbSEhnhSyfR1_lmSDF5S084TomVpfpB3gSKwaRbYmoGreNha022VjHvZXB5zRgXfwPb0LWj3VwpMhHRcN_4bZXWcmcZ-B0Sg-GmYptkpiaRqoQnMVxO6z9AYIENewcAE9ruWrf8D4AQBiAWm7enyQZIFBAgEGAGSBQQIBRgEoAYugAfHuY_TAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMmoDtIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqaCT5odHRwczovL3d3dy5hZ3JpYXRpZXJ2ZXJzaWNoZXJ1bmcuZGUva2F0emUva2F0emVudmVyc2ljaGVydW5nL4AKA8gLAeINEwjZssnzsq2CAxVIsXsKHehsB7nYEwzQFQGAFwGyFx4KHAgAEhRwdWItMTA2OTgwNzQyOTcwMDA5MhiZlxY&sigh=Py2ld6VfXtU&uach_m=[]&ase=2&nis=5&cid=CAQSTADICaaNTVDxasBeWnqraYB1QftTdxB06qn-iB1EbQbnTeocvk-oqnSzvChhXBfd8ggLKTa04ZEN4O4PuPbwZkdBiwCf3cim1xjZpHYYAQ&template_id=5000&cbvp=2
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
roboto-v18-latin-700.ttf
cdn.okezone.com/underwood/fonts/roboto-v18-latin/ Frame 66B0 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/fonts/roboto-v18-latin/roboto-v18-latin-700.ttf
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2023/widget/klasemen/desktop/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
70e339a1a220298dd1d9c6a69bbb3e3f7e2b4e655c85da9f127cb21a699f99d8

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2023/widget/klasemen/desktop/styles.css
Origin
https://sindikasi.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
via
1.1 96715c2264ed86dcc0da2beca3559080.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 10:23:45 GMT
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"616410b1-89a4"
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
35236
x-amz-cf-id
bnH36GE8MbCWIFiH9EE4jqf1J7QYsi22W8GMzbPbNeN7RWQ-Jy3Z0w==
expires
Tue, 05 Dec 2023 17:36:47 GMT
prompt-400.css
static.criteo.net/design/googlefont/prompt/ Frame 1B31 		1 KB
740 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/prompt/prompt-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
199aab1f505ae0a7a87a10b59b877973cc25158d1876d3dc42b911d4e5397afa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:12:56 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f0e8-4ef"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Oct 2024 17:36:47 GMT
prompt-700.css
static.criteo.net/design/googlefont/prompt/ Frame 1B31 		1 KB
740 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/prompt/prompt-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
db6a3fdf38dab07e0ccee2a304d9c643d3c0cac0ff9389ff655a062471c575b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:12:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f0ea-4ef"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Oct 2024 17:36:47 GMT
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 3699 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:57:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
20339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Nov 2024 11:57:48 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame FE30 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df0d3f5eed86511fa9135f21cbee65b08c1efc23fea10175b0f2db4bca19b670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 16:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
2851
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24425
x-xss-protection
0
server
cafe
etag
2680689839065237785
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 17:49:16 GMT
prompt-400.css
static.criteo.net/design/googlefont/prompt/ Frame 2AC8 		1 KB
740 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/prompt/prompt-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
199aab1f505ae0a7a87a10b59b877973cc25158d1876d3dc42b911d4e5397afa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:12:56 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f0e8-4ef"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Oct 2024 17:36:47 GMT
prompt-700.css
static.criteo.net/design/googlefont/prompt/ Frame 2AC8 		1 KB
740 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/prompt/prompt-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
db6a3fdf38dab07e0ccee2a304d9c643d3c0cac0ff9389ff655a062471c575b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:12:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f0ea-4ef"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Oct 2024 17:36:47 GMT
v2
id5-sync.com/gm/ 		251 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v2
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
5c04ced22a2ca15c8da72dec1fc67a0c2f926e9ac5f9b8f14b6d0da873cfa087
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://bola.okezone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bola.okezone.com
date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 602A 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:57:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
20339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Nov 2024 11:57:48 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 1D7D 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df0d3f5eed86511fa9135f21cbee65b08c1efc23fea10175b0f2db4bca19b670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 16:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
2851
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24425
x-xss-protection
0
server
cafe
etag
2680689839065237785
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 17:49:16 GMT
prompt-400-latin.woff2
static.criteo.net/design/googlefont/prompt/ Frame 1B31 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/prompt/prompt-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/prompt/prompt-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0dc405349b9e64616a3625673041771f2be733ebcb07688fcacd947401e40d34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/prompt/prompt-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:12:56 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f0e8-44e8"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Oct 2024 17:36:47 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 8F8F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CNSGgrdJHZf-BKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBLECT9DxVIQyI99k2jIJnuxA0d9l_3XaLiRV7hzYACyQSSvSfEf8aqF84YcLs5SEOk6yw8xm98FPQ2Pq_J48q0RnGnGdm3C2GMTqvevZ_cosr2CxGrpYK8BhcAK5JAf6v4LOVgcFjGHxGc0mot7Pru5M9MipJaApsHrsOR93a6ofvN48aR8zxXf-_I6sSWyaHbnRyeVeMNFND1Eoi207WdcLWZ9rPRae7nocHYI7vUOdYtzjp5DDwD0br9TavH1_vVpyQhdBZ4Sn3HZ_Hydv5q3QQrUeqox7-Mphrzrb1CPvOHtR-apIU813fXUnnBWfgkSX8jYOlTQnjqBzSu9wDxMxZrFl_RqKfKZW_tKcLpb8LZSMUKIKXmEklhAdWZpmOv8h9ViX-dBttN0KJb2q4Bf6dirgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01ODcyNDYwNzM1MDI1Mjk4GJmXFg&sigh=jAeeOCHYcqM&uach_m=[UACH]&cid=CAQSTADICaaNTVDxasBeWnqraYB1QftTdxB06qn-iB1EbQbnTeocvk-oqnSzvChhXBfd8ggLKTa04ZEN4O4PuPbwZkdBiwCf3cim1xjZpHYYAQ&cbvp=2&vis=1
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 8F8F 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=ksLwCsc1rAL6AZ2DYgICAAAAzVaKNqP44twJOY7bEK3SR2Xlv6-2Pi6xkBlDAAASAAAKCkFRVURBUUVCQVE&wp=ZUfSrQAKgP8Ke7FIAAds6LuVhbE9mX67PJdaRw&cbvp=2
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
176452
server
Kestrel
content-length
0
f42b96353b1a43b1bfb1603f72d7c24b_sabonroman.woff
static.criteo.net/design/dt/ Frame 1B31 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/f42b96353b1a43b1bfb1603f72d7c24b_sabonroman.woff
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
272164e5b3fb96e072257a2b6439d17a64d72018196ea36e8a73024c380dc9cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 01 Mar 2021 13:06:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"603ce6bb-6d70"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Oct 2024 17:36:47 GMT
prompt-400-latin.woff2
static.criteo.net/design/googlefont/prompt/ Frame 2AC8 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/prompt/prompt-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/prompt/prompt-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0dc405349b9e64616a3625673041771f2be733ebcb07688fcacd947401e40d34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/prompt/prompt-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:12:56 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f0e8-44e8"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 30 Oct 2024 17:36:47 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame ECC2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CpSIqrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBKsCT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zjtvtEnbqSNBjsQEo6OjIkzHeaOKgVqS5XG8h7P19jKQWCT4js0gbgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01ODcyNDYwNzM1MDI1Mjk4GJmXFg&sigh=jvBnfC_MOCw&uach_m=[UACH]&cid=CAQSTADICaaNTVDxasBeWnqraYB1QftTdxB06qn-iB1EbQbnTeocvk-oqnSzvChhXBfd8ggLKTa04ZEN4O4PuPbwZkdBiwCf3cim1xjZpHYYAQ&cbvp=2&vis=1
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame ECC2 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=ksLwCsQ1eNgEnYNiAgIAAADNVoo2o_ji3Ak5jtsQrNJHZQopej8NoMM6b2MAABIAAAoKQVFVREFRRUJBUQ&wp=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&cbvp=2
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:46 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
160962
server
Kestrel
content-length
0
csi
csi.gstatic.com/ Frame FE30 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lolr9jyr&chm=1&c=821912577806818&ctx=2&qqid=CL2My_OyrYIDFUixewod6GwHuQ&met.4=fb.4t~lb.cq~ol.lm~idt.3g~dt.-jk&met.3=733.cs~748.d4~749.dc~742.cs_q~736.g1~735.hf_1~374.hj~740.kj_1~739.kk~738.lm~113.o1_6~112.o0_7&met.1=1.lolr9jar~6.1~7.1~8.1~9.1~10.1~12.4~13.s~14.12~15.3z~16.kk~17.kk~18.kl~19.lm~20.lm~21.lm~22.7d~23.7d&met.7=CBsQCBgBKAEwJjiKBmgEcBx4iReAAd0UiAGSMLABAbgBAw~CCgQBRgBIK8BKK8BMJoCOGxQsAFY1AFgtwFo3gFwmQJ4rAKwAQG4AQM~CAkQChgBILQBKLQBMPQBOEBo5gFw9AF4rUuAAYFJiAHduwGwAQG4AQM~CBwQChgBILUBKLUBMPMBOD5o5gFw8gF4qxqAAf8XiAHoO7ABAbgBAw~CCIQBBgBILcBKLcBMLkCOIIBaPgBcLkCeKwCsAEBuAED~CCcQChgBILcBKLcBMMsBOBRougFwyQF4nW-AAfFsiAHpyQKwAQG4AQM~CB4QChgBILgBKLgBMMwBOBRougFwygF4gAyAAdQJiAGBFbABAbgBAw~CBwQChgBILgBKLgBMMwBOBRougFwygF4zkWAAaJDiAH1ogGwAQG4AQM~CE0QChgBILkBKLkBMOYBOC1ougFw0QF4x9wDgAGb2gOIAfLlC7ABAbgBAw~CBwQBhgBILkBKLkBMJwEOOQCaOYBcJgEeNYCgAEqiAEqsAEBuAED~CCkQBhgBILkBKLkBMI4DONUBaOYBcJICePSIiwGAAciGiwGIAciGiwGwAQG4AQM~CCIQBBgBIKcDKKcDMNgDODFoqANw1wN4rAKwAQG4AQM~CCcQBRgBIMYDKMYDMNQDOA9oyANw0wN4oWiAAfVliAH-sAKwAQG4AQM~CCgQChgBIJoGKJoGMKQGOAtomgZwoQZ4lcEBgAHpvgGIAar_A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1404::78 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 8F8F 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df0d3f5eed86511fa9135f21cbee65b08c1efc23fea10175b0f2db4bca19b670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 16:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
2851
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24425
x-xss-protection
0
server
cafe
etag
2680689839065237785
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 17:49:16 GMT
csi
csi.gstatic.com/ Frame 1D7D 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lolr9k0n&chm=1&c=821912577806818&ctx=2&qqid=CL6My_OyrYIDFUixewod6GwHuQ&met.4=fb.4w~lb.db~ol.lj~idt.36~dt.-ju&met.3=733.de~748.dp~749.du~742.de_l~736.fr~735.h6_1~374.i6~740.kh_1~739.ki~738.li~113.pm_3~112.pm_3&met.1=1.lolr9jb1~6.1~7.1~8.1~9.1~10.1~12.2~13.s~14.s~15.3v~16.ki~17.ki~18.ki~19.li~20.li~21.lj~22.73~23.73&met.7=CBsQCBgBKAEwHDiHBmgCcBx4iReAAd0UiAGSMLABAbgBAw~CCgQBRgBILEBKLEBMJMCOGJo1QFwkgJ4rAKwAQG4AQM~CAkQChgBILYBKLYBMPMBOD1o3AFw8AF4rUuAAYFJiAHduwGwAQG4AQM~CBwQChgBILcBKLcBMOkBODNo3AFw6QF4qxqAAf8XiAHoO7ABAbgBAw~CCIQBBgBILkBKLkBMLACOHdQzwFY6wFg1gFo7QFwrwJ4rAKwAQG4AQM~CCcQChgBILoBKLoBMM8BOBZowQFwywF4nW-AAfFsiAHpyQKwAQG4AQM~CB4QChgBILoBKLoBMNQBOBpowQFwzgF4gAyAAdQJiAGBFbABAbgBAw~CBwQChgBILoBKLoBMNABOBZowQFwzQF4zkWAAaJDiAH1ogGwAQG4AQM~CBwQBhgBILsBKLsBMIMDOMgBUL0BWNUBYMUBaNsBcIADeNYCgAEqiAEqsAEBuAED~CE0QChgBILsBKLsBMO8BODRowQFw6wF4x9wDgAGb2gOIAfLlC7ABAbgBAw~CCkQBhgBILsBKLsBMIcCOExQvgFY1gFgxQFo3AFw6AF4lP4JgAHo-wmIAej7CbABAbgBAw~CCIQBBgBINsCKNsCMJEDODdo3AJwkQN4rAKwAQG4AQM~CCcQBRgBIPkDKPkDMIYEOA1o-gNwhQR4oWiAAfVliAH-sAKwAQG4AQM~CCgQChgBIJMGKJMGMJ0GOApolAZwmwZ4lcEBgAHpvgGIAar_A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1404::78 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame ECC2 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df0d3f5eed86511fa9135f21cbee65b08c1efc23fea10175b0f2db4bca19b670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 16:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
2851
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24425
x-xss-protection
0
server
cafe
etag
2680689839065237785
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 17:49:16 GMT
csi
csi.gstatic.com/ Frame 8F8F 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lolr9k3f&chm=1&c=821912577806818&ctx=2&qqid=CL-My_OyrYIDFUixewod6GwHuQ&met.4=fb.4w~lb.ds~ol.oq~idt.2u~dt.-k6&met.3=492.4z_1~492.50~733.du~748.e6~749.e7~742.du_h~735.gv_1~740.kh_1~739.ki~738.oq~113.s2_1~112.s2_1&met.1=1.lolr9jbd~6.0~7.0~8.0~9.0~10.0~12.3~13.p~14.q~15.3q~16.ki~17.ki~18.ki~19.oq~20.oq~21.oq&met.7=CBsQCBgBMBo4-gZoA3AZeIkXgAHdFIgBkjCwAQG4AQM~CBsQBSC0ATjeBA~CB4QChgBILoBKLoBMM8BOBVovgFwzAF4gAyAAdQJiAGBFbABAbgBAw~CBwQChgBILoBKLoBMM8BOBVovwFwzAF4zkWAAaJDiAH1ogGwAQG4AQM~CBEQChgBILoBKLoBMM8BOBVovwFwzQF4rjSAAYIyiAGLvQGwAQG4AQM~CE0QChgBILoBKLoBMPEBODdovwFw4AF4x9wDgAGb2gOIAfLlC7ABAbgBAw~CCEQBhgBIJIGKJIGMMYGODM~CBsQBiCTBjgy~CCgQChgBIKUHKKUHMK4HOAlopgdwrQd4lcEBgAHpvgGIAar_A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1404::78 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame ECC2 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lolr9k4s&chm=1&c=821912577806818&ctx=2&qqid=CMKMy_OyrYIDFUixewod6GwHuQ&met.4=fb.4i~lb.dn~ol.qm~idt.24~dt.-kw&met.3=492.4i~492.4j~733.dp~748.e4~749.e9~742.dp_n~736.ep~735.g6_1~740.jt_1~739.jt~738.qm~113.sq_2~112.sp_3&met.1=1.lolr9jc3~6.1~7.3~8.3~9.3~10.3~11.3~12.4~13.j~14.l~15.35~16.jt~17.jt~18.jt~19.ql~20.ql~21.ql~22.f8~23.f8&met.7=CBsQCBgBKAEwFTi-B2gFcBR4iReAAd0UiAGSMLABAbgBAw~CBsQBSCjATi7BQ~CB4QChgBILABKLABMMABOBBotQFwvwF4gAyAAdQJiAGBFbABAbgBAw~CBwQChgBILABKLABMMEBOBFotQFwwAF4zkWAAaJDiAH1ogGwAQG4AQM~CBEQChgBILABKLABMMIBOBFotQFwwQF4rjSAAYIyiAGLvQGwAQG4AQM~CE0QChgBILEBKLEBMN0BOC1otQFw0AF4x9wDgAGb2gOIAfLlC7ABAbgBAw~CCEQBhgBIN4GKN4GMJIHODM~CBsQBiDeBjgO~CCgQChgBINIHKNIHMNsHOAlo0wdw2Qd4lcEBgAHpvgGIAar_A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1404::78 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles.css
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/ Frame B984 		36 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e59c79c198476d8b48b3292805b2c97f96b737328d956158e52109766f64ad3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
gzip
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
37497
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"PSA-aj-8uD94D-oYB"
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1378813
content-length
1761
x-amz-cf-id
U27Hi4q6nIdfedGaCNGdo_qRswiTZhIj8G6F4mDRo_H36PBqY0WQqw==
expires
Tue, 21 Nov 2023 16:37:01 GMT
all.css
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/fa-5.15.1/css/ Frame B984 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/fa-5.15.1/css/all.css
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
672cad7677095651c6240ced97dfd1fcdd9e727b29c07215e5f84e2bb5507f16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
gzip
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
73625
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"PSA-aj-3fi2KfM5qy"
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1378850
content-length
12604
x-amz-cf-id
-w-0x5geUypoU_94nl77JBDIxpH9xO8voJNKFguHrbRaruhKfWBQrA==
expires
Tue, 21 Nov 2023 16:37:38 GMT
placeholder_mnc_portal_indonesia.png
cdn.okezone.com/underwood/revamp/asset/img/ Frame B984 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/asset/img/placeholder_mnc_portal_indonesia.png
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
1f678bb141f19df947376b9c9e0a8e6c09e805bde309818494806b3e34b35a24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
32914
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"PSA-aj-_nl4psT8Ua"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2538205
accept-ranges
bytes
content-length
30268
x-amz-cf-id
lFYvbri20QoBvcnnolOWbhBfWpHVJQRDGUbu76o0NbAFxkLkDAnyZw==
expires
Tue, 05 Dec 2023 02:40:13 GMT
inews.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame B984 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/mncgroup/portal/inews.png
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
80d9eee404d64277aedda2b2f4e24e6b45e49cd1fc84d5d0750d20135dee4241

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
1916
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"PSA-aj-ItCA29iY0X"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1378830
accept-ranges
bytes
content-length
1902
x-amz-cf-id
5VxIRqBlQcF3K05NlDYgu_-CqjB354SPragyFjzSpLuFkD62AYwRfg==
expires
Tue, 21 Nov 2023 16:37:18 GMT
idx_simple.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame B984 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/mncgroup/portal/idx_simple.png
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c8cdc80bcc7e8f046889f36c7a6fb85939969429b33937f122eb8db920e768c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
13405
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"PSA-aj-ynhC4ViFMt"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1378882
accept-ranges
bytes
content-length
4649
x-amz-cf-id
QxoKDMwlKrtOpHtVhJ4MDA5MXb86G2pGddrV-Lh2TFY1LSpa3mjxOg==
expires
Tue, 21 Nov 2023 16:38:10 GMT
mnctrijaya.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame B984 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/mncgroup/portal/mnctrijaya.png
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
f0e0f85d2239bedc9d11a77ca7b647cca281ea1be72731f5239ea482c828f01a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
13116
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"PSA-aj-qAx-oOOL5R"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1379064
accept-ranges
bytes
content-length
10422
x-amz-cf-id
o8tgMBTof5crMPFMf2hO0DRsbXWk5MFvGDhX6Zafq3x4C9jVHNjP-w==
expires
Tue, 21 Nov 2023 16:41:12 GMT
sindonews.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame B984 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/mncgroup/portal/sindonews.png
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ecdbf9b9d351f5f5fadd54fc1713931a02fab5dbe76698b5fedc240a0d727ca4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
4018
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"PSA-aj-scGGmu-WOv"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1635377
accept-ranges
bytes
content-length
4016
x-amz-cf-id
bwImQUw2-WzDvPXp0DcVPUqigkPorq4kb7S8huLA6aiDifn2mg0Fkg==
expires
Fri, 24 Nov 2023 15:53:05 GMT
jquery-3.6.0.min.js
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/js/ Frame B984 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/js/jquery-3.6.0.min.js
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
gzip
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
89501
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"PSA-aj-vSq_cOaZon"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1634665
content-length
30812
x-amz-cf-id
C9HgLkUxtQ37_YX7VlwymwMJEMKC8h-SBmIzXU_hiMS7ulyScO8cWw==
expires
Fri, 24 Nov 2023 15:41:13 GMT
swiper-bundle.min.js
unpkg.com/swiper@11.0.3/ Frame B984
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.min.js
  • https://unpkg.com/swiper@11.0.3/swiper-bundle.min.js
145 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@11.0.3/swiper-bundle.min.js
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdbb17d7117737eacfc3f1ae776596878488229b2e7fc16268e2437b22205935
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
301534
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HE79BVZQJHND8P5H5EWDBT07-fra
server
cloudflare
etag
W/"242bf-2N0GLOBvTJ/c5Uxc+t+Dm13nlPw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8216dc695af539eb-FRA

Redirect headers

date
Sun, 05 Nov 2023 17:36:47 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HEG8BYR264NYNTCZXAKZAD6M-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
590
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/swiper@11.0.3/swiper-bundle.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
8216dc693aca39eb-FRA
lazy-load.js
cdn.okezone.com/underwood/revamp/asset/js/ Frame B984 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/asset/js/lazy-load.js
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
b07db8d620a459e39f88f2a9b4724a11a9ef239ceff51172dd08bb95738f7e6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
gzip
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
4191
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
W/"PSA-aj-S3tpLVy6ub"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2531836
content-length
1292
x-amz-cf-id
O-xHO5h5HDdCD4bnzDy2OZHiTDoZfDbgtUidTk2_F7sDRH4XT6DpQg==
expires
Tue, 05 Dec 2023 00:54:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3699 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BZ585rdJHZf2BKsji7gPo2Z3ICwAAAAA4AeAEAg&bg=!sbKlsv3NAAb4oU7C2KE7ADQBe5WfOAWwY_JD015_V6jmXbh0w5Pbz5D0mupXsB5Tcf0YWXjOHIda0CdFa3fKECmOP5ovAgAAATNSAAAACWgBB5kDQULeXkTe7it_eGkrSsN2rhevTXx7m_07k9AN6hBl-jEPPNaaXV_w3HUfkO4rOb8MgQqHIOpNjGmDPmf_mJJRlSQ12XRgVESFKMWp9DdlyN6n86hYFxIkCDGE-DdEaOahyzzzzdfUH6DDt1p5dqr5m1aBHkZUkwrU6UkMPe1gVE9UxrOyJBpaltNL-W8WLT1kHuwywb5OpPj5VC1QrwkyfRcX_OpaPBrAiXMFq1pV6KOyMhvtQ4JldtrgjrxaNcWBpTjtBDydcq0dSIAdpN4_0Rcbr09wU78i6OI92PwTe0E6sD8CTEXPZM5p9fZwsnLTLXK3LR344sHGFnnHTx5h1cVrP7WmghKFIIQuFMAU6KmNZoxvayzUC98TGWsAHs40qO3VWzMEZkeQwK6Ir2PdMVYTHfip6yZOcpQkumQgeyax1_rFYTVWPDZmXD5Qogpj4C0BMm-2ZzyjlXhRB22DmiaOM63ZTnVlQNbKUalokLAkA3Bmby7hO_uo5qlUt3WQvzgXbCsrJuCWQmZ5_D4_cgQFiF6mRK56NSAZDe0gtdYRq6jqgN7vzHB27V4695eA5CiRtbQqcRQ02vBzd0GHKqqebvmoclUpy_Ymz5z4LNaoHZgvqdzvaDAbihu6Pc_-O8JfThNYiplC9ef7BVJTdjmVEFPVl6Y6UXfXGxnl670r73aulos9UF1wXA2Rr__5ew029Fedk_r9iPiwMdS56zXmQLIyE2WkUFdgff_M1Z8xtNnl-zwfw_RKyOTXt6w_0CD0qga0ZpNme_Xa18WT-2XHc080f-zGp8Gm3vd6ni3TtAPMuVUTpbe1f2SUO8zoNWEHZc30z6DnTOWw0WwCMRQtYQmEQ_Fv8-bwQXFJWlcinLO0EBNIhDdY5WZn0X6BN8_SwoFjslczyI_WaIKZYbqqd3jTiSP86PEdDtqDvR47YcgcsojKzFoTDcDSqrsnbc3IiuWZyG0m6mhdXzR2z0D6PyKW5RwIHhW6ptfuVHr3ANY0780kk9ZtPtrNDxNLEIQTgcVEBt8ujf-QHSQOm0Npxobkc_YfX_Oi0uWDv6go76SGYvjEUFOtvjHotGIKgzeAGPjWhr3oqFQMW7_zLTWT
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 602A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B-iPgrdJHZf6BKsji7gPo2Z3ICwAAAAA4AeAEAg&bg=!urmlufbNAAb4oU7C2KE7ADQBe5WfODIt0eiBbTi887z0JqaNiuSa5xYxcFLgsiq1V9tdf78LJg8iNSTsX8Z8aSohNUI2AgAAAThSAAAABmgBBwoAI2NT7XYGcjsCFucXLlVkw4fI0wF8A9O-h-_cgy17W-oliRwXmQMwfiCfj-zow1yGXXcyNlFFzAnvOGPqyFqOmA8MB2B5s--DzXZVLOLrzE5VCPA3r6rNtzHxl6BA3l-6E4so5mYDckFK-kuVYdephe6oq90RXmgDWFzMdc5LMfpVGt7tC6eIG9F0t0gRQgBaZwxvp0mOslpPTMra229E_uaw7jXnmDZYJf75pMpVstgq_T4brwOoj5RqOvzbk0qIbdj_hnyB_9VStDUP_g487uDtuZ25tjfi57w_l3fCcRRxm8kcXYGTWG9iEEadWCMnJB8etUIsleF4kmQYbB5UjdqfTq0yQ61XLFjPGWcG6Mp1uUZfT-UgZDpnoO4FfiWIH7uuRGhPcmaRUNtroIRa6haWVcSt1avBAJ_S0laa1njZq_2yasng04C7uSWvqh5gH3XrjpjdwLFIR9gvEu_eU8bIoFjbsU4t8bM6VofgX6YWS-5qybhE_CWchlyFB4uWR-QyeXWSlpwok_VLJyh46Iftg_FekZe4IT9kvXrFWUZrURDYeM6BXO5Bs-cNGF51SDIT9fH_m4_qVZh41DK0OWZGpi3ZFLf0jsen8I_r4lYbM46Dr6_k_QE_897pyd-c4m2NvHYOFwkJ3Lm-kp9ERSMbDKDlL2Jsf47KDMRs10FbFHQjBCMSuVxemoLkd_lIUUtTsxamZzA1EYFD57HRiSPhqoUpxv_4y3pa3pH5KOzK0nk__iwq9lL0_J_S-BI-C5muEdTtl_8wqV9PjHLFWXiQBD7gEv-kBYgnPt8K4-KeL88qD4Y3aZMTS7q0l2WBFLfHZWT6XxKIIb5-TjUQBrQEl-Cb1arzrBnB5vMSBGKRUTAAueqvzEbPTNJoF4AA9Uwpbm-0f9q8eDoIHcyD4EwqSHWbza8mx12qSBIPXysI0DE9lDtFDBKui9iyO_bYRI-Upkjaro6-I7qIyUwvd5aVe0Q8NHgpiACl9nyKBPCALSwaTyE0y76TVzr05jMEcy-AUOMSX7EgbuRX-j_MccWMq7_kLzqQo_0j8mPQKyS69ZfjAHArIlnqYzZ3YepmUqWyt6fKc86XSozhucCQI6EUj6SychugOUX0-gcknyEUSJojHJE0
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xred.png.pagespeed.ic.jpXU9Y2YLq.png
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/images/ Frame B984 		122 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/images/xred.png.pagespeed.ic.jpXU9Y2YLq.png
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
45ad770b839452a1f5a64e57052d2b7ea4f41e8d9bfe95507d085c3439f73609

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
via
1.1 4eceffc8a157336b4f146e9b841ee3e4.cloudfront.net (CloudFront)
x-original-content-length
135
x-amz-cf-pop
DUS51-P3
x-cache
Miss from cloudfront
content-length
122
x-page-speed
Powered By okezone.com
last-modified
Tue, 24 Oct 2023 17:47:51 GMT
server
nginx/1.20.1
etag
W/"0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
link
<https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/images/red.png>; rel="canonical"
x-amz-cf-id
0CXdFQSt7CNto2n_Qw2g4s6Lr9uLN22A4_MDwHTAX6sSqippqnTRZA==
expires
Wed, 23 Oct 2024 17:47:51 GMT
Roboto-Medium.ttf
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/roboto/ Frame B984 		175 KB
176 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/roboto/Roboto-Medium.ttf
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
1bcc94e40f42e94375694b00d4f60d5eb609cfda21f7c64d58cb4a270823200f

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Origin
https://sindikasi.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
via
1.1 96715c2264ed86dcc0da2beca3559080.cloudfront.net (CloudFront)
last-modified
Mon, 13 Dec 2021 13:00:33 GMT
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"61b743f1-2bc60"
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
179296
x-amz-cf-id
zMHEHZLaey9A2wBpwwZCn1ytX17H7_nDkpqoUzjg9eZJEK1T8odqmg==
expires
Tue, 05 Dec 2023 17:36:47 GMT
Roboto-Bold.ttf
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/roboto/ Frame B984 		166 KB
167 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/roboto/Roboto-Bold.ttf
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
6c01f8b138e3f7110a33606de5e2758d5fecb58e114be771b96fffa3bbd48bbe

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Origin
https://sindikasi.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
via
1.1 96715c2264ed86dcc0da2beca3559080.cloudfront.net (CloudFront)
last-modified
Mon, 13 Dec 2021 13:00:28 GMT
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"61b743ec-297ec"
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
169964
x-amz-cf-id
p_CvG59VPZo8JXWDKeBh1VIRyR0pTqvqySfzIpmaU992I99iyy8aCg==
expires
Tue, 05 Dec 2023 17:36:47 GMT
Heebo-Regular.ttf
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/heebo/static/ Frame B984 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/heebo/static/Heebo-Regular.ttf
Requested by
Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2440:3e00:b:f60d:7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
cc7029afe33654ed250644d8dfa2daa4ab0549731816980ab4733d92b86b1fca

Request headers

Referer
https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Origin
https://sindikasi.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
via
1.1 96715c2264ed86dcc0da2beca3559080.cloudfront.net (CloudFront)
last-modified
Mon, 13 Dec 2021 13:00:32 GMT
server
nginx/1.20.1
x-amz-cf-pop
DUS51-P3
etag
"61b743f0-8110"
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
33040
x-amz-cf-id
yIfOu85jo81AgTXUpe-jiC_-VFxgoCiA1LkDlKBWzJ-S_ehSVsb7HA==
expires
Tue, 05 Dec 2023 17:36:47 GMT
css2
fonts.googleapis.com/ Frame EBDF 		9 KB
773 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500;600&display=swap
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/wat-23110512/merah-padam/berstatus/rekap-yasin-bagian-2-lupa-al-quran?fr=oz&v=1699205806455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b6a35a35ba46e8b654a213ea4b8c8685e159595fa4079fe7429f91d74773f551
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 05 Nov 2023 17:36:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Nov 2023 17:36:47 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame EBDF 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/wat-23110512/merah-padam/berstatus/rekap-yasin-bagian-2-lupa-al-quran?fr=oz&v=1699205806455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
10149697
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbSBvouSQPP7lllXibcGXRqw9Szvm9QvhqP%2BPi7nkULI3n6Hn%2FU05JVqzrAqvwn5hmiiP4azuo%2BGKs4%2BS3XTy2YclOH3Xl8zXDqqe%2FHcoZ3HX0yeYzRH1ez521qm4p5FFFL8l4QD6PgZdd2zQjjbkiOq"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8216dc6aeafa37e4-FRA
expires
Fri, 25 Oct 2024 17:36:47 GMT
js
www.googletagmanager.com/gtag/ Frame EBDF 		174 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-111351533-7
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/wat-23110512/merah-padam/berstatus/rekap-yasin-bagian-2-lupa-al-quran?fr=oz&v=1699205806455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
887ddeed83642fc140e512d4d9f75cd9c131cb7f0e119a46130707b9665b8175
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64912
x-xss-protection
0
last-modified
Sun, 05 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 05 Nov 2023 17:36:47 GMT
js
www.googletagmanager.com/gtag/ Frame EBDF 		186 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-154114411-1
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/wat-23110512/merah-padam/berstatus/rekap-yasin-bagian-2-lupa-al-quran?fr=oz&v=1699205806455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
42f4ba58be3e1876ab594f318eba16df928408c6943532fb37197c55f7282bb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68926
x-xss-protection
0
last-modified
Sun, 05 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 05 Nov 2023 17:36:47 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame EBDF 		99 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/wat-23110512/merah-padam/berstatus/rekap-yasin-bagian-2-lupa-al-quran?fr=oz&v=1699205806455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70a76349d0357c724727ea5a2f2a52ec8a6049f6513494e782b8cbe1e5167aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31047
x-xss-protection
0
server
cafe
etag
507 / 19666 / m202310310101 / config-hash: 7101305502720886139
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 17:36:47 GMT
logo_visionplus_web.png
cluster-images.visionplus.id/static/appcfg/ Frame EBDF 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cluster-images.visionplus.id/static/appcfg/logo_visionplus_web.png
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/wat-23110512/merah-padam/berstatus/rekap-yasin-bagian-2-lupa-al-quran?fr=oz&v=1699205806455
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.147.193.157 Kebon Sirih, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS
ip-193-157.mncplaymedia.com
Software
nginx /
Resource Hash
f96ac4bfbe8f38c87b6a1cb17ae97e9740d9020992c58250d170505e705e54b6
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.mncnow.id *.google.com *.okezone.com ;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors *.mncnow.id *.google.com *.okezone.com ;
last-modified
Mon, 31 Jul 2023 10:16:04 GMT
server
nginx
content-encoding
gzip
etag
W/"64c789e4-1411"
vary
Accept-Encoding
content-type
image/png
link
<https://cluster-images.visionplus.id/static/appcfg/logo_visionplus_web.png>; rel="canonical"
x-xss-protection
1; mode=block
testbanner1234_1698657509_653f74e5b363c.jpg
cluster-images.visionplus.id/static/wdgt/ Frame EBDF 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cluster-images.visionplus.id/static/wdgt/testbanner1234_1698657509_653f74e5b363c.jpg
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/wat-23110512/merah-padam/berstatus/rekap-yasin-bagian-2-lupa-al-quran?fr=oz&v=1699205806455
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.147.193.157 Kebon Sirih, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS
ip-193-157.mncplaymedia.com
Software
nginx /
Resource Hash
725da4d6cda7cb833a2a19de66b994232bb9f3c8f6395723a3476ffe96595ea5
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.mncnow.id *.google.com *.okezone.com ;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors *.mncnow.id *.google.com *.okezone.com ;
last-modified
Mon, 30 Oct 2023 09:18:29 GMT
server
nginx
content-encoding
gzip
etag
W/"653f74e5-185d5"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800
link
<https://cluster-images.visionplus.id/static/wdgt/testbanner1234_1698657509_653f74e5b363c.jpg>; rel="canonical"
x-xss-protection
1; mode=block
expires
Sun, 12 Nov 2023 17:36:48 GMT
80x120_1697169868_6528c1cc15686.jpg
cluster-images.visionplus.id/static/wdgt/ Frame EBDF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cluster-images.visionplus.id/static/wdgt/80x120_1697169868_6528c1cc15686.jpg
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/wat-23110512/merah-padam/berstatus/rekap-yasin-bagian-2-lupa-al-quran?fr=oz&v=1699205806455
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.147.193.157 Kebon Sirih, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS
ip-193-157.mncplaymedia.com
Software
nginx /
Resource Hash
76801411a7fcb3fcc6b272efec30ae1023f94390f86fa9a680fb0d69c446d262
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.mncnow.id *.google.com *.okezone.com ;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors *.mncnow.id *.google.com *.okezone.com ;
last-modified
Thu, 26 Oct 2023 11:22:08 GMT
server
nginx
content-encoding
gzip
etag
W/"653a4be0-aa4"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800
link
<https://cluster-images.visionplus.id/static/wdgt/80x120_1697169868_6528c1cc15686.jpg>; rel="canonical"
x-xss-protection
1; mode=block
expires
Sun, 12 Nov 2023 17:36:48 GMT
widget_arctic-open_80x120_1696922925_6524fd2d1f370.jpg
cluster-images.visionplus.id/static/wdgt/ Frame EBDF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cluster-images.visionplus.id/static/wdgt/widget_arctic-open_80x120_1696922925_6524fd2d1f370.jpg
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/wat-23110512/merah-padam/berstatus/rekap-yasin-bagian-2-lupa-al-quran?fr=oz&v=1699205806455
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.147.193.157 Kebon Sirih, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS
ip-193-157.mncplaymedia.com
Software
nginx /
Resource Hash
76801411a7fcb3fcc6b272efec30ae1023f94390f86fa9a680fb0d69c446d262
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.mncnow.id *.google.com *.okezone.com ;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
frame-ancestors *.mncnow.id *.google.com *.okezone.com ;
last-modified
Thu, 26 Oct 2023 11:22:08 GMT
server
nginx
content-encoding
gzip
etag
W/"653a4be0-aa4"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800
link
<https://cluster-images.visionplus.id/static/wdgt/widget_arctic-open_80x120_1696922925_6524fd2d1f370.jpg>; rel="canonical"
x-xss-protection
1; mode=block
expires
Sun, 12 Nov 2023 17:36:48 GMT
beacon.js
sb.scorecardresearch.com/ Frame EBDF 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/wat-23110512/merah-padam/berstatus/rekap-yasin-bagian-2-lupa-al-quran?fr=oz&v=1699205806455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-56.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 06:14:39 GMT
content-encoding
gzip
via
1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
41357
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
aTUUXPqO-DfcaILDZrVcYl__t_iiM8OLIH5bg5pVpYVH2horTWWAWg==
gtm.js
www.googletagmanager.com/ Frame EBDF 		192 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TRZJRWG
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/wat-23110512/merah-padam/berstatus/rekap-yasin-bagian-2-lupa-al-quran?fr=oz&v=1699205806455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3386e87428f91bca82f9d33873f36236604d4a642c1971f9b85f07634a0b3ad3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69821
x-xss-protection
0
last-modified
Sun, 05 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 05 Nov 2023 17:36:47 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame EBDF 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.visionplus.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 18:19:05 GMT
x-content-type-options
nosniff
age
256662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 18:19:05 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ Frame EBDF 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.visionplus.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1722950
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHoRDaPA11R0%2FnhPiKLs0jwWSrGT2bN5K5EwWgjXDmIibVciBqnkqxhLEpo%2F3d2mAB8jl4FNNsZJbC23HVjhY4stjjBEgs3GYFhgopGcMoEpb9jZ1spQKLu6WOMW2SgSHqr0NkpHiJqoCZe59hwXAjMj"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8216dc6b2efd65b5-FRA
expires
Fri, 25 Oct 2024 17:36:47 GMT
b
sb.scorecardresearch.com/ Frame EBDF 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=9013027&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1699205807869&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.visionplus.id%2Fwat-23110512%2Fmerah-padam%2Fberstatus%2Frekap-yasin-bagian-2-lupa-al-quran%3Ffr%3Doz%26v%3D1699205806455&c8=Vision%2B&c9=https%3A%2F%2Fbola.okezone.com%2F
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/wat-23110512/merah-padam/berstatus/rekap-yasin-bagian-2-lupa-al-quran?fr=oz&v=1699205806455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-56.ams1.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
via
1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS1-P1
x-amz-cf-id
R5k5kvOYwzx2bJhvzdqYKGTrSE2b2TvoHA8rrIvvfsxHCz2D82ls7A==
x-cache
Miss from cloudfront
bencana_pohon_tumbang_kota_bogor.jpg
img.inews.co.id/media/150/files/inews_new/2023/11/03/ Frame B984 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.inews.co.id/media/150/files/inews_new/2023/11/03/bencana_pohon_tumbang_kota_bogor.jpg
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1e6375058725bb7a4521f1494ba3299c9747446c3f6917b3a192486ab58a9d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
via
1.1 7f0813b44b225b7cfed233d5c2caab52.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-original-content-length
4197
x-amz-cf-pop
AMS58-P6
age
1689
x-cache
Miss from cloudfront
content-length
3828
cf-bgj
h2pri
server
cloudflare
etag
W/"PSA-aj-SrqvOXu9KT"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=315359912
accept-ranges
bytes
cf-ray
8216dc6b8f146945-FRA
x-amz-cf-id
FZGOH5ojugZGHZ6q2mnZCI4m4cThuedw2VO7e4lcpVj9KnN_gRMybg==
expires
Wed, 02 Nov 2033 17:35:19 GMT
cuaca_panas_terik.jpg
img.idxchannel.com/media/150/images/idx/2023/10/09/ Frame B984 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.idxchannel.com/media/150/images/idx/2023/10/09/cuaca_panas_terik.jpg
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
353d7fd9d1796f348c611b3915fb38d381b6bd5e4b473fa6d5a29a5fa8e455bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
via
1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-length
2846
last-modified
Mon, 09 Oct 2023 02:03:43 GMT
server
cloudflare
etag
W/"65235f7f-76c8"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8216dc6b7f44048b-FRA
x-amz-cf-id
GFKsh1bULGwfPTkEDhd8S5YiV3U2qpHwmhV-t_kYazTwLaZNKlZ8dg==
expires
Mon, 06 Nov 2023 17:36:48 GMT
IMG-20231105-WA0030.jpg
www.mnctrijaya.com/uploads/news/ Frame B984 		274 KB
275 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mnctrijaya.com/uploads/news/IMG-20231105-WA0030.jpg
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:b400:b:8989:4a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
83e0e5e4f8646842462731bc12190017d01069779b84f93508159933a6700b4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
last-modified
Sun, 05 Nov 2023 15:01:58 GMT
server
nginx
x-amz-cf-pop
DUS51-P1
etag
"6547ae66-4480b"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
280587
x-amz-cf-id
VKceCV0D539UPZbvzq9lzRvF_NnOUp9Wwu79sTJKg8EV3UOrsabNVg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
momen-ganjar-membuat-kue-lapis-khas-palembang-bersama-pelaku-umkm-vmu.jpg
pict.sindonews.net/dyn/150/pena/news/2023/11/06/12/1244139/ Frame B984 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pict.sindonews.net/dyn/150/pena/news/2023/11/06/12/1244139/momen-ganjar-membuat-kue-lapis-khas-palembang-bersama-pelaku-umkm-vmu.jpg
Requested by
Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/okezone/vertikal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec92722d63a22a3508a4c7128d76ecce3c19ea2b4696b128cc468dd96c11e9df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sindikasi.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
strict-transport-security
max-age=15552000
via
1.1 60fbd37e02af93daf30940afee9b7698.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
MXP53-P2
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
5490
pragma
public
last-modified
Sun, 05 Nov 2023 17:32:26 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
8216dc6b7bff2bad-FRA
x-amz-cf-id
i6whH-BoG0bNuxGX6T3m1jyBvlCyDrMI80hBrg-Qn06SgLV1Q9zLcw==
js
www.googletagmanager.com/gtag/ Frame EBDF 		227 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H9JR75YQGT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-154114411-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0a1f2ee564aaa598ef7621d1d0cc47838671eafe35575b47f9cc99d58e12570d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81846
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 05 Nov 2023 17:36:47 GMT
js
www.googletagmanager.com/gtag/ Frame EBDF 		174 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-111351533-7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-154114411-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
19e8d2c95500fa5dc82277ff23af527d9bfc8c176a19814f326a640da993a37f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64865
x-xss-protection
0
last-modified
Sun, 05 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 05 Nov 2023 17:36:47 GMT
analytics.js
www.google-analytics.com/ Frame EBDF 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-154114411-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 05 Nov 2023 15:51:32 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6315
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 05 Nov 2023 17:51:32 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame ECC2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusDRXaj828Da5p-Qik-tq_kQ4ca9PqUZ-UPLVOe0kl8paCWts2viAZ4jUmBxyp5fDaP9zj-5FJnPsygrR6iT7iCvsEbwI5DCpmDfB4Z0qUSokO4_bX&sig=Cg0ArKJSzCvGYIPxc0kZEAE&id=lidar2&mcvt=1035&p=0,150,600,270&mtos=1035,1035,1035,1035,1035&tos=1035,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4144544727&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699205806371&rpt=513&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FE30 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst50oXUuK8TuH45RQL5QPYYvZLWyGFwybfa79NitIV1-4-IKCKCggIo5Vlpqu63aqVofQavJyk91FQgg8G4lPpm_omOKyFMl_7upwkSQgaMFSIz7hntkCf6h_79alQ6FkgTqoxUOgweQ8up&sai=AMfl-YRtAXiguU4PnSIwJXqsS-hVBnzqOSaE5ve-3aiZxSTeT2mo-Etff48ktmZlPdDQRDupVFoSD7Cd1Crixl6JmCRQaCEODZaeYYylpRikpEGDpKTmqUStQtz0QHTEXyvdl7If5MENGRRUKp_Sag&sig=Cg0ArKJSzPO6jKZh6sRdEAE&cid=CAQSTADICaaNTVDxasBeWnqraYB1QftTdxB06qn-iB1EbQbnTeocvk-oqnSzvChhXBfd8ggLKTa04ZEN4O4PuPbwZkdBiwCf3cim1xjZpHYYAQ&id=lidar2&mcvt=1037&p=468,1019,718,1319&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3833774299&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699205806323&rpt=480&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1D7D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtNY1cLjCiqLv_yq5KB68x9JuHW0j7PopbVD1JWeA4S48AxoXYOUQ1VhlVpm63voNckGTNPHnCRpMg5gN8N97PnwITURtgUeKMU6rlCp45vCkFEh6lnCXXvtCqHFNcPbI&sai=AMfl-YQI7TgRZ6CGIQeicx6vJuN1lz4GKoztblejhRxF789FFDr9z64klSP3G4CeJXXrn5T-WcZlX5vjh6W8VeuCcNd_xWvdJ7IkJcJy-tPPkObe45cdpmHHsdShN8GRQQ9_a5Z6tCgYpTX2DWmRlA&sig=Cg0ArKJSzAvP-B3DuQV0EAE&cid=CAQSTADICaaNTVDxasBeWnqraYB1QftTdxB06qn-iB1EbQbnTeocvk-oqnSzvChhXBfd8ggLKTa04ZEN4O4PuPbwZkdBiwCf3cim1xjZpHYYAQ&id=lidar2&mcvt=1038&p=733,1019,1333,1319&mtos=0,1038,1038,1038,1038&tos=0,1038,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=0.78&if=1&vu=1&app=0&itpl=20&adk=2413034830&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699205806333&rpt=499&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4D25 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgJNXrPERiq1XTIMTl6JhY1_ulx5ml6kV_ApGcME2Fk94VBRHhZy5f0PaQZWkJghjPbgNJlRPJnprP33Z_NAtw7glj-uy_e4KeRE2pQ8fAy1J2k8wqxpX6-8lYcoJqiD83ddxIGejOgsP-&sai=AMfl-YQL4305Hl0dJ6IxFv2FxMOC8qzmsPzENpGLK-rOAySGQZlze37rCOH6bW6zzOJWadqqXv9M5_n0IQmfqKU1bD5OWUwh20KuR7Gh9IRQl9oYCk4WwlsknSdJlX7HBHPavMbfxR8dOiS_Miijog&sig=Cg0ArKJSzFB2A9_av-PkEAE&cid=CAQSTADICaaNTVDxasBeWnqraYB1QftTdxB06qn-iB1EbQbnTeocvk-oqnSzvChhXBfd8ggLKTa04ZEN4O4PuPbwZkdBiwCf3cim1xjZpHYYAQ&id=ampim&o=315,208&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1016&mtos=0,0,0,1016,1016&tos=0,0,0,1016,0&tfs=659&tls=1675&g=100&h=100&tt=1675&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/ Frame EBDF 		425 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 13:24:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
15148
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136288
x-xss-protection
0
server
cafe
etag
17302374607849014435
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 04 Nov 2024 13:24:19 GMT
collect
www.google-analytics.com/j/ Frame EBDF 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=684798166&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fwat-23110512%2Fmerah-padam%2Fberstatus%2Frekap-yasin-bagian-2-lupa-al-quran%3Ffr%3Doz%26v%3D1699205806455&dr=https%3A%2F%2Fbola.okezone.com%2F&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=301x625&je=0&_u=YEBAAUABAAAAACAAIC~&jid=337755066&gjid=1463436503&cid=543031854.1699205808&tid=UA-154114411-1&_gid=1673216033.1699205808&_r=1&gtm=457e3b11&gcd=11l1l1l1l1&jsscut=1&z=502231148
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.visionplus.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ Frame EBDF 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=684798166&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fwat-23110512%2Fmerah-padam%2Fberstatus%2Frekap-yasin-bagian-2-lupa-al-quran%3Ffr%3Doz%26v%3D1699205806455&dr=https%3A%2F%2Fbola.okezone.com%2F&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=301x625&je=0&_u=YEDAAUABAAAAACAAIC~&jid=1157040993&gjid=668923301&cid=543031854.1699205808&tid=UA-111351533-7&_gid=1673216033.1699205808&_r=1&gtm=457e3b11&gcd=11l1l1l1l1&jsscut=1&z=1426787831
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.visionplus.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ Frame EBDF 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=684798166&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fwat-23110512%2Fmerah-padam%2Fberstatus%2Frekap-yasin-bagian-2-lupa-al-quran%3Ffr%3Doz%26v%3D1699205806455&dr=https%3A%2F%2Fbola.okezone.com%2F&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=301x625&je=0&_u=YEDAAUABAAAAACAAIC~&jid=828404700&gjid=402127035&cid=543031854.1699205808&tid=UA-111351533-1&_gid=1673216033.1699205808&_r=1&_slc=1&gtm=45He3b11n81TRZJRWGv832564731&gcd=11l1l1l1l1&z=109709022
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.visionplus.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ Frame EBDF 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=684798166&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fwat-23110512%2Fmerah-padam%2Fberstatus%2Frekap-yasin-bagian-2-lupa-al-quran%3Ffr%3Doz%26v%3D1699205806455&dr=https%3A%2F%2Fbola.okezone.com%2F&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=301x625&je=0&_u=YEDAAUABAAAAACAAIC~&jid=1122320171&gjid=16401850&cid=543031854.1699205808&tid=UA-111351533-7&_gid=1673216033.1699205808&_r=1&_slc=1&gtm=45He3b11n81TRZJRWGv832564731&gcd=11l1l1l1l1&z=822800537
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.visionplus.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ Frame EBDF 		15 B
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=684798166&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fwat-23110512%2Fmerah-padam%2Fberstatus%2Frekap-yasin-bagian-2-lupa-al-quran%3Ffr%3Doz%26v%3D1699205806455&dr=https%3A%2F%2Fbola.okezone.com%2F&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=301x625&je=0&_u=YEDAAUABAAAAACAAIC~&jid=753888744&gjid=189708229&cid=543031854.1699205808&tid=UA-154114411-1&_gid=1673216033.1699205808&_r=1&_slc=1&gtm=45He3b11n81TRZJRWGv832564731&gcd=11l1l1l1l1&z=714713916
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3af38920f67d0a508a858c8a8be3a84afd135acc2c1a5f70f6d9c998dee19528
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.visionplus.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
destination
www.googletagmanager.com/gtag/ Frame EBDF 		252 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-DP6KNFWMBB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H9JR75YQGT&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
424bbc80b68ae9a71c20ced5e51aa0d1e9a5cf5bfdd8dd4a2264ac403fc97db8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88174
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 05 Nov 2023 17:36:48 GMT
collect
region1.google-analytics.com/g/ Frame EBDF 		0
75 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-H9JR75YQGT&gtm=45je3b11v9125046248&_p=1699205807851&gcd=11l1l1l1l1&cid=543031854.1699205808&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1699205808&sct=1&seg=0&dl=https%3A%2F%2Fwww.visionplus.id%2Fwat-23110512%2Fmerah-padam%2Fberstatus%2Frekap-yasin-bagian-2-lupa-al-quran%3Ffr%3Doz%26v%3D1699205806455&dr=https%3A%2F%2Fbola.okezone.com%2F&dt=Vision%2B&en=page_view&_fv=1&_ss=1&tfd=1031
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H9JR75YQGT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ Frame EBDF 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-111351533-7&cid=543031854.1699205808&jid=1157040993&gjid=668923301&_gid=1673216033.1699205808&_u=YEDAAUABAAAAACAAIC~&z=664574345
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.visionplus.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 05 Nov 2023 17:36:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ Frame EBDF 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-111351533-7&cid=543031854.1699205808&jid=1122320171&gjid=16401850&_gid=1673216033.1699205808&_u=YEDAAUABAAAAACAAIC~&z=449385137
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.visionplus.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 05 Nov 2023 17:36:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame EBDF 		231 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H9JR75YQGT&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
735bc3916521ddfa28c85c797e390425b2722a5ef808d2b395f94d387a2355ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83679
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 05 Nov 2023 17:36:48 GMT
ga-audiences
www.google.com/ads/ Frame EBDF 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111351533-7&cid=543031854.1699205808&jid=1157040993&_u=YEDAAUABAAAAACAAIC~&z=2063903990
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/wat-23110512/merah-padam/berstatus/rekap-yasin-bagian-2-lupa-al-quran?fr=oz&v=1699205806455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ Frame EBDF 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111351533-7&cid=543031854.1699205808&jid=1157040993&_u=YEDAAUABAAAAACAAIC~&z=2063903990
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/wat-23110512/merah-padam/berstatus/rekap-yasin-bagian-2-lupa-al-quran?fr=oz&v=1699205806455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ Frame EBDF 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111351533-7&cid=543031854.1699205808&jid=1122320171&_u=YEDAAUABAAAAACAAIC~&z=1171405503
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/wat-23110512/merah-padam/berstatus/rekap-yasin-bagian-2-lupa-al-quran?fr=oz&v=1699205806455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ Frame EBDF 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111351533-7&cid=543031854.1699205808&jid=1122320171&_u=YEDAAUABAAAAACAAIC~&z=1171405503
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/wat-23110512/merah-padam/berstatus/rekap-yasin-bagian-2-lupa-al-quran?fr=oz&v=1699205806455
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame EBDF 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4359868857017165&correlator=1485827317528703&eid=31078018&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=7108725%2CVISION_PLUS%2CWIDGET_PORTAL&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C243x110%7C243x100&ifi=1&sfv=1-0-40&sc=1&cdm=www.visionplus.id&abxe=1&dt=1699205808114&lmt=1699205808&adxs=6&adys=294&biw=-12245933&bih=-12245933&isw=301&ish=625&scr_x=-12245933&scr_y=-12245933&ucis=nnwnrvqmigqe&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.visionplus.id%2Fwat-23110512%2Fmerah-padam%2Fberstatus%2Frekap-yasin-bagian-2-lupa-al-quran%3Ffr%3Doz%26v%3D1699205806455&ref=https%3A%2F%2Fbola.okezone.com%2F&top=https%3A%2F%2Fbola.okezone.com%2F&etu=AA-V4qMrMD5tWTP0Nq-F9r8SFTgD_UJIn4EQCg_uEAV5BrQUXNMzzPMPfDgc7RiOMp9z1kfs-N0iLP5XZNk&vis=1&psz=300x100&msz=300x100&fws=256&ohw=0&ga_vid=543031854.1699205808&ga_sid=1699205808&ga_hid=684798166&ga_fc=true&dlt=1699205807827&idt=243&adks=3150020650&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3703ec6e13350ee859fef7a53fd215e202867ca9cb46bc781b8c4dbf97d61a8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12543
x-xss-protection
0
google-lineitem-id
6260313575
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138427475037
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E878 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.visionplus.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 17:36:48 GMT
expires
Mon, 04 Nov 2024 17:36:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rcti__news.png
static.rctiplus.id/fta_rcti/logo/ Frame 43D0 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.rctiplus.id/fta_rcti/logo/rcti__news.png
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/khsusus/4097199/ac-milan-dipermalukan-udinese-stefano-pioli-kami-pantas-diejek?1699205806226
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.235 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
a6ba4db3da98fc64d9def424dd8489edbaafc56a3e7dc8db4718b7837949ee03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 05:10:38 GMT
via
cache3.l2de2[0,0,304-0,H], cache5.l2de2[0,0], cache5.l2de2[1,0], ens-cache1.de5[0,0,200-0,H], ens-cache5.de5[2,0]
age
2550370
x-swift-cachetime
2591712
x-cache
HIT TCP_MEM_HIT dirn:12:634751656
x-swift-savetime
Sat, 07 Oct 2023 05:15:26 GMT
content-length
10963
last-modified
Thu, 29 Apr 2021 05:19:32 GMT
server
Tengine
etag
"608a41e4-2ad3"
ali-swift-global-savetime
1696655438
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
eagleid
a3b55c9916992058082103570e
placeholder.jpeg
static.rctiplus.id/fta_rcti/logo/ Frame 43D0 		0
0
analytics.js
analytics.rctiplus.com/tracking/ Frame 43D0 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.rctiplus.com/tracking/analytics.js?id=RA-000001-1
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/khsusus/4097199/ac-milan-dipermalukan-udinese-stefano-pioli-kami-pantas-diejek?1699205806226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:46e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.15, Dark Phoenix
Resource Hash
01e7fa6b2587400aea0608a8aa69b60a80a1dbc619316730d505f1e71c7166a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.15, Dark Phoenix
vary
Accept-Encoding, User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mNkopfCd6u6rcNaqo5VtwEhgP9qW4Y93u2SDTi84vBcR8VLrkkUsE00%2FXJEFszcjiI8z5LH%2BtHo8wHhJs2bhqkQEpQdfJxoJtGPtcy40fS1R4Yc4E041pd1vmCG7tZRRhGSYpaEL9aAyzsjvLtX2rJjUv0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, private
x-robots-tag
noindex
cf-ray
8216dc6d2981bb77-FRA
0a3c40e0-e73f-4e61-ac66-d024c0ea6cbc
https://bola.okezone.com/ Frame 4413 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://bola.okezone.com/0a3c40e0-e73f-4e61-ac66-d024c0ea6cbc
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
8cf4f8e7-f840-4fac-9b6e-aa10162d26e7
https://bola.okezone.com/ Frame 4413 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://bola.okezone.com/8cf4f8e7-f840-4fac-9b6e-aa10162d26e7
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame 4413 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnFxQHIuOm70fpH6FvIDY8x4fGxhp-UwtntJS9ctpBwdeg4RSdjSjZm227WzICxqC-Q9qq74uNBN9Umu9C-VpgLpN8teQfrRJ5UAiGYUweiDXlvAMCxj4nXHfBFcJV9qPWMZyf4m0TB1paqK4W9w-ki0iwoRfIsNs_scapsIVcVLSGPH7ReQkQ7NcM9NU2Z0tMo_KGuJNMMx2saA_PWXCJZcCR0nKOu_XiLv1HeMbArFXLgPfdYU8TvVqRVX8W9aIWAIzn1v7pEEP_YiuRSe8EAFrU1VAxiysfyOzBypTCeKBWfglpKad39ic5ArJFt68xUfp8ONhFvXawEHw5eEpl_xGnQaFEQQZBesGBznplIq4iJ4vYfKOOKVZLvtXJb5UPSv89OV8ncBDyyQ&sai=AMfl-YQ6nQugkZj4SWJZQLrwUNyDEFaBZ3LvWAts_eHVAhpnbsKQXqB4yXuyZjpc8G0-RyG0MGyw0uqd56cMNmSzfW4nzTQYc5ig1yXsWGKTlEMP4nh8UrLRLh0NAsRCT83VQojG7ffr0dLvnqriDCUB&sig=Cg0ArKJSzIgYdyI_Tu4wEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 05 Nov 2023 17:36:48 GMT
collect
region1.google-analytics.com/g/ Frame EBDF 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DP6KNFWMBB&gtm=45je3b11v878490891&_p=1699205807851&gcd=11l1l1l1l1&cid=543031854.1699205808&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAE&_s=1&sid=1699205808&sct=1&seg=0&dl=https%3A%2F%2Fwww.visionplus.id%2Fwat-23110512%2Fmerah-padam%2Fberstatus%2Frekap-yasin-bagian-2-lupa-al-quran%3Ffr%3Doz%26v%3D1699205806455&dr=https%3A%2F%2Fbola.okezone.com%2F&dt=Vision%2B&en=scroll&_fv=1&_ss=1&epn.percent_scrolled=90&tfd=1126
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-DP6KNFWMBB&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 2AC8 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=vIykLC5JysNXgSUl7q_xEKaOF5cD4ZfM1z4IvZxj1kVnG0AMBEfJkE_ulMWFdwse86RTMnuTmQC-c-zO6354fmYMrROKN6QT446AChAr0Qb5f0TsJzkcxIH1YcTVvImumwJu62k4njJUkramn6sD-TE2Dq8LSW8kwuUhS7txp693cGzWwvpKW-0ZLEx1Q4R8ClrtuCdRAUboswLu4Imi7k4hUSOVZjXMrjlgVDUFcPK7aonDn1zNsK55c1s&sds=2&rev=89168&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgQIKe7FIAAds6COdlJtlGn8JPrBH7Q&u=%7C4U7PSCOMCtNPpsyVrgGxp3g50A1IhfcatRy6FawbRfc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSNs3jAiWTorlPfHzmXb91MGuFwH55lgR26veyDyhlxbM66euVreyhWuFbvExCAAFxyWxVovIPDdPd4XDBgECvkiivgMVPBoBDUcFDVluAiKWiuEjwk0JQz8SRmsweyBp8HQkCRX9y6riyd70XKwU9QJvH-xgsDMmJS0FmRLKcCUMN2CLvjAUGf8YMn23RH1srks_3xpNzk_T7MgyZWRubZdWss6YjBSAqvxdpb9_JyXxkFUb8pyqREimDaSJqXjQX2657l9iRd3_sbuybBCctQ3ixg9n26PkIAMzOSfDxApGjc6PHk-tuTKSivHpey6Kfddg59_-0V1EVyk-sD2zWYt6q7BElngwpGpQZtS_m9tLpoMzED70FYN7FimCXRKWNXcgmptGVutF354M-50FOukgFpOKHF2Tr5XkEo97TajKmqY6JDCk7ZuD_ujmtycGXAIHNW0l02GQaPKIx0FFJitBICHbKxjT-Z0YVpAvOCa2_Pq2vxlBqlRmpNr-WqvexeKCPCk0hwBIZtWmtmgmb7Rzf-CN6O4a4GGa62Ox2ZLPeaH94J4LN9rf4Dxco__KWU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeshnrdJHZYKCKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBK4CT9AqxQ2iOt-olGmiUieOjfbyePm7Hzlc-2IWzmXkzYDcYcHKoYamSN5R5dpoDxLNI1b5rxvXPa4ylkxAePRHM-T35k1sFOvMOjtkPuw24MpA_7bgr1HeyXOX5pZLM2L99-j-dZxq5BqwGUVIpEqRmV2lRDK3c2bwCesgn2vY6SncBNaqUbPXgmNibkgkebMZF9W7-pqoQAvWbkjg9Ik3k7CWfG153F0kNmJmRRvpPLbBRVLrWdJT7aCcr-NYFghL9eDju9lk_7rq9S49kMZOGcTE71MkWP7HoyGEeeSuELJxHpomLBF0rOAe--C7o2cJGXaZPQlJ0kFeTMqBCNXLuj9Ae6zj9PllDzoB5CVKkG3gthLNaHm9Mh4fhzbVrwBGma3cNyma10J48u_ejafgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0d7vSbATnYQOe4nV2todwWHek8bQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 05 Nov 2023 17:36:47 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
beacon.js
sb.scorecardresearch.com/ Frame 43D0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/khsusus/4097199/ac-milan-dipermalukan-udinese-stefano-pioli-kami-pantas-diejek?1699205806226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-56.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 06:14:39 GMT
content-encoding
gzip
via
1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
41358
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
VNQ9eWd9IERRQ0686d96BPEIxPBWGm5uCAKMcTBuI8Yet-8lvgH_UQ==
gtm.js
www.googletagmanager.com/ Frame 43D0 		207 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T84V6N3
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/khsusus/4097199/ac-milan-dipermalukan-udinese-stefano-pioli-kami-pantas-diejek?1699205806226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
67d85036082d2e4bf780be7355c8687e9a529edc5d360ab683846e04ba3f8aeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71830
x-xss-protection
0
last-modified
Sun, 05 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 05 Nov 2023 17:36:48 GMT
sebelum-gabung-pramac-ducati-franco-morbidelli-ingin-wujudkan-satu-mimpi-bersama-monster-energy-yamaha-GW5zAEi2K2.jpg
img.okezone.com/content/2023/11/05/38/2914754/ Frame 43D0 		338 KB
339 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2023/11/05/38/2914754/sebelum-gabung-pramac-ducati-franco-morbidelli-ingin-wujudkan-satu-mimpi-bersama-monster-energy-yamaha-GW5zAEi2K2.jpg
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/khsusus/4097199/ac-milan-dipermalukan-udinese-stefano-pioli-kami-pantas-diejek?1699205806226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
2bd19bd2be9603888ebf7bc41a35ba71fb7c9694836fb0325897adf0799696a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
346530
x-xss-protection
1; mode=block
last-modified
Sun, 05 Nov 2023 07:15:09 GMT
server
nginx/1.20.1
etag
"654740fd-549a2"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2023/11/05/38/2914754/sebelum-gabung-pramac-ducati-franco-morbidelli-ingin-wujudkan-satu-mimpi-bersama-monster-energy-yamaha-GW5zAEi2K2.jpg>; rel="canonical"
x-amz-cf-id
WDs9TccvDo4uE-osqIkmu-CJOfCnXdRJeOUofwzO300v14AO7OE79Q==
expires
Mon, 04 Nov 2024 17:36:48 GMT
fuji-ajak-penggemar-ikut-donasi-untuk-palestina-rKBVWUf86a.jpg
img.okezone.com/content/2023/11/05/33/2914892/ Frame 43D0 		282 KB
283 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2023/11/05/33/2914892/fuji-ajak-penggemar-ikut-donasi-untuk-palestina-rKBVWUf86a.jpg
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/khsusus/4097199/ac-milan-dipermalukan-udinese-stefano-pioli-kami-pantas-diejek?1699205806226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
8010866339301bd2aca91222fac7a7c1104f22c68c7fffa07093de879bf45086
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
288842
x-xss-protection
1; mode=block
last-modified
Sun, 05 Nov 2023 14:31:28 GMT
server
nginx/1.20.1
etag
"6547a740-4684a"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2023/11/05/33/2914892/fuji-ajak-penggemar-ikut-donasi-untuk-palestina-rKBVWUf86a.jpg>; rel="canonical"
x-amz-cf-id
C3m92oyE-JFpS52JtbBJ1dGQeJHIY57C0xfhXy2asP3zHZLCEcamYA==
expires
Mon, 04 Nov 2024 17:36:48 GMT
cuaca_panas_terik.jpg
img.idxchannel.com/media/600/images/idx/2023/10/09/ Frame 43D0 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.idxchannel.com/media/600/images/idx/2023/10/09/cuaca_panas_terik.jpg
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/khsusus/4097199/ac-milan-dipermalukan-udinese-stefano-pioli-kami-pantas-diejek?1699205806226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
283d4f9169dd0aac7250dc6d081546c6f3ddd01539ced43669ebb4cd46d9f03b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
via
1.1 be95b2ba3a5805485c26e84ad1dd7a2e.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
AMS58-P6
x-cache
Miss from cloudfront
content-length
17019
last-modified
Mon, 09 Oct 2023 02:03:43 GMT
server
cloudflare
etag
W/"65235f7f-76c8"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8216dc6cf910048b-FRA
x-amz-cf-id
0_fWDj5pKZ9rdMP0JPnSoI9U4wEmIN1FHzfDyBaTfScGZ2H2hTWomA==
expires
Mon, 06 Nov 2023 17:36:48 GMT
contoh_pidato_calon_ketua_osis.jpg
img.inews.co.id/media/800/files/inews_new/2023/08/22/ Frame 43D0 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.inews.co.id/media/800/files/inews_new/2023/08/22/contoh_pidato_calon_ketua_osis.jpg
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/khsusus/4097199/ac-milan-dipermalukan-udinese-stefano-pioli-kami-pantas-diejek?1699205806226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e7f5571090a7d24bc8661d913ced7b94415f8ec74c111c1e08e4127cde1fc79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
via
1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-original-content-length
51584
x-amz-cf-pop
FRA60-P1
age
47660
x-cache
Miss from cloudfront
content-length
47222
cf-bgj
h2pri
server
cloudflare
etag
W/"PSA-aj-DlgvPsdIo0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=315359354
accept-ranges
bytes
cf-ray
8216dc6cf8a66945-FRA
x-amz-cf-id
XQzugE4wGMp9tmUzPJv4wUR3-QDqmozU7BMiv3605DoTs57Z7jHCBA==
expires
Wed, 02 Nov 2033 17:26:02 GMT
WhatsApp_Image_2023_11_05_at_13_56_23.jpeg
img.inews.co.id/media/800/files/inews_new/2023/11/05/ Frame 43D0 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.inews.co.id/media/800/files/inews_new/2023/11/05/WhatsApp_Image_2023_11_05_at_13_56_23.jpeg
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/khsusus/4097199/ac-milan-dipermalukan-udinese-stefano-pioli-kami-pantas-diejek?1699205806226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1e8a80972e041b44eea9ad1d77c172c8ed760747fb7abd247353e3a318b6fe8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
via
1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-original-content-length
92246
x-amz-cf-pop
FRA60-P1
age
2550
x-cache
Miss from cloudfront
content-length
87845
cf-bgj
h2pri
server
cloudflare
etag
W/"PSA-aj-A0yz5bYwqT"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=315359561
accept-ranges
bytes
cf-ray
8216dc6cf8ae6945-FRA
x-amz-cf-id
3L91WPiJ1GCfmhTdwTPMVOyjssOD6duMpZxilqlHz3PUTDHCRSymRw==
expires
Wed, 02 Nov 2033 17:29:29 GMT
eks-petinggi-lcr-honda-dukung-jorge-martin-juara-dunia-motogp-2023-hJGNs42teo.JPG
img.okezone.com/content/2023/11/05/38/2914913/ Frame 43D0 		199 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.okezone.com/content/2023/11/05/38/2914913/eks-petinggi-lcr-honda-dukung-jorge-martin-juara-dunia-motogp-2023-hJGNs42teo.JPG
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/khsusus/4097199/ac-milan-dipermalukan-udinese-stefano-pioli-kami-pantas-diejek?1699205806226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:243d:6e00:c:c529:c5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
24756b876398b3e3d60feedfd0532fbc3d8a694eb3eabd98823c3c3f9f633710
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
via
1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P4
x-cache
Miss from cloudfront
content-length
204036
x-xss-protection
1; mode=block
last-modified
Sun, 05 Nov 2023 15:58:27 GMT
server
nginx/1.20.1
etag
"6547bba3-31d04"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, s-maxage=10
accept-ranges
bytes
link
<http://img.okezone.com/content/2023/11/05/38/2914913/eks-petinggi-lcr-honda-dukung-jorge-martin-juara-dunia-motogp-2023-hJGNs42teo.JPG>; rel="canonical"
x-amz-cf-id
BL2ZveV9NiiO4HIgM0n23cXYxdjp6SEyc0R76cbeq-uPZNJqoAh0UQ==
expires
Mon, 04 Nov 2024 17:36:48 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 4413 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df0d3f5eed86511fa9135f21cbee65b08c1efc23fea10175b0f2db4bca19b670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 16:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
2852
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24425
x-xss-protection
0
server
cafe
etag
2680689839065237785
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 05 Nov 2023 17:49:16 GMT
csi
csi.gstatic.com/ Frame 4413 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lolr9kq7&chm=1&c=821912577806818&ctx=2&qqid=CNiyyfOyrYIDFUixewod6GwHuQ&met.4=fb.7~lb.9q~ol.1fj~idt.4v~dt.-i5&met.3=739.9r~738.1fg~749.1fg_2~736.1fk~735.1gd_1~740.1gj_1~113.1gw_1~112.1gw_1&met.1=1.lolr9j9c~14.0~15.0~16.0~17.0~18.0~19.0~20.0~21.0~22.bf~23.bf&met.7=CBsQCDgB~CCIQBBgBIAkoCTBwOGdoCnBAeKwCsAEBuAED~CBsQCiAKOKcC~CE0QChgBIAooCjBwOGZQElgoYBhoKHBJeMfcA4ABm9oDiAHy5QuwAQG4AQM~CBsQCiDLAzi0Cg~CCgQChgBINoOKNoOMOIOOAho2w5w4Q54lcEBgAHpvgGIAar_A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4023:1404::78 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:48 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/ Frame 43D0 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=9013027&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1699205808176&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.rctiplus.com%2Fkhsusus%2F4097199%2Fac-milan-dipermalukan-udinese-stefano-pioli-kami-pantas-diejek%3F1699205806226&c8=RCTI%2B%20-%20Khsusus%20-%204097199%20-%20Ac%20Milan%20Dipermalukan%20Udinese%20Stefano%20Pioli%20Kami%20Pantas%20Diejek&c9=https%3A%2F%2Fbola.okezone.com%2F
Requested by
Host: www.rctiplus.com
URL: https://www.rctiplus.com/khsusus/4097199/ac-milan-dipermalukan-udinese-stefano-pioli-kami-pantas-diejek?1699205806226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-56.ams1.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
via
1.1 e4bbc916b7f96771ed58c0d668318acc.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS1-P1
x-amz-cf-id
AWFsIqhPpKNBLiv2yqn0hybYfatsvYfv4EAcdRywg9O7ImgmMwh6xw==
x-cache
Miss from cloudfront
/
c.mgid.com/pv/ Frame 4413 		43 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/pv/?lu=https%3A%2F%2Fbola.okezone.com%2F&cbuster=1699205808178934297296&pvid=18ba08f003293f572f4&implVersion=11&cxurl=https%3A%2F%2Fbola.okezone.com%2F&site=523196&i=1&scum=%3F0&scuw=%3F0
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
8216dc6d3dcf7738-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
js
www.googletagmanager.com/gtag/ Frame 43D0 		257 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7963YQG9N1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T84V6N3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b716c3d7545a8a20db69a21448756b6d1077216f33e81a3b368cb8baaa45983a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89272
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 05 Nov 2023 17:36:48 GMT
analytics.js
www.google-analytics.com/ Frame 43D0 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T84V6N3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rctiplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 05 Nov 2023 15:51:32 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6316
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 05 Nov 2023 17:51:32 GMT
container.html
c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DFA9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.visionplus.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 17:36:48 GMT
expires
Mon, 04 Nov 2024 17:36:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
d7453fd3-8910-4351-b49e-937167a6b97b
https://bola.okezone.com/ Frame 4413 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://bola.okezone.com/d7453fd3-8910-4351-b49e-937167a6b97b
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame 4413 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
V6T0XPEVQBQZVWF0
age
5880
alt-svc
h3=":443"; ma=86400
x-amz-id-2
WPV4YywY9IwenylfwDsGSwUoHoTNfJjEYjREE2btQsU0bJ/vR2YY879MCv2hzrmar6xKdmjH3ZE=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8216dc6ee8a17738-LHR
expires
Mon, 06 Nov 2023 17:36:48 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ Frame 4413 		836 B
888 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
7K0VMVKJPFTR7CFR
age
6541
alt-svc
h3=":443"; ma=86400
x-amz-id-2
rColIHerJj5PXGvbvrVNMeEUTVq34RvLF2O226pQO5v0dn3HsOibOj8lKF1IJpUldw3huBWXS/A=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8216dc6ee89e7738-LHR
expires
Mon, 06 Nov 2023 17:36:48 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DFA9 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com
URL: https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 19:44:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
597110
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 28 Oct 2024 19:44:58 GMT
visionplus.id.1541446.js
jsc.mgid.com/v/i/ Frame DFA9 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/v/i/visionplus.id.1541446.js
Requested by
Host: c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com
URL: https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef3af96033af461e5864f6029b54f0507db886d11d615e480a6038d078fb22df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
x-amz-version-id
CcokWoSYfasNpYE2qsM3wcnpW263pxNl
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
PHXPENP6R8WK76YM
age
1374
cf-polished
origSize=3927
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
k8aWVvODyyoAD0xItc7I6TpQaEXkj4XMLb9dktDW6tglSQ0d9+xrZUwCpliPk6rFfp6rRnvO+4E=
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 14:27:31 GMT
server
cloudflare
etag
W/"aeb46ecb8f0c6955350aac48f6a7b72f"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
8216dc6eff684195-LHR
expires
Sun, 05 Nov 2023 20:36:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DFA9 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com
URL: https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Nov 2023 17:36:48 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DFA9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvc5wOjPTmS8MIQen8Xz305IANERvrygBcfNJsIPoyiR4uQI1ZvHzCRJKd_UO5oOnKT_H_pkXY69KFM1BVGdp4HDedPm0E-Eq-xkN9FfmvjBpuzlVGhU_a8H7ikBYAANJAivVeQBKjjmkslqA21yeWRI4SpL8CfO0V9oyTDV-jpAWoIpfvRgD7sNG3LydFQJFCZJe2e7Ca7fdrX9_7djR80cwt7V8p7fMm0Sz-SCzyQ_bo1cXlJyAjvkKHtWv1kjwSZ5Wk5KOINX7yBiHmbKuZinz8w4uBbNtMV68uuToMugcx4pnvHxfvcgX1nhqadhq9S8gNGnBpw351CMg7HksuJ4jIMLyD4QxBVrZygorWRSfrMK12zOFbNHsWFwvy89bIOBLc9Ym1Dc7sUD1Q&sai=AMfl-YTiybW79AO0s7bpdyaXC9c_zo2rim8gqAZGZDysPpm_LAjOBzMvk9vKQp7flXVFtDVGuxD5U4YTzD-CPuciQQHmMjrmsRBOB9v8OQ&sig=Cg0ArKJSzD4_DMlu3D8pEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com
URL: https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
1
servicer.mgid.com/1408815/ Frame 4413 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1408815/1?mp4=1&ap=1&w=728&h=90&sz=230x95&szp=1,2,3&szl=1,2,3&cols=3&lu=https%3A%2F%2Fbola.okezone.com%2F&cbuster=1699205808552553832659&pvid=18ba08f003293f572f4&implVersion=11&cxurl=https%3A%2F%2Fbola.okezone.com%2F&scum=%3F0&scuw=%3F0&uniqId=07022&niet=4g&nisd=false&pv=5&lct=1698883200&jsv=es6&pageView=1&dpr=1&ref=&tfre=2281
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/o/k/okezone.com.1408815.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04e8a4a42b71ec3ead5249f3b0dce271eee6e769be88ac3192ccfbfc78fdd0ad
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8216dc6f89d07738-LHR
alt-svc
h3=":443"; ma=86400
truncated
/ Frame DFA9 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bfeb3c3e9e661b99fd8635e460ed861d3d71f5e47404a563561c738c34ac5503

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
visionplus.id.1541446.es6.js
jsc.mgid.com/v/i/ Frame DFA9 		310 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/v/i/visionplus.id.1541446.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/visionplus.id.1541446.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d4755be84cabf8fa2fd1f14615b211a13feab00e1e5ecab83fd290f3801c00d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
x-amz-version-id
raKxZpkD9LtUdyyHZAN.57hzasT.19P2
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
GE1RSZZEXTA5YGFT
age
2701
cf-polished
origSize=317192
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
AijCSxwoP/q7x+oQMI7PD3LE3XxswcqWRtJhQAMgqt2CGpmsGxepAutXEUPdJUmYK9Gfgekze/0=
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 14:27:30 GMT
server
cloudflare
etag
W/"0c2669cc7eccee85dd5622b675541bff"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
cf-ray
8216dc6f887f4195-LHR
expires
Sun, 05 Nov 2023 20:36:48 GMT
mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame 4413 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/o/k/okezone.com.1408815.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
KZHG8W3F9TBRMAND
age
2884
alt-svc
h3=":443"; ma=86400
x-amz-id-2
dbyeVsK/NjOgn7JlIkeUY91rcsUk7Xu5UroxSC2k1IBVpKj3RcOw+iHuOsxJ5UaGiIcgCnMZgl0=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8216dc7019b84195-LHR
expires
Mon, 06 Nov 2023 17:36:48 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ Frame 4413 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/o/k/okezone.com.1408815.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
YRQRQGQP9DZNZ14S
age
3645
alt-svc
h3=":443"; ma=86400
x-amz-id-2
prDGrfP9Q2yJocLMVMs086d4Xf20e00Uihgi74TWkWggHy5UZf6VnePTEnJDA4LpjohSwbs6H6U=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8216dc7019c34195-LHR
expires
Mon, 06 Nov 2023 17:36:48 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTAvNzgzMzg1L2RlNjgyO...
s-img.mgid.com/g/17578185/328x328/-/ Frame 4413 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/17578185/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMTAvNzgzMzg1L2RlNjgyOWQ4MDZiZTc4MjI3OTZkZjU1NGEyNTJlZWEyLnBuZw.webp?v=1699205808-d4fuATANWtTL76wVv5Ly10Gsi5dbM5xctE2Raw764No
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fe625b4175d1c083f1a7a0e98c96dd046d17e406770e7e9183b765f54ef9d48
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://bola.okezone.com/
Origin
https://bola.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
last-modified
Tue, 31 Oct 2023 06:40:04 GMT
x-mg-request-uuid
4078595b-715e-4192-8804-729aee723ebb
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8216dc707c1edccf-LHR
content-length
11896
alt-svc
h3=":443"; ma=86400
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTAvMzY5NDAzL2Y5YjZmY...
s-img.mgid.com/g/16842659/328x328/-/ Frame 4413 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/16842659/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTAvMzY5NDAzL2Y5YjZmYmQ2ODY1MTkyNmRmNmRhY2Q1NjJiYzE1NDBmLnBuZw.webp?v=1699205808-CntATKdPuC4e_Ls5-k9Jbsk0XHkzwCyuiADgE_UmD24
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49af6cdffc2db24d164247d5e492b06efc0e06685bdedb1dd7f40f0133601f07
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://bola.okezone.com/
Origin
https://bola.okezone.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:49 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
MISS
last-modified
Wed, 02 Aug 2023 09:36:34 GMT
x-mg-request-uuid
440e1d82-7b8a-4b6c-915b-bccd6f71ede1
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8216dc707c1bdccf-LHR
content-length
5170
alt-svc
h3=":443"; ma=86400
e6081aebd905368c8b2c4092a77ec277.mp4
cl.imghosts.com/imgh/video/upload/ar_1:1,c_fill,w_680/videos/t/2023-10/353267/ Frame 4413 		42 KB
43 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cl.imghosts.com/imgh/video/upload/ar_1:1,c_fill,w_680/videos/t/2023-10/353267/e6081aebd905368c8b2c4092a77ec277.mp4?v=1699205808-S8dX38DKw1CHQ0hym5vHlcxrdZENKaXssmI0Dckp1Kk
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:297f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81068fb734cb88bc81ced98858b897af334155aa2dbbeea89a82a3fb2037abae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bola.okezone.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
294194
Content-Range
bytes 0-43079/43080
server-timing
cld-cloudflare;mitm=c;dur=182;start=2023-11-01T04:30:10.985Z;desc=miss,content-info;desc="width=680,height=680,abps=42461,fps=28.583,du=1.015,vc="h264",bytes=43080,owidth=680,oheight=382,oabps=37694,ofps=28.583,odu=1.015,ovc="h264",obytes=38243,oformat="mp4";";cloudinary;dur=142;start=2023-11-01T04:30:11.024Z
alt-svc
h3=":443"; ma=86400
Content-Length
43080
last-modified
Mon, 23 Oct 2023 07:48:48 GMT
server
cloudflare
etag
"9a1d1b71b581405db88569c227040e30"
vary
Accept-Encoding
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, max-age=31536000, no-transform, immutable
timing-allow-origin
*
x-robots-tag
noindex
cf-ray
8216dc704c062bc5-FRA
i.js
cm.mgid.com/ Frame 4413 		0
104 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?cbuster=1699205808661573389935
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/o/k/okezone.com.1408815.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
8216dc703ac87738-LHR
alt-svc
h3=":443"; ma=86400
content-length
0
i-noref.js
cm.mgid.com/ Frame 4A5F 		0
38 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1699205808673398220006
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/o/k/okezone.com.1408815.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
8216dc704ad57738-LHR
alt-svc
h3=":443"; ma=86400
content-length
0
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 4413 		142 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/o/k/okezone.com.1408815.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c50ffbb0d5049173748e6468980ae6811d8c7effecb8c7428984ea00734545fa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 08:11:43 GMT
server
cloudflare
x-amz-request-id
85VX6K1WK8KDXANP
age
3584
etag
W/"f782ea030d6823bac929128fb89f783a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8216dc7049cf1d94-FRA
x-amz-id-2
XoyjN5eBRzfOYVg1sA8PuP1xV7Bk9Ddn9XrM7czqjwc2gKMasduypuLFDauD22XD4HObGvPwd34=
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ Frame 4413 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/o/k/okezone.com.1408815.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:55:21 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=133302
accept-ranges
bytes
content-length
63913
expires
Tue, 07 Nov 2023 06:38:30 GMT
54a1a4e2-ff77-4846-a8e1-9ac8ee967117
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/ Frame DFA9 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/54a1a4e2-ff77-4846-a8e1-9ac8ee967117
Requested by
Host: c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com
URL: https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame DFA9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssh7JvcRW7996PfHKaI66d3Ft4SVpMQBdo-xjW27xJnKhSOTr_B2npFw3zqhcmeeb7Hrs9AZgHKY_JGSTF1bOmIxsmtbF4qCv6bTeJQBL8Fj9xL2ZsN_arnJbJG-_fxvrtq9GIEC-MZDRcqjLkV1NBR1KW9kNGX8jihfNJBNcVXBXd62HmxL2nvrs_WNDDARCbeHlnusI4cc1CHvwXGgqD_BbLdcYUX13lnfkFcoWmhRuUtI8J0apeQmNCyksA4vGViRaRW052FRuEGZSWywM6o6afbh8x3u5PTxRw0LzR0Y0l4pBS4pju90ArXbwBZK9p9psOmk2Syu8bwfdxXHFTFCUBDn9q2w6T4fWF_ZPTejVeXeZQkLcYNIrUl9MOTvig&sai=AMfl-YQk0HkalNDbR0bHxXLhJZ6lTrnjYCLzfc6tgpqaghv-9itnIinMFgDVl0Nv9cp5tHo7ga7vaSNgrutHhQliCmb-umA3mROmgcyPpQ&sig=Cg0ArKJSzHVclnkgZe-1EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 05 Nov 2023 17:36:48 GMT
99f9c1b8-3245-4c23-acff-9dc07d78e772
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/ Frame DFA9 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/99f9c1b8-3245-4c23-acff-9dc07d78e772
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/wat-23110512/merah-padam/berstatus/rekap-yasin-bagian-2-lupa-al-quran?fr=oz&v=1699205806455
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
/
c.mgid.com/pv/ Frame DFA9 		43 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/pv/?pr=www.visionplus.id&lu=https%3A%2F%2Fc1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&cbuster=1699205808760726991407&pvid=18ba08f02778584f52a&implVersion=11&cxurl=https%3A%2F%2Fwww.visionplus.id%2F&site=871246&i=1&scum=%3F0&scuw=%3F0
Requested by
Host: www.visionplus.id
URL: https://www.visionplus.id/wat-23110512/merah-padam/berstatus/rekap-yasin-bagian-2-lupa-al-quran?fr=oz&v=1699205806455
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
8216dc70cae14195-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
all
csm.eu.criteo.net/ Frame 1B31 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=KKxN2S5JysNXgSUlnbivhK-LBNnfsjH3uMx1_jGcfemkdFW-yBa-Xse8dzl3tGaHHedpoPsMQtspl4dDauWNS6_yNB--Z6yb4inqcgBGteasuPKhxi7lIiHwlxDV_Pb5kFCSOM2nZNDgc30VZTMcIBXYDThws3myRQVuV-CSZU9Ex0ojyQu5iWPGtM_mxEO3sTygU5vLS_m7FmAHGzhWSDIcraEJN_vRLtUOtcQ7kNIiZ0dF2IVWW0CQq_-UA-maPxcfBA&sds=2&rev=89168&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgP8Ke7FIAAds6LuVhbE9mX67PJdaRw&u=%7C4U7PSCOMCtMN3xCETrFt4l5hGxfjtUcFJdHKOWkgti4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF1NewNbVHyiBZNvuDnVF5bHxSiAGJhDf6bRs77-hEYFGd_XyzjhEFRaWQxv1wE9zRYmcMEx52_b6kZkU7-WUmKZ3kLoLXcduo_CzO5LUaPvhk4vwi0oziq12Pn7nukOmkr6K9WVYSnAlI68JXTfhK059BrTlKXzJwPtn3xkScFx78fpCNKGeWZvn2gswMhTDOGUbz-1_mJVTCDPc486HuRj7IgFvT0fAPNqSX5GZE4X4EJUO1-o_17emobMszGfLQ0DFjk2VCnip_g1G_8TsajOCvVPvRriGnCO60hp1BYJWjbtFshfrb0CY-nvoi-pcj8wfP7NJRyI3MDJSyIHowlfi9_kLSKuS2rVKn_qfxkbAASLEtVEUyvw-wRr4Aoqn_-WcTNjal0ZMbF7CSbtpZ8bclg7Y6r937t6grVDGjkkAjGC8DfYFpCutkIDn_Emxcnltx4Lj6NOlflb973VzOU5PWTGvA_nUlFh7-4g_IRmIG-RFUq7vneeZaI6slx_7A3uyU6YHDCs0qss0IuWoLX4l8nUNkyE1UIZLjApj896cBh8-cJqZtRK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw2KHrdJHZf-BKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBLQCT9DxVIQyI99k2jIJnuxA0d9l_3XaLiRV7hzYACyQSSvSfEf8aqF84YcLs5SEOk6yw8xm98FPQ2Pq_J48q0RnGnGdm3C2GMTqvevZ_cosr2CxGrpYK8BhcAK5JAf6v4LOVgcFjGHxGc0mot7Pru5M9MipJaApsHrsOR93a6ofvN48aR8zxXf-_I6sSWyaHbnRyeVeMNFND1Eoi207WdcLWZ9rPRae7nocHYI7vUOdYtzjp5DDwD0br9TavH1_vVpyQhdBZ4Sn3HZ_Hydv5q3QQrUeqox7-Mphrzrb1CPvOHtR-apIU813fXUnnBWfgkSX8jYOlTQnjqBzSu9wDxMxZrFl_RqKfKZW_tKcbJTdvxQfgJ-sjkb-GjD0_ZRBMEkr20AVTRhQEi-1O5GyeN1uVsMuLAjgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Bud9Zuq_nj8_iRsSA97TcqfdexQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 05 Nov 2023 17:36:48 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame EBDF 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310310101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f73ee25f1e4d10d523c6ef63e6c1489133c255154ab4ebcb72301875ae6c967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12201
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EBDF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 05 Nov 2023 17:36:49 GMT
cf7aaf9e-99e0-4b44-a558-e05fb83eceec
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/ Frame DFA9 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/cf7aaf9e-99e0-4b44-a558-e05fb83eceec
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame DFA9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/visionplus.id.1541446.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:49 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
KZHG8W3F9TBRMAND
age
2885
alt-svc
h3=":443"; ma=86400
x-amz-id-2
dbyeVsK/NjOgn7JlIkeUY91rcsUk7Xu5UroxSC2k1IBVpKj3RcOw+iHuOsxJ5UaGiIcgCnMZgl0=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8216dc729e1f4195-LHR
expires
Mon, 06 Nov 2023 17:36:49 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ Frame DFA9 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/visionplus.id.1541446.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:49 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
YRQRQGQP9DZNZ14S
age
3646
alt-svc
h3=":443"; ma=86400
x-amz-id-2
prDGrfP9Q2yJocLMVMs086d4Xf20e00Uihgi74TWkWggHy5UZf6VnePTEnJDA4LpjohSwbs6H6U=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8216dc729e204195-LHR
expires
Mon, 06 Nov 2023 17:36:49 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 500E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.visionplus.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
166044
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 19:29:25 GMT
expires
Sat, 02 Nov 2024 19:29:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7E26 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
29b8090cafca06e888e190fcb20a1b955875ca2831cf4173f5a8947011077b1b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rVNapAa_jz36wR5sDg4RWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.visionplus.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-rVNapAa_jz36wR5sDg4RWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 17:36:49 GMT
expires
Sun, 05 Nov 2023 17:36:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
10
servicer.mgid.com/1541446/ Frame DFA9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1541446/10?mp4=1&ap=1&w=300&h=250&ident_p=true&sz=300x250&szp=1&szl=1&cols=1&pr=www.visionplus.id&lu=https%3A%2F%2Fc1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&cbuster=169920580913162661588&pvid=18ba08f02778584f52a&implVersion=11&cxurl=https%3A%2F%2Fwww.visionplus.id%2F&scum=%3F0&scuw=%3F0&uniqId=0a913&niet=4g&nisd=false&pv=5&lct=1698883200&jsv=es6&pageView=1&dpr=1&ref=https%3A%2F%2Fwww.visionplus.id%2F&iframe=2&tfre=701
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/visionplus.id.1541446.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ab9282c1d4951e7e47bbf6dba48cf6544ab369d0bc40f4dc4f8c6c78e88dd8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:49 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8216dc731f024195-LHR
alt-svc
h3=":443"; ma=86400
sodar
pagead2.googlesyndication.com/pagead/ Frame 7E26 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310310101&jk=4359868857017165&rc=
Requested by
Host: bola.okezone.com
URL: https://bola.okezone.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 4413 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGF9Ico7HqwiX0qtbx71nvI3TSvCGjuyi0XxNPW0y7j8JfSWPBe22oIdumFVDESruilcDup-qxUnTj30hksRMrMrTtPmdKDGdPS4fejpycbWXJqWtFnV-R6ZHZONADcJFC-ImjMs5jBw&sig=Cg0ArKJSzKX3BmgP_rENEAE&id=lidar2&mcvt=1005&p=60,592,150,1320&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231101&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3008733920&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699205806272&rpt=1852&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311020101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
10c2328d1065ad0ef1d4a070046e51f7cae86bd3b9bca41ce3d97a6cd55d4d6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12225
x-xss-protection
0
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 500E 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:57:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
20341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Nov 2024 11:57:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=bola.okezone.com&doc=complete&pg_h=8063&pg_w=1600&pg_hs=8063&c=6&aa_c=0&av_h=340&av_w=465.167&av_a=121436.667&s=10&all_s=10&b=5373.125&all_b=5373.125&d=0.253&all_d=0.253&ard=0.056&all_ard=0.056&dt=d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 05 Nov 2023 17:36:49 GMT
mgid_ua.svg
cdn.mgid.com/images/mgid/ Frame DFA9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/visionplus.id.1541446.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:49 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
KZHG8W3F9TBRMAND
age
2885
alt-svc
h3=":443"; ma=86400
x-amz-id-2
dbyeVsK/NjOgn7JlIkeUY91rcsUk7Xu5UroxSC2k1IBVpKj3RcOw+iHuOsxJ5UaGiIcgCnMZgl0=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8216dc738fa04195-LHR
expires
Mon, 06 Nov 2023 17:36:49 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ Frame DFA9 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/visionplus.id.1541446.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:49 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
YRQRQGQP9DZNZ14S
age
3646
alt-svc
h3=":443"; ma=86400
x-amz-id-2
prDGrfP9Q2yJocLMVMs086d4Xf20e00Uihgi74TWkWggHy5UZf6VnePTEnJDA4LpjohSwbs6H6U=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
8216dc738fa14195-LHR
expires
Mon, 06 Nov 2023 17:36:49 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMC8zNTMyNjcvNzQwY...
s-img.mgid.com/g/17523136/492x277/-/ Frame DFA9 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/17523136/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMC8zNTMyNjcvNzQwYzAxNWEzNzc4ZjA4MTliODYxMDFhYzM4NTJkZDUuanBn.webp?v=1699205809-WlYabZvelN8ZETnjvlzG0AsDYcqujV_z-P-aTyj0N50
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:824c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba654a83ccab37cf522981a96580a63594cc1a42259174ad44bab531aa1ac81e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/
Origin
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:49 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 06:46:26 GMT
x-mg-request-uuid
c7fe6b2c-af57-4eb0-867d-f03175efa67c
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
8216dc7388a8dccf-LHR
content-length
19172
alt-svc
h3=":443"; ma=86400
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3570 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
166044
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 19:29:25 GMT
expires
Sat, 02 Nov 2024 19:29:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 969F 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
056d9363baea68bf91138665d1d08d6244602f9d506869e75b7eef383516725a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bg3UuGAjL-Ul2UQvNXbUvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bola.okezone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-bg3UuGAjL-Ul2UQvNXbUvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 05 Nov 2023 17:36:49 GMT
expires
Sun, 05 Nov 2023 17:36:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame 500E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6I1oiA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:49 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
i.js
cm.mgid.com/ Frame DFA9 		0
180 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?cbuster=1699205809314907091743
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/visionplus.id.1541446.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:49 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
8216dc7448b84195-LHR
alt-svc
h3=":443"; ma=86400
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 969F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311020101&jk=821912577806818&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 3570 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 11:57:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
20341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Nov 2024 11:57:48 GMT
i-noref.js
cm.mgid.com/ Frame 6679 		0
180 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1699205809322820127920
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/visionplus.id.1541446.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:49 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
8216dc7458d34195-LHR
alt-svc
h3=":443"; ma=86400
content-length
0
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame DFA9 		142 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/visionplus.id.1541446.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c50ffbb0d5049173748e6468980ae6811d8c7effecb8c7428984ea00734545fa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:49 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 08:11:43 GMT
server
cloudflare
x-amz-request-id
85VX6K1WK8KDXANP
age
3585
etag
W/"f782ea030d6823bac929128fb89f783a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8216dc744ee71d94-FRA
x-amz-id-2
XoyjN5eBRzfOYVg1sA8PuP1xV7Bk9Ddn9XrM7czqjwc2gKMasduypuLFDauD22XD4HObGvPwd34=
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ Frame DFA9 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/v/i/visionplus.id.1541446.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:49 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:55:21 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=133301
accept-ranges
bytes
content-length
63913
expires
Tue, 07 Nov 2023 06:38:30 GMT
generate_204
tpc.googlesyndication.com/ Frame 3570 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?fR7_Kg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:49 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
c
c.mgid.com/ Frame 4413 		43 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?f=1&pv=3&v=230|95|28|Bd5MdM_w5ygdBrJLHJPGEz_BtNSBVKVbY-nVx05ArwCbZLHF1C-uAHGr8OOZ-93J2aa9WJCQu9_-J-91ALn-tg**&fw=1&extjs=66044&h2=qCPrOVMpP3p_xyzIJH89aEwjTpE2fc1hadpsghGRJA0*&rid=e5b60f0a-7c01-11ee-a186-e43d1a2a04aa&tt=Direct&iv=11&cid=1408815&pageImp=1&pvid=18ba08f003293f572f4&cbuster=1699205809747243155068
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:49 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-mg-request-uuid
3f1fea59-ddc2-4a6b-9b7e-4b219d320880
server
cloudflare
content-type
image/gif
cf-ray
8216dc76fdd64195-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
1x1.gif
a.adskeeper.co.uk/ Frame 4413 		43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.adskeeper.co.uk/1x1.gif?id=353267&type=c&tg=65b86b2d551449eb64bd102d9e7bb67c&gdpr=1&gdpr_consent=&us_privacy=&mgbuster=142b7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2341 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:49 GMT
cf-cache-status
MISS
last-modified
Sun, 05 Nov 2023 17:36:49 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8216dc772cae2c4e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Sun, 05 Nov 2023 21:36:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EBDF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310310101&jk=4359868857017165&bg=!MjGlMX7NAAb4oU7C2KE7ADQBe5WfOGkIIHcu97C0i9N1EvzmYG8krlN45Rt5T3HqqFCXAnspU2vDwLPSJ50SnSsysjd-AgAAAHVSAAAACGgBBwoACWYtpLHBIlcGGZkDEhVDnTG9wDOhhyd4tAE4hpT-v_9iXi2E71jhfSRyQLI4mjuWH8NSMYryNAiFWSk5vxvgJ79NbycrAlzBhwRBzjEmK1z14Up2PSUEP8pOBsbecJ6KVaLkPgOGjMXLk7l-VpAkw8NOfYLE0e58RoGheZs5bn6ZPeOZazplbSR830mI0sWuojlkP6EovFTb7VspM133Bt7SdCuZqfQmZbdKwtiFaRd8uKh9OMXDS-Y0B6iQm8yvgSvdKYyQHDEG5X9DDx6B2LUrfz8ATy-zHVDdsRF54mUtIUhBqaRaAYIt-4nX3y_uCJKavmAQIi2ogJJ23FXnN4lvgabNR00c9nQEU7xVZQpxyGBuDFHFPbeGDkNxjeFUDw_vOzAkv0mzvJSD9fZ3VPSUP_v3FfQQz3Cdz1oIR08EU6T8v5_Wp3WuRYuzrNKRTnyeYjtIyWImEa9VXzhdBJdoOQbEw35r5gSG6XJeBp3M3iV6c0zmEtgIUh5zKSHWxn2K4CUGAequ_Kt9YXDMuoo4foEEB4Wx-it_EmTFGN3p5AutwFLN1zUwU-VdEXMTJn-ySK3Ne-epoQKPrntPX1HhI7IMHiCsrpkv-FAlzpqOufGJO8UzVIwgf1ezNBKszNwuaWr4hJs6rfMnVC8SP0afJluPJ9W-kRpQfZhht13Ulr_0YIl-KIcWzqVbpLCrpl8B0iS9YyhQxXQnsir6TUtTGvyzeWs_MdRbRdU1Knihb7JKnZ6-22uOiazcmr29UkVaV3aCbV24_U50mi8FIxLyb_nn8K-Ku8mcYM_hiQgPbrD_5gSdW9jJaMHzK6yYdwGF51aCljamryiX9O1vFVqo5AZE_ZKGgOCIFJ6glR1tG845e6NC9QdFl9SlROUGxK4DM6OfpnRtC49dkKTpEE4oz1joardpeCnYijSn9EgrqG81stHfFxgU7I53L0kvg3pZnz0rXkVhwWPLYt5GwjdeEHHMdut9L0fmNBiWVLuBLIFfVNhESnq9B7VViRVeTyNXxjg_aEq_bmUrpmTUpOrDZnTVNWud3NNDLMGpag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311020101&jk=821912577806818&bg=!srGlsf7NAAb4oU7C2KE7ADQBe5WfOGMkCmRbCCtyZ6n6i44q4TTYiJFWYIvK0VYDCvdJ1hsFgo80lWafern8Y-7acitZAgAAAItSAAAACGgBB5kC_B6S9YUD2XQLdNfRkO6e25isOIv60wA9lgFyQap_rFxgkpbGcQWJ7T0onKE9zP-YuRfkoyBY5SZK1QU0pXowGzUaBwsBhjdxUNNDXed5C3gqjwnTq6dIYFcHsGXEm9Md-OHM8qlGblHd8cgWIvSOEGqaegGvFO82rJ5rNG-t8jDuHn6Y-iTmUe2NQdvreGxwGRqRUIYhqtkwqmpeY90sDEd2BzWbMm5agq5NByWZF56VQ25vsQqRj4A1wl_5mIaZGcKsmzUva8JTaTqktSW8hcklhdq_IqZru4nHNPb3pN3eEBnTwAtq_iLYNyFHpp6obWGMCW238eLwpNThCK6S_0Rgxu9pBRtQha1Jg4EhCaW4_3qQwRX8RnEDZ6-wF1jNX-uGpl7KA9KpBucCPF0-_gjqeBQrjNzKu28wRLqjd0GC0Bdqjre2kyTLr1Pd1G0-dFGKp8HFP3X_fkmmejGigDgyFRnKnYIE-xTEwed2oKECKJv_FJEolU9jre4qtY6vRx96BePIkcIMtj1NhmxQ3Q2RgeL013qU1svOxNb5yTWKmEs2ql0_q755TCplKEvZMyWc72JS85j6mH2vYyz2UzZjzx-OLD4JgCvMXuEY58nGi7kfDtNXuf1GjhmxI1HJz3ExfwKM96cks5fzik6QkFc6xgy9WOxbOtKH6Mf6hfpVvZPbhhz51V1ZMxUF9O-GVXPmNukH9Pxn9xw0Bxb7mQy4-XLUlOttbWycd7zY_TNEuAmec0eZVzUSHvtRJFQF-MNAdZUkg7sW_xyp1oAj4urxPM5v20_uS9j8WaKdS_zkXJ2tiMd3E-twm4zb-J7UtrqAVMUpMgZezi-Al5ho1X67A7kGqWPcx87V6NIIo4j-b-GkhEHCuy97GhvjnAAFuoTrEITxNXwVU-5ua71JofbgWWxCuuPimAUb8GjlMzfsgbVqPX5BtHlm_RSxyircBJh8k8yvvAutDhr94pNKuzdH7NDaKK1mdyBoPaNwXEqlRqEAdhH6z3CECz7n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
c
c.mgid.com/ Frame 4413 		43 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?pv=3&v=230|95|28|Bd5MdM_w5ygdBrJLHJPGE2Ni_zHZliR3LzfJiKnkb5sPBHq3NwOfM1H1RZwe1-ddbqsPer83BHMsXTJ-vOXpwg**&extjs=66044&h2=qCPrOVMpP3p_xyzIJH89aEwjTpE2fc1hadpsghGRJA0*&rid=e5b60f0a-7c01-11ee-a186-e43d1a2a04aa&tt=Direct&iv=11&cid=1408815&pageImp=0&pvid=18ba08f003293f572f4&cbuster=1699205810168434915572
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-mg-request-uuid
f9993373-c20a-4599-bfcf-e6804dbaa35c
server
cloudflare
content-type
image/gif
cf-ray
8216dc799b064195-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
1x1.gif
a.mgid.com/ Frame 4413 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=783385&type=c&tg=d958dbf733775526c12d1052a654b42c&gdpr=1&gdpr_consent=&us_privacy=&mgbuster=0088c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
8216dc79ac217738-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lolr9is8&c=821912577806818&e=31079420%2C31061691%2C31061692&ctx=1&met.9=1.o5~2.pq~9.0~3_1.rb~7_1.0~7_2.0~7_3.0~7_4.0~7_5.0~7_6.0~7_7.0~7_8.0~7_9.0~7_10.0~4_1.18e~5_1.18u~6_1.18y~5_2.198~6_2.199~5_6.1a0~5_7.1a1~5_9.1a1~5_3.1a6~5_4.1aj~5_5.1at~5_8.1bj~6_3.1vy~6_4.1w5~6_5.1zp~6_8.22a&met.10=1_1.CAAQABiAmHUg5QcoAQ~1_2.CAAQABiAmHUg5QcoAQ~1_8.CAAQABiAmHUg5QcoAA~1_6.CAAQABiAmHUg5QcoAQ~1_7.CAAQABiAmHUg5QcoAA~1_8.CAAQABiAmHUgjggoAQ~1_6.CAAQABiAmHUg2Q0oAA&met.3=112.rt_1~416.1st~416.1sw~415.1vy~413.1w4~415.1w5~413.1w5~415.1zp~415.22a~113.3gv_3&met.1=1.lolr9i0f~6.1e~7.1g~8.1g~9.1g~10.20~11.1o~12.21~13.2m~14.2p~15.2p~16.uy~17.uy~18.v6~19.3gi~20.3gi~21.3go~22.kk~23.kk&qqid.1=CNiyyfOyrYIDFUixewod6GwHuQ&qqid.2=CLyMy_OyrYIDFUixewod6GwHuQ&qqid.3=CL2My_OyrYIDFUixewod6GwHuQ&qqid.4=CL6My_OyrYIDFUixewod6GwHuQ&qqid.5=CL-My_OyrYIDFUixewod6GwHuQ&qqid.6=CN2yyfOyrYIDFUixewod6GwHuQ&qqid.7=CN6yyfOyrYIDFUixewod6GwHuQ&qqid.8=CMKMy_OyrYIDFUixewod6GwHuQ&qqid.9=COCyyfOyrYIDFUixewod6GwHuQ&qqid.10=CMSMy_OyrYIDFUixewod6GwHuQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4023:1404::78 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.mgid.com/ Frame 4413 		43 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?pv=3&v=230|95|28|Bd5MdM_w5ygdBrJLHJPGEz9kA2pigOWvY-elcUL3Je6_HrI37eOA0r_tPIviYo-FX1hilmuJSrYGBSwq39sH8Q**&extjs=66044&h2=qCPrOVMpP3p_xyzIJH89aEwjTpE2fc1hadpsghGRJA0*&rid=e5b60f0a-7c01-11ee-a186-e43d1a2a04aa&tt=Direct&iv=11&cid=1408815&pageImp=0&pvid=18ba08f003293f572f4&cbuster=1699205810266743642365
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-mg-request-uuid
139a8a32-5a95-462d-8a46-356b2215a749
server
cloudflare
content-type
image/gif
cf-ray
8216dc7a3c504195-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
1x1.gif
a.mgid.com/ Frame 4413 		43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=369403&type=c&tg=ffc948d97a3057939c9d56daebd9b303&gdpr=1&gdpr_consent=&us_privacy=&mgbuster=03820
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.okezone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 17:36:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
8216dc7a3cfe7738-LHR
alt-svc
h3=":443"; ma=86400
content-length
43
collect
region1.google-analytics.com/g/ Frame EBDF 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DP6KNFWMBB&gtm=45je3b11v878490891z8832564731&_p=1699205807851&gcd=11l1l1l1l1&cid=543031854.1699205808&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1699205808&sct=1&seg=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fwat-23110512%2Fmerah-padam%2Fberstatus%2Frekap-yasin-bagian-2-lupa-al-quran%3Ffr%3Doz%26v%3D1699205806455&dr=https%3A%2F%2Fbola.okezone.com%2F&dt=Vision%2B&en=page_view&up.custom_client_id=543031854.1699205808.&tfd=6168
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-DP6KNFWMBB&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.visionplus.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Nov 2023 17:36:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visionplus.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 1B31 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=KKxN2S5JysNXgSUlnbivhK-LBNnfsjH3uMx1_jGcfemkdFW-yBa-Xse8dzl3tGaHHedpoPsMQtspl4dDauWNS6_yNB--Z6yb4inqcgBGteasuPKhxi7lIiHwlxDV_Pb5kFCSOM2nZNDgc30VZTMcIBXYDThws3myRQVuV-CSZU9Ex0ojyQu5iWPGtM_mxEO3sTygU5vLS_m7FmAHGzhWSDIcraEJN_vRLtUOtcQ7kNIiZ0dF2IVWW0CQq_-UA-maPxcfBA&sds=2&rev=89168&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUfSrQAKgP8Ke7FIAAds6LuVhbE9mX67PJdaRw&u=%7C4U7PSCOMCtMN3xCETrFt4l5hGxfjtUcFJdHKOWkgti4%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF1NewNbVHyiBZNvuDnVF5bHxSiAGJhDf6bRs77-hEYFGd_XyzjhEFRaWQxv1wE9zRYmcMEx52_b6kZkU7-WUmKZ3kLoLXcduo_CzO5LUaPvhk4vwi0oziq12Pn7nukOmkr6K9WVYSnAlI68JXTfhK059BrTlKXzJwPtn3xkScFx78fpCNKGeWZvn2gswMhTDOGUbz-1_mJVTCDPc486HuRj7IgFvT0fAPNqSX5GZE4X4EJUO1-o_17emobMszGfLQ0DFjk2VCnip_g1G_8TsajOCvVPvRriGnCO60hp1BYJWjbtFshfrb0CY-nvoi-pcj8wfP7NJRyI3MDJSyIHowlfi9_kLSKuS2rVKn_qfxkbAASLEtVEUyvw-wRr4Aoqn_-WcTNjal0ZMbF7CSbtpZ8bclg7Y6r937t6grVDGjkkAjGC8DfYFpCutkIDn_Emxcnltx4Lj6NOlflb973VzOU5PWTGvA_nUlFh7-4g_IRmIG-RFUq7vneeZaI6slx_7A3uyU6YHDCs0qss0IuWoLX4l8nUNkyE1UIZLjApj896cBh8-cJqZtRK&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw2KHrdJHZf-BKsji7gPo2Z3IC8me0rFc1Z2R93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItNTg3MjQ2MDczNTAyNTI5OMgBCakCKtx0aBMBsj7gAgCoAwHIAwKqBLQCT9DxVIQyI99k2jIJnuxA0d9l_3XaLiRV7hzYACyQSSvSfEf8aqF84YcLs5SEOk6yw8xm98FPQ2Pq_J48q0RnGnGdm3C2GMTqvevZ_cosr2CxGrpYK8BhcAK5JAf6v4LOVgcFjGHxGc0mot7Pru5M9MipJaApsHrsOR93a6ofvN48aR8zxXf-_I6sSWyaHbnRyeVeMNFND1Eoi207WdcLWZ9rPRae7nocHYI7vUOdYtzjp5DDwD0br9TavH1_vVpyQhdBZ4Sn3HZ_Hydv5q3QQrUeqox7-Mphrzrb1CPvOHtR-apIU813fXUnnBWfgkSX8jYOlTQnjqBzSu9wDxMxZrFl_RqKfKZW_tKcbJTdvxQfgJ-sjkb-GjD0_ZRBMEkr20AVTRhQEi-1O5GyeN1uVsMuLAjgBAGABs2d9KD2s8GeDaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Bud9Zuq_nj8_iRsSA97TcqfdexQ%26client%3Dca-pub-5872460735025298%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 05 Nov 2023 17:36:53 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.rctiplus.id
URL
https://static.rctiplus.id/fta_rcti/logo/placeholder.jpeg

Verdicts & Comments Add Verdict or Comment

239 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| documentPictureInPicture function| $ function| jQuery string| mode object| googletag undefined| dataorion function| getJsonObject function| DatalayerInfo function| UpdateCookiesOrion function| GetDataCookieValue object| dataLayer function| gtag object| _comscore object| metaTags string| Authors string| Sections object| _sf_async_config object| _izq object| container undefined| _izAlt object| _iz object| izConfig function| _izooto object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| COMSCORE object| ns_p object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| __afflib object| G_options object| ID5EspConfig object| affpbjs object| _aff_pob object| affinityhb object| ggeac object| google_js_reporting_queue object| affpbjsChunk object| _pbjsGlobals string| nobidVersion object| nobid boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_rum_config number| google_unique_id number| google_srt object| _google_rum_ns_ object| pbjs object| SETTINGS object| pnAdvancerLeft object| pnAdvancerRight object| pnIndicator object| pnProductNav object| pnProductNavContents number| last_known_scroll_position boolean| ticking function| doSomething function| moveIndicator function| determineOverflow number| skin_img1 number| skin_img2 object| swiper function| sideVideoWidget function| fSkinAds object| swiperPilpres boolean| mCustomScrollbar function| Dropkick object| dragscroll function| Swiper number| access function| leftsidebar_error function| rightsidebar_error number| random_angka function| oncopy object| __id5_instances object| regeneratorRuntime object| ox_esp number| SudahDiLoad function| DataLayerTracking function| UpdateCookies object| __uid2SecureSignalProvider object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| _cb_shared object| _33across undefined| google_timing_params object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| izootoEmailSubcriptionCallBack function| izootoEmailEventsCallback object| _mgPageViewEndPoint523196 object| _mgPageView523196 object| _mgPvidList string| _mgPvid number| navItemWidth undefined| google_rum_values object| google_image_requests object| GoogleGcLKhOms object| _mgPageImp523196

33 Cookies

Domain/Path Name / Value
.okezone.com/ Name: ci_session
Value: bc9v3qiondnpaeq5mt49blu9lse3pfdu
.okezone.com/ Name: home-bola
Value: home-bola
.izooto.com/ Name: IZCID
Value: b0b9df1f-519d-44b6-abb0-efc0ad0b5df1
.okezone.com/ Name: _gid
Value: GA1.2.1874651922.1699205805
.okezone.com/ Name: _gat_gtag_UA_153789817_2
Value: 1
.okezone.com/ Name: _gat_UA-82922228-1
Value: 1
.okezone.com/ Name: _gat_UA-153789817-1
Value: 1
bola.okezone.com/ Name: pbjs_debug
Value: 0
.okezone.com/ Name: _ga
Value: GA1.1.605566569.1699205805
.okezone.com/ Name: _ga_L1BHTHEZ01
Value: GS1.2.1699205805.1.0.1699205805.60.0.0
.okezone.com/ Name: orionID
Value: UN-45dfbda857414880536d67567f5956a7T5BSN
.okezone.com/ Name: lotame_domain_check
Value: okezone.com
.okezone.com/ Name: _cb
Value: E6jf1CRn--0BbhFDY
.okezone.com/ Name: _chartbeat2
Value: .1699205805772.1699205805772.1._iZzLCjw69VCS9j9MDDcwCZCh5ALc.1
.okezone.com/ Name: _cb_svref
Value: null
.criteo.com/ Name: uid
Value: 5f0809c0-eee7-4df3-b03e-75503bf2ed02
.openx.net/ Name: i
Value: b2cbc58f-05f6-4347-ad38-0a7e699fa80f|1699205805
.okezone.com/ Name: cto_bundle
Value: wVBYIV82MFR4N2IzR0NDTkRFQW8zdTBRWnVWempWZ3dQNmxNeCUyRkhWRjAlMkZIQmhub1VsUFFwZU90S2pSbzZkJTJCbW9JMkRTZzdZOGszN3BYTUFvajQ5TlQlMkI1d09lelpDYTFzOHhFNU53MHl3VlI0MjVmamhZVmx4WG9sTHd5S1ViOU5FbFljYXNIJTJCaVVJNWkzMmJLblhBZDRnd1VBJTNEJTNE
.okezone.com/ Name: __gads
Value: ID=c1b00da4bff863ec:T=1699205805:RT=1699205805:S=ALNI_MajDm-sCx9qIzBPd8QbPvRnAlf4Xw
.okezone.com/ Name: __gpi
Value: UID=00000cb5447dbb45:T=1699205805:RT=1699205805:S=ALNI_MZG1b63JuOoHEhbX15UVKD1gQP8AA
.doubleclick.net/ Name: IDE
Value: AHWqTUlFYuYnV21VyOFaqH-kEc2RZFIm_4xuoqtEBho77ADyp182AmA1Cui0n5GkVTQ
.okezone.com/ Name: _ga_MZ0Q248WBF
Value: GS1.1.1699205805.1.0.1699205806.59.0.0
.mgid.com/ Name: __cf_bm
Value: xf7uIC52CsUYrp2fzbHN9FPSIDmh0cPRaYTwfUwl0Wc-1699205806-0-AYG/Cl3HRJ3gK4GiHpIkVKbxHO3SYH/9+PRuDyyesa1Oe542kTjXByFo7ZK+EF0GNn4Fd6py1dNLtiusxPduDIQ=
.visionplus.id/ Name: _gid
Value: GA1.2.1673216033.1699205808
.visionplus.id/ Name: _gat_gtag_UA_154114411_1
Value: 1
.visionplus.id/ Name: _gat_gtag_UA_111351533_7
Value: 1
.visionplus.id/ Name: _gat_UA-111351533-7
Value: 1
.visionplus.id/ Name: _ga_H9JR75YQGT
Value: GS1.1.1699205808.1.0.1699205808.0.0.0
.visionplus.id/ Name: _ga
Value: GA1.1.543031854.1699205808
.visionplus.id/ Name: _ga_DP6KNFWMBB
Value: GS1.1.1699205808.1.1.1699205808.0.0.0
.sindonews.net/ Name: __cf_bm
Value: 9DmRrzOOk5PVDznId8eitbffk.O1xm9c1Mov1Rybue8-1699205808-0-ATH2WhcTaTc/zOdweqVQ50omC1Fr9Qaq7CRPoU5bM9ySskZSr90/zI0DQuskf8IgWm6d2NfVDKKqkdezRbSLVNg=
bola.okezone.com/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22https%3A%2F%2Fbola.okezone.com%2F%22%2C%22svsds%22%3A1%7D%2C%22C1408815%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221699205808651%22%7D%7D
bola.okezone.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770

2 Console Messages

Source Level URL
Text
other warning URL: https://d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript warning URL: https://jsc.mgid.com/v/i/visionplus.id.1541446.es6.js(Line 268)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.adskeeper.co.uk
a.mgid.com
a.okezone.com
ads.eu.criteo.com
ads.pubmatic.com
analytics.rctiplus.com
bcp.crwdcntrl.net
bola.okezone.com
c.mgid.com
c1e4e61e962f0885a402b888c4a239e7.safeframe.googlesyndication.com
cat.nl3.eu.criteo.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.izooto.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.okezone.com
cdn.prod.uidapi.com
cdn4-hbs.affinitymatrix.com
cdnjs.cloudflare.com
cl.imghosts.com
cluster-images.visionplus.id
cm.mgid.com
csi.gstatic.com
csm.eu.criteo.net
d9fce789d449aefd28b12c7498e5c179.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbs.ph.affinity.com
id5-sync.com
imageproxy.eu.criteo.net
img.idxchannel.com
img.inews.co.id
img.okezone.com
invstatic101.creativecdn.com
jsc.mgid.com
lb.eu-1-id5-sync.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pict.sindonews.net
ping.chartbeat.net
region1.analytics.google.com
region1.google-analytics.com
rtb.nl3.eu.criteo.com
s-img.mgid.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
servicer.mgid.com
sindikasi.okezone.com
static.chartbeat.com
static.criteo.net
static.rctiplus.id
stats.g.doubleclick.net
tags.crwdcntrl.net
tpc.googlesyndication.com
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.mnctrijaya.com
www.rctiplus.com
www.visionplus.id
static.rctiplus.id
104.18.35.167
142.250.186.162
162.19.138.116
162.19.138.120
163.181.92.235
163.181.92.238
178.250.1.6
18.239.18.12
18.65.39.56
2001:4860:4802:34::36
202.147.193.157
23.213.164.238
2600:9000:20ab:6e00:e:ddd6:52c0:93a1
2600:9000:224a:8e00:1f:789c:7d40:93a1
2600:9000:224a:b400:b:8989:4a00:93a1
2600:9000:2250:7a00:a:e047:753:a221
2600:9000:243d:6e00:c:c529:c5c0:93a1
2600:9000:243d:a400:11:2efd:e680:93a1
2600:9000:243d:de00:11:2efd:e680:93a1
2600:9000:2440:3e00:b:f60d:7c0:93a1
2600:9000:2646:9c00:18:1fcd:353:c61
2606:4700:10::6816:3456
2606:4700:1::6813:824c
2606:4700:1::6813:844c
2606:4700:20::681a:46e
2606:4700:4400::6812:2341
2606:4700:4400::6812:297f
2606:4700::6810:5514
2606:4700::6810:7daf
2606:4700::6811:190e
2606:4700::6812:12e4
2606:4700::6812:1c82
2606:4700::6812:c92
2606:4700::6812:d941
2607:f8b0:4023:1404::78
2607:fc48:bc4b::bc:238
2a00:1450:4001:803::200a
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2006
2a00:1450:4001:830::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9a
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:3::c
3.227.47.153
34.102.146.192
34.117.1.141
34.120.107.143
34.250.99.225
34.96.70.87
34.98.64.218
002dc3cce74f753869c357fb411cd7df90d6bb0c96dc7cc569875947161bede9
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01e7fa6b2587400aea0608a8aa69b60a80a1dbc619316730d505f1e71c7166a1
01ef8ad56ec25edd203c3cd1f71170fc5bff7b4e7508f284a81128aeb1aa49b9
03c37ba25008396febb9fa979c48ed7f0657806ca27ae3960ebf727739a06d28
04480da5573cb4d856930aa2c4e83253a096ffbb1ff51212a6287a10f33a3797
04e8a4a42b71ec3ead5249f3b0dce271eee6e769be88ac3192ccfbfc78fdd0ad
05684cf92cad6ae0e8e53e2de7ef08e0f6bfe8ef337779f99f9af4d0215a1041
056d9363baea68bf91138665d1d08d6244602f9d506869e75b7eef383516725a
0623c22d7c4c71a3f6a7829e7936d3970d1bc62ed20b0dd35cd7a048c1029a23
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08175b3c2bcdbf8753a79855b9a9bf718e95ac98e422905edb8e3f9dea8d70ea
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a1f2ee564aaa598ef7621d1d0cc47838671eafe35575b47f9cc99d58e12570d
0c781e7047fbb5cf8121a879ee0e7f49e60bb85734639b5784b2b0489f987b7f
0d0ba2e7f5389bacd4616df8e09854ff588476ecfb6d48846a80c03b00e846fe
0d6271f6c1c509d78ee10f14174542be0db49486fe7c23201c1b517a063f578e
0dc405349b9e64616a3625673041771f2be733ebcb07688fcacd947401e40d34
0e40222441f53e4f44d65a1d9daeb56728bf32423b097f603eb97974c5ae20bc
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
10c2328d1065ad0ef1d4a070046e51f7cae86bd3b9bca41ce3d97a6cd55d4d6c
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
12aca12da1419069c66943e2c663a4d3663893f390794a5753dd4f59d702e1c4
12b80afebecfe126bbe6b1c849ef5c8ff4e964bd63648ab97ec909c51dbe4a08
1337d72044445a757af75a931895293195b9295c45d661bc2acbff55e71da631
1391e7678292a56bd86c734b666fe1f2dcd94cd77eae307c9c54fc84f481961d
144399df59370710243e57f947d9b8e6616d8b3a9682b9c94b932377440988fc
1916f9c6bb1bc522f12781fb54fa235dee34f448fc0d0ab2a02b6e4ed7fedfa4
199aab1f505ae0a7a87a10b59b877973cc25158d1876d3dc42b911d4e5397afa
19e8d2c95500fa5dc82277ff23af527d9bfc8c176a19814f326a640da993a37f
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b0a74ab5b9a4555216e807e83a77fe3565b427d60a90ea89f393c2eb32e4fae
1bcc94e40f42e94375694b00d4f60d5eb609cfda21f7c64d58cb4a270823200f
1bf0cd18b33ed52070d9fa2b32b03ed0e9e755379ef5749434787cc57b879e42
1c278ea2be331870f751e2c3305e9768ba751704e4eb02c5ac0566bf23e09e24
1c68df31e23fcfe0ebd66e97db5d3131b0488efc4b7630f874cc8a7af9c04942
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1eda037ef70b5587c93b2677785521e8642e1e791cdcaebd5efa8647faf2b633
1f678bb141f19df947376b9c9e0a8e6c09e805bde309818494806b3e34b35a24
1f684e7448e781c0902c836d07607135ede6e753eff3bee27398e9eed12f2922
21627740d16f5b73472abd41baf9178397f7830e0cab7c7649b1c81c63aeaf52
22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
23569936dbb5eeaa2b8d3e2f7be862997eee6016d52a2c38f1911b3b9d04d029
24756b876398b3e3d60feedfd0532fbc3d8a694eb3eabd98823c3c3f9f633710
271978b06de1a969aabd38bdeb72771935f8cedee9b284af9d54328710983627
272164e5b3fb96e072257a2b6439d17a64d72018196ea36e8a73024c380dc9cf
283d4f9169dd0aac7250dc6d081546c6f3ddd01539ced43669ebb4cd46d9f03b
2905f6466b563cfab96451f14df6a914a6c09c2bdf1dc21914025c0017e24610
296e4fa6895898a2b00b59108fda4d3aa48f156ea7ee4627012b8580969af3ce
29b8090cafca06e888e190fcb20a1b955875ca2831cf4173f5a8947011077b1b
2bd19bd2be9603888ebf7bc41a35ba71fb7c9694836fb0325897adf0799696a0
2d4755be84cabf8fa2fd1f14615b211a13feab00e1e5ecab83fd290f3801c00d
2d5201030227927c56a4f24c21bf4f29c878c59213b6c4445dd3dd3830ac01c3
3151956f95a89491db0eeeeb4afaa2a654193ac0c55bc4b69f8754ba4fc113d0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3386e87428f91bca82f9d33873f36236604d4a642c1971f9b85f07634a0b3ad3
353d7fd9d1796f348c611b3915fb38d381b6bd5e4b473fa6d5a29a5fa8e455bf
3703ec6e13350ee859fef7a53fd215e202867ca9cb46bc781b8c4dbf97d61a8b
3af38920f67d0a508a858c8a8be3a84afd135acc2c1a5f70f6d9c998dee19528
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3fe625b4175d1c083f1a7a0e98c96dd046d17e406770e7e9183b765f54ef9d48
40c9c48954a862e96ee3c7994d6f4faf824430590163113af313a9133d6b91a0
424bbc80b68ae9a71c20ced5e51aa0d1e9a5cf5bfdd8dd4a2264ac403fc97db8
42f4ba58be3e1876ab594f318eba16df928408c6943532fb37197c55f7282bb4
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43cadce942acabefe0504bc562e87ca3df1d906f746d7d04359d4f2f27d86797
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
458526c1f7718b3b190a9d63f03f019fa10c15ad982eb21f83f91d6ce011c5a2
45ad770b839452a1f5a64e57052d2b7ea4f41e8d9bfe95507d085c3439f73609
4618c73b3cda93073557b27a3b8abd09750e3d720b9dbfd999aa49e9a0d13f38
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47f1e5908be88e33fff7ed5e8684786b914edfe5c39d324c4a78d535e78436e5
495b635917ddb18ecc916e44fd62f6ca1a22ddcb0f9342317ffe2c057faa7fd2
49af6cdffc2db24d164247d5e492b06efc0e06685bdedb1dd7f40f0133601f07
4bceeaaba5739f18a63cfb97224bd42429ba93c567b8cb6d4b7675cddfed56bf
4d835b6fdb5367f066ee30c9de6f63f1922e479484f393c17a6225b146dad0f8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6840bf0c0b9cd71ce1fea1f39d28608adaa9be98b61c31ad63a0a0d2e847a7
4f9149f4e24d48e006d4d809200ecb9f82787d08ae06a2055288cb1f30a1b390
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53de6b3616f57459d3f1b898926fb83eafca2116a34feae66a807ea244291e8c
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562fef89fc63fbd370e23d39b0d0157743c9f038c7ea294ebffb92f4e45faa58
593b388162285cb27618bdfe687b1088d190066117a8f88e841055b071e0473f
5a8cbd668a880022eb988a4919371ab3f3c2b7cb235d20e8eb2da9687b293292
5c04ced22a2ca15c8da72dec1fc67a0c2f926e9ac5f9b8f14b6d0da873cfa087
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626127d718174de7439efdeecc895b8736309a97c182a4669a3c7777b9046eae
6564cf5331df3f668b2a78e790bac2837673ca5a33979c8397fa9288be9cfa1f
658c16ac199a42cd86d76bc52ac50bc7068f454c0cca785527258a5de8a40b1f
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66669a175c1a9f1c8424abeaa084e340b621abb65c375e117b21a164e76d9acc
672cad7677095651c6240ced97dfd1fcdd9e727b29c07215e5f84e2bb5507f16
67d85036082d2e4bf780be7355c8687e9a529edc5d360ab683846e04ba3f8aeb
69cd6d91d3e2140f0a646191845d4ed59044df39c7a57928a837d6c30408356c
6ab9282c1d4951e7e47bbf6dba48cf6544ab369d0bc40f4dc4f8c6c78e88dd8a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c01f8b138e3f7110a33606de5e2758d5fecb58e114be771b96fffa3bbd48bbe
6e7510f66c1399bed56e18219b3000870133b49160e5a69a3e5b86f6e319bec1
70a76349d0357c724727ea5a2f2a52ec8a6049f6513494e782b8cbe1e5167aa0
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
70e339a1a220298dd1d9c6a69bbb3e3f7e2b4e655c85da9f127cb21a699f99d8
71cedce3e82185a1b5ffe23f4b4b2ae2f32b26c7616719ab631731d520881b8a
725da4d6cda7cb833a2a19de66b994232bb9f3c8f6395723a3476ffe96595ea5
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
735bc3916521ddfa28c85c797e390425b2722a5ef808d2b395f94d387a2355ea
7368b808366157c04aa433a1e913bcf2e07584dbf09a3578b3278b24afcbc197
76801411a7fcb3fcc6b272efec30ae1023f94390f86fa9a680fb0d69c446d262
7950af3915c459daf37035aaa17a418bb9efdbbeeaeaa5cc3caa47ffab0cb6fa
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e28625c9340698b7968ba0cb1642f8db7a941ba0c07198bdcf7846f56ea5c99
7e7f5571090a7d24bc8661d913ced7b94415f8ec74c111c1e08e4127cde1fc79
7f0a8c8b84ce6c093d5c508af54430d5b6471eb17d2675c8b2a3a64071a22bba
7f8752a035e1737a120e46720e49bca2019a5a75fb6c23b3a783fb81cd2b080a
8010866339301bd2aca91222fac7a7c1104f22c68c7fffa07093de879bf45086
80d9eee404d64277aedda2b2f4e24e6b45e49cd1fc84d5d0750d20135dee4241
81068fb734cb88bc81ced98858b897af334155aa2dbbeea89a82a3fb2037abae
821b5ea3bad8371ee991b1347a507ca208deaca7cffa778fa1db64b8fc17f1b9
82f52a6ce9f7bf392d9889d417a35d48ca4f1309b1034cfb7be0bfeb19e6d6de
83e0e5e4f8646842462731bc12190017d01069779b84f93508159933a6700b4b
84d332ddc3d18693cb9bbf81ae74643f091a6a96b92025578c9f5091aa232a6b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85297a9778e3138e5c9393984e9a5fc6dbce360e5017087bfe160c67ed2462af
8612cda75121d16330a454458c073c53e3699308f447b08f61933ef607d63046
86a4b489e0bbf5146a92912a33b0d7ed8e9ac2f60b15ab634c6519210b386f83
86c4b6c92752f01e526244a3b1f0faa63efe5d1cfceaec8b73025ff297732459
885d5f1e627910e9354399d09de78dd403a7bea36da7dd0b4714f2b4c150edf7
887ddeed83642fc140e512d4d9f75cd9c131cb7f0e119a46130707b9665b8175
8ab4dfac396e2c38b1fb2427460844c36f41702cdb9420ecb8c1dfccaeccf718
8dcc1beab58e7315392e4371eaf02041138288ab7b329fa2403894f60e5f65f4
8ebd4a6545e73a284ad171023dd514da625fcd042198001d8e8cd4cee3405067
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f73ee25f1e4d10d523c6ef63e6c1489133c255154ab4ebcb72301875ae6c967
907023d33b2ef9e33a264bf2953227d8b49cbc7de512c9a0afa280445cf29d56
909946ff3314939eb3752c37307b758308a8406065159ceeba22f04c23c51955
925484a7a64b0dbeeeb8bc856c5f4f29feae9fbe37a5720fb443042155c81f4c
9255fe86dd1cd2a0ef2dce455e7a663b9b5b5026c3d0e296572d22f16772df07
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
9ef45f12c8c70e0efce63fc8c0d0f0ea366521da05593a6445b82a9b1e7ae917
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a16b602ce6b9b987264243eae3cf8b19d7dcd2926109b3d62ea13c485ff5eee4
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a2733d5e431d0259163ae20d5f0afb1ab5e4d5e902a9ba83d41bcfbcc3992115
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a304656a72824bbbdf07e873f2329ebd93e02067922fc96a179a3d94d06a373b
a3925fdb4751fff78d83e4bd8ede7f9a300709648c26a400adf88720a6e17427
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6ba4db3da98fc64d9def424dd8489edbaafc56a3e7dc8db4718b7837949ee03
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
a874b0005f6f27f9d8bef432e068e1ed4d2127321c3914fb34b2e0dd344bb030
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa0a295660f159606aaf184459c2efdce0b9674411905b0884707cce4ce23234
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ae4075c4e83f599bbdfa3a828e7dc15ec01a5b53fd42dcdf52af5a94de30c996
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b07db8d620a459e39f88f2a9b4724a11a9ef239ceff51172dd08bb95738f7e6e
b30a21aad22a9db28ba44ddfef0af1dec4c663961d4127dacfcf8166ff0051c2
b41894ad5e25c24318be493eef3df7dc33dde3b2ed812da784a2f0690db02c92
b47ec721017e692a55cea350222c082fe654f140a289ba22b932806350ad4346
b5697a11d7cc526d59877917cde1fbb821413cd68bd7b524ef9072cb42e8b424
b5fea2e45d2e706a2d1b8fb470e7e0aa9142fad12991e6e2fc253a2d7e72743e
b641afa760ea3bc0b6f19a5a026fd6ada46f07c81e90a3ceaad28a778c8a99d8
b6a35a35ba46e8b654a213ea4b8c8685e159595fa4079fe7429f91d74773f551
b716c3d7545a8a20db69a21448756b6d1077216f33e81a3b368cb8baaa45983a
b7236bd500664abebb9ef037ef82c949b1def11ca832d5175aa41c69cbe6ebe7
b74daa6d5f7db3405e43b0b0e0e6068ff875a220c2d6943f3b5b70cc572fbf89
b8c7d4bc0da6b75225e4aae9abb706589379625c0126acafc1c3ae0437146068
ba654a83ccab37cf522981a96580a63594cc1a42259174ad44bab531aa1ac81e
bac67162d7b1c88b4a9ddbc85e83f309b7fb8a8a5a98733b2c049c3f6a97d87b
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd65fb40e4055627f49df4e991bf4f54e3607c2a7baafa17b485c3a0f32051e3
be1d9056f4c874d8e738deb22168e69bcf186b3ff1a795d53a84cf360e27845f
bfc4a082238c7c4304d0a8fcf6038061ac3bb3ac9defceddb43048c1ad7e8a8e
bfeb3c3e9e661b99fd8635e460ed861d3d71f5e47404a563561c738c34ac5503
c05c72951798046e6c0392640bf868f1ef1c0c29301ad59ab72e0e29468fd65e
c20330c1a308d4735499bbbcefe2759902938cddc458a5509138914883ba8d87
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c50ffbb0d5049173748e6468980ae6811d8c7effecb8c7428984ea00734545fa
c562ac1e333810fb5f9ae057ae04a344a93223e5a48e8a1d1a3b2ec45230eebf
c5b400cfa880c8f417e22d843197e6e0212a410e5cb7a7ed7b7fe2f51edf0e5c
c81781599a43a0e41bd387db119a171955c363000fa4eaf371a0ac6b18a64d8b
c8cdc80bcc7e8f046889f36c7a6fb85939969429b33937f122eb8db920e768c2
c9489d9fe1f113fcfc3ef61c73c0a747aff8b18a68550303ca058d9be4bc9b62
ca04a6a32011195e99b4c9369301de5deef66c7cf9644b679eeaa80cc27be1bf
cc7029afe33654ed250644d8dfa2daa4ab0549731816980ab4733d92b86b1fca
cd7415ef41b21effad801867f8fc8dab7eb264c016698a21f0ebfcae09e35999
cd74787a174b19486c5da3545559e2530e7a6232b94f7eccd0b8c9cef91d710e
ceb65936377e2e9412f4a49e555ea2119b82bee7bbb3d1ec2e21db3f98cae065
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
d1e6375058725bb7a4521f1494ba3299c9747446c3f6917b3a192486ab58a9d5
d20048a3cf773079d8450c15a53fec50b9a2f09555504c3e492410947c6785ee
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d827b7092b85194c337e4b55387a576f74ce467cb231362d23bf136bebef2e50
d92f2d3f9c6dbf5571b787b387034f121fa55b4b22c66ae057531b4a038b20de
db6a3fdf38dab07e0ccee2a304d9c643d3c0cac0ff9389ff655a062471c575b5
dda61b68eaef0f31272b7d933a3bfb9ee8772ebdc28cb890df5c5db28ed5fd34
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de51cd9a052d8ff4610f6ad2fe09279f93ef91601aa866d0861f876af95f69f0
df0d3f5eed86511fa9135f21cbee65b08c1efc23fea10175b0f2db4bca19b670
df892305dea13b6b04c0e8c01a3c328029b79260146bdd2b0d3163b6c38153cf
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e1e8a80972e041b44eea9ad1d77c172c8ed760747fb7abd247353e3a318b6fe8
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d15550fc858ce1ab5f0189216ba3d71c0ba5790019c88c9a1c9c5c43aedce4
e59c79c198476d8b48b3292805b2c97f96b737328d956158e52109766f64ad3d
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a
e962317ea541ed763331c2e08b77d56dfa1fefd234bc6e4de9c1f3b356f9ed36
e98eed857ed56ed41f03f9b1fc2ad6e2ed0378f0f75c2b57a54880318e88b50b
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec92722d63a22a3508a4c7128d76ecce3c19ea2b4696b128cc468dd96c11e9df
ecca83e1c4d9a1de89b4afec8843dce564b8c3f5061aefb451818a3318e5b9ed
ecdbf9b9d351f5f5fadd54fc1713931a02fab5dbe76698b5fedc240a0d727ca4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3af96033af461e5864f6029b54f0507db886d11d615e480a6038d078fb22df
f0e0f85d2239bedc9d11a77ca7b647cca281ea1be72731f5239ea482c828f01a
f0e55db35d3396494019102a8d1413a0740e848e07070cd213a6930aae984449
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f6d2dc3610fc4fe554b7636495eff8927a3fb930ba7142696b998c5477f601e2
f786379a23ccc3bd7bd84111b2b2237a7e759ad40fb0628214b292119bac4779
f7cec4cd8f2b83766b6c8c4bd514186c5e23e96e6d327546ff7ac2c80bfc02c2
f96ac4bfbe8f38c87b6a1cb17ae97e9740d9020992c58250d170505e705e54b6
f9b23d992cf498a5fafa39d0142162a99528d0e74cabe33ce911d0c33efcd8ba
fa1187480d177518f552c5c1f03f5cecf8e2e43cf3defd3a53bf19a708723122
fa485276ccd9bbd861a9d707b03419cb2a18726495e7d5e0e5b3550a51cc74fc
fbc4a71d0ca91032f343240368da69e09f27dcad66dac8580ef4c396eea9a67f
fdbb17d7117737eacfc3f1ae776596878488229b2e7fc16268e2437b22205935