ntt.inews.id Open in urlscan Pro
2600:9000:218f:7600:1:b1a4:2f40:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://inewsntt.id/
Effective URL:
https://ntt.inews.id/?utm_source=inewsntt
Submission: On October 22 via api (October 22nd 2022, 1:05:52 am UTC) from US — Scanned from NL

Summary HTTP 306 Redirects Links 204 Behaviour Indicators

Summary

This website contacted 60 IPs in 7 countries across 41 domains to perform 306 HTTP transactions. The main IP is 2600:9000:218f:7600:1:b1a4:2f40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is ntt.inews.id.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 22nd 2021. Valid for: a year.

This is the only time ntt.inews.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:218... 2600:9000:218f:7600:1:b1a4:2f40:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
30	2600:9000:225... 2600:9000:2250:4200:c:4bf0:5680:93a1	16509 (AMAZON-02) (AMAZON-02)
43	2600:9000:225... 2600:9000:225e:8e00:c:5e3e:d280:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1 2	2a03:2880:f21... 2a03:2880:f21c:81e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
13	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 5	13.32.121.72 13.32.121.72	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	216.139.248.131 216.139.248.131	32400 (HWSERVICE...) (HWSERVICES-32400)
13	2600:9000:249... 2600:9000:2491:5200:f:e29d:1c40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
11	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	88.221.168.201 88.221.168.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	64.185.181.185 64.185.181.185	40009 (BITGRAVITY) (BITGRAVITY)
4	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
18	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
23	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2600:9000:239... 2600:9000:2394:4a00:9:965a:8240:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	54.76.69.59 54.76.69.59	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
7	79.133.177.229 79.133.177.229	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
14	2600:9000:223... 2600:9000:223f:a000:11:320f:7780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:a80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223e:3e00:e:c3de:61c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223e:8600:1f:4c6b:cc00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1d64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:206... 2600:9000:206f:c800:1f:824e:58c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:5200:1c:7874:a680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2491:7400:15:c3e:78c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	202.147.193.156 202.147.193.156	17670 (MNCKABELM...) (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom)
1	79.133.177.230 79.133.177.230	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
6	116.204.249.112 116.204.249.112	() ()
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	108.138.17.30 108.138.17.30	16509 (AMAZON-02) (AMAZON-02)
2	18.66.122.101 18.66.122.101	16509 (AMAZON-02) (AMAZON-02)
2	35.83.35.236 35.83.35.236	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
306	60

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

inewsntt.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:218f:7600:1:b1a4:2f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

ntt.inews.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2600:9000:2250:4200:c:4bf0:5680:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.inews.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2600:9000:225e:8e00:c:5e3e:d280:93a1 (United States)

ASN16509 (AMAZON-02, US)

img.inews.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f21c:81e5:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.121.72 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.139.248.131 (United States)

ASN32400 (HWSERVICES-32400, US)
PTR: 216-139-248-131.aus.us.siteprotect.com

hbs.ph.affinity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:2491:5200:f:e29d:1c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

sindikasi.inews.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3aac9ca2367975ff7a2046697ca2f490.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.185.181.185 (United States)

ASN40009 (BITGRAVITY, US)
PTR: pc-b-d.bitgravity.com

cdn4-hbs.affinitymatrix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2394:4a00:9:965a:8240:93a1 (United States)

ASN16509 (AMAZON-02, US)

sindikasi.okezone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.69.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-69-59.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 79.133.177.229 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

www.rctiplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.mncnow.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:223f:a000:11:320f:7780:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.okezone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a80 (United States)

ASN13335 (CLOUDFLARENET, US)

img.sportstars.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:3e00:e:c3de:61c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.mnctrijaya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:8600:1f:4c6b:cc00:93a1 (United States)

ASN16509 (AMAZON-02, US)

pict.sindonews.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1d64 (United States)

ASN13335 (CLOUDFLARENET, US)

img.celebrities.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:c800:1f:824e:58c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

img.okezone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:5200:1c:7874:a680:93a1 (United States)

ASN16509 (AMAZON-02, US)

i.buddyku.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:7400:15:c3e:78c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

img.idxchannel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 202.147.193.156 (Jakarta, Indonesia)

ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID)
PTR: ip-193-156.mncplaymedia.com

www.visionplus.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cluster-images.visionplus.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.133.177.230 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

static.rctiplus.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 116.204.249.112 (None, )

ASN- ()

rm.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.rctiplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.17.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-30.fra56.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-101.fra60.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.83.35.236 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-83-35-236.us-west-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	inews.co.id static.inews.co.id — Cisco Umbrella Rank: 342229 img.inews.co.id — Cisco Umbrella Rank: 120037	956 KB
40	criteo.net static.criteo.net — Cisco Umbrella Rank: 680 csm.eu.criteo.net — Cisco Umbrella Rank: 8166 pix.eu.criteo.net — Cisco Umbrella Rank: 8015	337 KB
34	googlesyndication.com 7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 147 pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 3aac9ca2367975ff7a2046697ca2f490.safeframe.googlesyndication.com	203 KB
18	okezone.com sindikasi.okezone.com — Cisco Umbrella Rank: 153415 cdn.okezone.com — Cisco Umbrella Rank: 148133 img.okezone.com — Cisco Umbrella Rank: 140161	468 KB
17	inews.id ntt.inews.id sindikasi.inews.id — Cisco Umbrella Rank: 412404	72 KB
15	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	312 KB
13	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2786 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14559 ads.eu.criteo.com — Cisco Umbrella Rank: 7867 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12901 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9829	110 KB
12	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32 region1.google-analytics.com — Cisco Umbrella Rank: 2668	103 KB
9	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
7	visionplus.id www.visionplus.id — Cisco Umbrella Rank: 155519 cluster-images.visionplus.id — Cisco Umbrella Rank: 193588	73 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	354 KB
6	mncnow.id static.mncnow.id — Cisco Umbrella Rank: 168485	228 KB
6	rm.id rm.id	253 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 156	5 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	213 KB
4	alexametrics.com certify-js.alexametrics.com — Cisco Umbrella Rank: 10759 certify.alexametrics.com — Cisco Umbrella Rank: 6052	10 KB
4	google.nl adservice.google.nl — Cisco Umbrella Rank: 14180 www.google.nl — Cisco Umbrella Rank: 8898	1 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 731 syndication.twitter.com — Cisco Umbrella Rank: 1061	133 KB
2	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	95 B
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 801	40 KB
2	rctiplus.com www.rctiplus.com — Cisco Umbrella Rank: 134239 analytics.rctiplus.com — Cisco Umbrella Rank: 185409	7 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 ajax.googleapis.com — Cisco Umbrella Rank: 306	32 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 216	9 KB
2	affinitymatrix.com cdn4-hbs.affinitymatrix.com — Cisco Umbrella Rank: 39341	121 KB
2	affinity.com hbs.ph.affinity.com — Cisco Umbrella Rank: 42804	20 KB
2	instagram.com 1 redirects www.instagram.com — Cisco Umbrella Rank: 1283	5 KB
1	rctiplus.id static.rctiplus.id — Cisco Umbrella Rank: 136491	11 KB
1	idxchannel.com img.idxchannel.com — Cisco Umbrella Rank: 185766	26 KB
1	buddyku.id i.buddyku.id — Cisco Umbrella Rank: 744799	905 KB
1	celebrities.id img.celebrities.id — Cisco Umbrella Rank: 140997	54 KB
1	sindonews.net pict.sindonews.net — Cisco Umbrella Rank: 39285	18 KB
1	mnctrijaya.com www.mnctrijaya.com — Cisco Umbrella Rank: 235354	44 KB
1	sportstars.id img.sportstars.id — Cisco Umbrella Rank: 202163	34 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 356	388 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1481	335 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 471	622 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 394	1 KB
1	gstatic.com fonts.gstatic.com	31 KB
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 495	97 KB
1	inewsntt.id 1 redirects inewsntt.id	712 B
0	rlcdn.com Failed api.rlcdn.com Failed
306	41

	Domain	Requested by
43	img.inews.co.id	ntt.inews.id static.inews.co.id
30	static.inews.co.id	ntt.inews.id static.inews.co.id
23	static.criteo.net	ads.eu.criteo.com
18	tpc.googlesyndication.com	7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
14	cdn.okezone.com	sindikasi.okezone.com cdn.okezone.com
13	sindikasi.inews.id	static.inews.co.id
11	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
11	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
11	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net ntt.inews.id www.visionplus.id
9	pix.eu.criteo.net	ads.eu.criteo.com
8	csm.eu.criteo.net	ads.eu.criteo.com
7	www.google.com	7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com ntt.inews.id tpc.googlesyndication.com securepubads.g.doubleclick.net
7	www.googletagmanager.com	ntt.inews.id www.googletagmanager.com www.rctiplus.com www.visionplus.id
6	static.mncnow.id	www.visionplus.id
6	rm.id	www.rctiplus.com
6	www.visionplus.id	static.inews.co.id www.visionplus.id
5	sb.scorecardresearch.com	1 redirects ntt.inews.id www.visionplus.id
5	www.googletagservices.com	ntt.inews.id 7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4	stats.g.doubleclick.net	www.google-analytics.com
4	7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	ntt.inews.id	static.inews.co.id
3	sindikasi.okezone.com	static.inews.co.id
3	cat.nl.eu.criteo.com	ads.eu.criteo.com
3	ads.eu.criteo.com	7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com
2	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.rctiplus.com certify-js.alexametrics.com
2	certify.alexametrics.com	www.rctiplus.com www.visionplus.id
2	certify-js.alexametrics.com	ntt.inews.id www.visionplus.id
2	unpkg.com	1 redirects sindikasi.okezone.com
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	www.google.nl	ntt.inews.id
2	rtb.nl.eu.criteo.com	ntt.inews.id
2	cdn4-hbs.affinitymatrix.com	hbs.ph.affinity.com
2	mug.criteo.com	ntt.inews.id
2	gum.criteo.com	1 redirects
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.nl	securepubads.g.doubleclick.net
2	hbs.ph.affinity.com	ntt.inews.id cdn4-hbs.affinitymatrix.com
2	www.instagram.com	1 redirects ntt.inews.id
2	platform.twitter.com	ntt.inews.id platform.twitter.com
1	3aac9ca2367975ff7a2046697ca2f490.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cluster-images.visionplus.id	www.visionplus.id
1	ajax.googleapis.com	www.visionplus.id
1	analytics.rctiplus.com	www.rctiplus.com
1	static.rctiplus.id	www.rctiplus.com
1	img.idxchannel.com	sindikasi.okezone.com
1	i.buddyku.id	sindikasi.okezone.com
1	img.okezone.com	sindikasi.okezone.com
1	img.celebrities.id	sindikasi.okezone.com
1	pict.sindonews.net	sindikasi.okezone.com
1	www.mnctrijaya.com	sindikasi.okezone.com
1	img.sportstars.id	sindikasi.okezone.com
1	www.rctiplus.com	static.inews.co.id
1	match.adsrvr.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	id5-sync.com	ads.pubmatic.com
1	cdn.jsdelivr.net	cdn4-hbs.affinitymatrix.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	cdnjs.cloudflare.com
1	rtb.fr.eu.criteo.com	ntt.inews.id
1	region1.google-analytics.com	www.googletagmanager.com
1	ads.pubmatic.com	ntt.inews.id
1	syndication.twitter.com	platform.twitter.com
1	inewsntt.id	1 redirects
0	api.rlcdn.com Failed	ads.pubmatic.com
306	64

This site contains links to these domains. Also see Links.

Domain
www.inews.id
aceh.inews.id
sumut.inews.id
sumsel.inews.id
jabar.inews.id
jateng.inews.id
yogya.inews.id
jatim.inews.id
bali.inews.id
kalbar.inews.id
sulsel.inews.id
babel.inews.id
regional.inews.id
lampung.inews.id
maluku.inews.id
papua.inews.id
sumbar.inews.id
ntb.inews.id
sulut.inews.id
kalteng.inews.id
kalsel.inews.id
kaltim.inews.id
tv.inews.id
www.okezone.com
www.idxchannel.com
www.celebrities.id
www.buddyku.com
www.sindonews.com
www.sportstars.id
koran-sindo.com
www.rctiplus.com
motionpay.id
aladinmall.misteraladin.com
www.roov.id
emshop.id
www.visionplus.id
www.mnc-insurance.com
www.motiontrade.id
motionbanking.id
www.misteraladin.com
acehutara.inews.id
asahanraya.inews.id
batam.inews.id
bengkuluutara.inews.id
deliraya.inews.id
dumai.inews.id
jambi.inews.id
kutaraja.inews.id
lamsel.inews.id
lintasbabel.inews.id
lhokseumawe.inews.id
madina.inews.id
medan.inews.id
palembang.inews.id
pekanbaru.inews.id
portalaceh.inews.id
pringsewu.inews.id
riau.inews.id
siantar.inews.id
waykanan.inews.id
badung.inews.id
bandungraya.inews.id
banten.inews.id
batu.inews.id
bekasi.inews.id
blitar.inews.id
bogor.inews.id
bojonegoro.inews.id
bondowoso.inews.id
boyolali.inews.id
brebes.inews.id
ciamisraya.inews.id
cianjur.inews.id
cilacap.inews.id
cilegon.inews.id
cirebon.inews.id
demak.inews.id
depok.inews.id
garut.inews.id
gresik.inews.id
indramayu.inews.id
jatenginfo.inews.id
jember.inews.id
joglosemar.inews.id
karanganyar.inews.id
karawang.inews.id
kediri.inews.id
kuningan.inews.id
lamongan.inews.id
madiun.inews.id
malang.inews.id
mojokerto.inews.id
muria.inews.id
ngawi.inews.id
pandeglang.inews.id
pangandaran.inews.id
pantura.inews.id
pasuruan.inews.id
pemalang.inews.id
ponorogo.inews.id
probolinggo.inews.id
purwakarta.inews.id
purwokerto.inews.id
salatiga.inews.id
semarang.inews.id
serpong.inews.id
sidoarjo.inews.id
soloraya.inews.id
sragen.inews.id
subang.inews.id
sukabumi.inews.id
surabaya.inews.id
tangsel.inews.id
tasikmalaya.inews.id
tegal.inews.id
temanggung.inews.id
tuban.inews.id
tulungagung.inews.id
baritoinfo.inews.id
balikpapan.inews.id
kobar.inews.id
kutai.inews.id
samarinda.inews.id
celebes.inews.id
kendari.inews.id
lutra.inews.id
manado.inews.id
palopo.inews.id
palu.inews.id
parepare.inews.id
polman.inews.id
toraja.inews.id
sorongraya.inews.id
alor.inews.id
belu.inews.id
bima.inews.id
flores.inews.id
lombok.inews.id
mataram.inews.id
sumba.inews.id
ternate.inews.id
ttu.inews.id
kemkes.go.id
www.jobsmnc.co.id
www.mncgroup.com
www.mncpeduli.org
www.instagram.com
www.facebook.com
twitter.com
www.youtube.com
www.tiktok.com

Subject Issuer	Validity	Valid
*.inews.id Sectigo RSA Domain Validation Secure Server CA	`2021-12-22` - `2022-12-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.inews.co.id Sectigo RSA Domain Validation Secure Server CA	`2022-06-28` - `2023-06-28`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.ph.affinity.com Go Daddy Secure Certificate Authority - G2	`2022-04-08` - `2023-05-10`	a year	crt.sh
*.google.nl GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-01` - `2023-10-01`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.affinitymatrix.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-27` - `2022-12-29`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-21` - `2022-11-23`	3 months	crt.sh
*.okezone.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-30` - `2023-09-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.rctiplus.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-24` - `2023-08-24`	a year	crt.sh
*.sportstars.id RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-04-28` - `2023-04-28`	a year	crt.sh
mnctrijaya.com Amazon	`2022-10-11` - `2023-11-10`	a year	crt.sh
*.sindonews.net RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-02-27` - `2023-03-30`	a year	crt.sh
*.celebrities.id Sectigo RSA Domain Validation Secure Server CA	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.buddyku.id Sectigo RSA Domain Validation Secure Server CA	`2022-08-22` - `2023-09-02`	a year	crt.sh
*.idxchannel.com AlphaSSL CA - SHA256 - G2	`2022-06-08` - `2023-07-10`	a year	crt.sh
*.visionplus.id RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-11-30` - `2022-11-29`	a year	crt.sh
*.rctiplus.id RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-29` - `2023-08-29`	a year	crt.sh
www.rm.id GlobalSign RSA OV SSL CA 2018	`2022-05-09` - `2023-06-10`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2022-05-30` - `2023-06-27`	a year	crt.sh
certify.alexametrics.com Amazon	`2022-05-30` - `2023-06-28`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2022-09-13` - `2023-10-12`	a year	crt.sh
*.mncnow.id RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-11-19` - `2022-11-18`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://ntt.inews.id/?utm_source=inewsntt
Frame ID: 86DB98C7B27605F650AFAA529A1BCEDE
Requests: 129 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fntt.inews.id
Frame ID: 36761584F6920A15F2DDA65D18CE5AA0
Requests: 2 HTTP requests in this frame

Frame: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 40314827CA9300A6B3D6803B59CB77CE
Requests: 1 HTTP requests in this frame

Frame: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BC8CC24FDA92B54659614A929954F5BE
Requests: 10 HTTP requests in this frame

Frame: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6FEEA16D704DC4927DE51C02217CB48D
Requests: 9 HTTP requests in this frame

Frame: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 98A38C78CFBE8147C851DF2C983F1578
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1NB6AAEJtEK4HbDAAKLc2uONnC9f56St1aqtw&u=%7CMlr4B4FuYy7Bu%2FxBL9B%2FtY8Csz35J9vKFbsqtfu3FF0%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7JvP7Dm--2WQz0kNoXpvmfQhgfJXasdzCK-Q77BHxp9q9pJjDQa7PaEpYWmtP7eXz_BMX8tOIxPfeMnlhRePrlItZ3hQpaDDgdj3CmW1hohawgN8cfwx_4qMDyZTOoD0rhfRW_UnxtAmbyIn4H0XOGfv8AbXSlm0i7mIll6Oz4mypo0Xo-BfKrxvHN-IE3hmbAhI1BGXPBIcYJ-aEsm0NqIZPvo4TW5tArV8SfRtj7AXI6GmswPIZOqVEkD9oqLExFMCNZOQI3RUJYaaj5H9YtstDBSMzewj6Ml0btsIlR2eFquNhLze9hdKuvhMzVyJwKtFTTP61gWv-AFqlACM5xPpd9rH0PJBLirLATs1i7qu-CmT6jpPbj9Gkt-xYbxDhexQbY_ZdpEvT2obJYWnnKfV5xO682aKwTpXjohoXeAz1_AcftEbgnMg0hg3yvSkNY6IpXAd79EOMynAvpHIO-BoTteq4F_mxemDmRIwiRnSQrMPfxzfRoPdsAb9m2vCAX6KTYGZvToQmF0vW509Lh9NcU-DqS7oBpntW9Ys7NOwRqDPzmVh1U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7UNe6EFTY9HNEMPtgQfzloqACMme0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItODMwNzU5ODIwODAxNjYxOcgBCakC39KZasmEsD7gAgCoAwGqBM8BT9CM-oQoTFK7zjq4OT6ZXVlhcephTP4RxccLgsa-dKpZeQ0LO3sUbuMUX4lwhU3rlC7DPg97wFBy2cXJ3hbzFqTGVZl20HeGCbndrG9D7qTW3gE2LOrFav9yhqz1JJZa2EINcNSgYW4LzfJ0PYy9xEJKoVYFuf6gJ2wBLMQcrWy2xwHw1gPd01-gVwByKttnuBecHTzgLecNdfLUj_WqmgCMPMQGbSCBEPGR-BEZUrYZ3i7CUPwdVXrsdDLZyiY6wYzrqnVcmXYfOXxmi5_54AQBgAanz52npq_QkkmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_00Q5ido4-wKtBoeUtFCk13IbaBCA%26client%3Dca-pub-8307598208016619%26adurl%3D
Frame ID: 67D9E63E17F1D9A433E079927FC77A2F
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1NB6AAEJtIK4HbDAAKLc5tnx9u_f-tKflowNg&u=%7CMlr4B4FuYy5lU4eF57in%2BX5Xz779dueiaGIOkVzKtL4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTEBrWaUcMEzDEPcMYO5KXKKokDOS3mrbr6Es9r_IKxreF0UgY4P7dGelGz72T9HjAfMMR9QmcbjsQL9jQib5C7S87F5Dg5aml5NVGHPCAluZBfyq9gunbKC-7cN4vZ9Xoz28y-Bh32t2PbsfhbkFJYr2PKjzerZRKYuT5YZsEEhy3G_M12DCWwOEr58M52I9vhTO6m9nL6kTeW3MlhdRWUDChG94CaxBj9UYMFrPzqfmmySAO0iacSZ6SGmflYJq5kVkxzUfDSKRT3NcNRxa6ZkUdD_02MBV2uqwsRBhJqT1Aw1gOz0wXGiL67EcAVuEZTacVlbSoZFPX51WITTd9KMmJ70IEBFjs76xVMAr3wv3xvf6mtNea5yKWRgihyidijOrJMbtuOSY_P4ZN7jMY0Eiki4pD1JOE6dSk0fE6jWItNASSXubVgflg0NnjLhFqfiYMYpRi6ErofCPvRwahcR3ZxSENlMz9UUXPCvLIMvHQ9pJthLsX24FSOOQj-k_50d2YJ4f_Fz0JlS6fHYbwEcIE9OQgJAE8Uc37nBmTmw-GdH2ObZG1uw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSXmh6EFTY9LNEMPtgQfzloqACMme0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItODMwNzU5ODIwODAxNjYxOcgBCakC39KZasmEsD7gAgCoAwGqBNIBT9BDBo9YYerU_xVn-w3J8VmFK7rNALkZRP4ALvTWU7ZvYjtHuFPQlaFXL85lpw1s3zxtj3zdIgQINHNERM6olXsWhQSdBRL_KVJ2UviUl9X7ImrFGh4BqayJNjycSYlskaXP_fZGtimUcTCPWbYlJ79AxyQIVbpqlDtY8bbauGq8oTviAW2YmD8YIESS594IJzj-tRPDeiPaMeKe1uXoH0aNcABdA6X-XiDDFSq_gwsiD6LCjMaIxYwzOCMDrDruT7TvVOeeoZApetUVCCqEtDpb4AQBgAb5rrfX0K_i4JQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_30f7xbbEfZagbnotBXWcH5iJvr4w%26client%3Dca-pub-8307598208016619%26adurl%3D
Frame ID: 4DBEA139FF0A7E0AA412E9B46ECC217C
Requests: 18 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1NB6AAEJtQK4HbDAAKLc_IguVjkcmGXykcLeA&u=%7CMlr4B4FuYy4uSWFA74OOUL2LA7Pd8t%2F2jHN3PChFHCA%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N4nNlBVGgvJ_VoK3WgXPD8uK4p8u7_zm06fpz5T5hbmiHBNBT664Yh4yklKi4Udp8gdnPJKpXICeXBR4Nzw40-7tTGUiiRwVCHpbQVGexvvZENPwd3mXihGlw7X8arpMjzxcUPrFETexl7tebN_NsWL-NzE54TbHVH5cymsEXyG263oEufNQLEKUOaCH2Rfl9oyN3nJ01QvmJAt_gnJUsrK3zc1o2voJM4TMLbPFT5EDlq_aKstv8O03Q0fLzZHxL39RfxuXsGiJTagA8yVj8OQoyR3F6DxFrFpZVPS_lCxmIB5v6TIWuRtpQKTV-e6bjRgxTZ5_EHpAm1jT4tRTqVd9s8FEd7Cx-hanMAg6ms_hueJF_kopUtlHINa6sLPAvELLOsjTmrSVjeuxfWk_LGVRWniKMUfexb2m2x6_W8wZqzS08kxebEdzkK7_gAsne-H1EGGifS1I8ubBx5zxvGTSVvPC7l0wxZs7APhvQdi1kumPtHFmBvbBp2ll6bHoJk_K5zGG9TV6WeWVt1fr_jSVnRpwXUCBRjHRFSS__0RPSTEqjWxynDw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFc406EFTY9TNEMPtgQfzloqACMme0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItODMwNzU5ODIwODAxNjYxOcgBCakC39KZasmEsD7gAgCoAwGqBNUBT9CwXWUu6KkpjBcBoP1S1vjiT_herJmsN5v-8x7gJeWN9gTAl7ZzZ0WQrbkDHLvCpVRbnJYG8xNcVplGht2cZVGmGtnT9JKY-vx-LCo5K_xC0ueyXSeSYLSwwtdnEbfRjQO_Izdy350u0qQL5gTtemGPTUm0rBIKwI777b31STfyB6XCadxQHHSr9roKXPbGq_XweS10C_aS17JVuCv96vJjB1ZhjMh-fQLjFmxi3XkRAOcyxnDbVyWl7ZoQQxw0s9UGZOAt3nsslLIjPMIRxnATPJx04AQBgAa1xMLl_LuA27QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1k-D1hn5VWDKhOmJHdNvJfIhNDgw%26client%3Dca-pub-8307598208016619%26adurl%3D
Frame ID: D77349566288FB802BEB3FE6039E411C
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CE2A52EC61169898FE1BA38304794CB8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3DAF3273A778DC703425C3F867C1D672
Requests: 2 HTTP requests in this frame

Frame: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Frame ID: 0C63F5E2CE840A22E8C0219A02F2F497
Requests: 23 HTTP requests in this frame

Frame: https://www.rctiplus.com/global/3051323/survei-lsi-80-persen-lebih-warga-dki-puas-dengan-kinerja-anies?1666400745296
Frame ID: F96F713B42EF83FE54B2CCA63AE23DD6
Requests: 15 HTTP requests in this frame

Frame: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619
Frame ID: 3235FA6EA7DF6D440F4653F9F177BD59
Requests: 40 HTTP requests in this frame

Frame: https://3aac9ca2367975ff7a2046697ca2f490.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9F45BF4580F8933DB61D89F532773014
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssK1ryozD4xi5TCJ6HFzIBkvd2OvGIiD3XTLuR1BpZLfSYydBtxBqZfi82a4AlK0nK7OMU9S1TYR9a4812HJsglKSyNgqInjArNkHsAcED-dezepzINw_jZMJufkVAadEFRkGlLvaqS7DltLVBTPAIoIkji6zJ-_eEWulzjGt1n3-YcvzTqafNUaYg1KVff6VaFtuSbWM2EVBw2AmW-zsJAmeuYUndq7IUfV2MAVq8k_HiNENwRh-5oMeLWtywzbsw50w1B90Qh6ZcJabsbujq4r8yQlIgseeaADfK-py7wMyz1y8tcqwb1tC7MllXPBt5zXc14LWx4k-ZZI0v6Ng&sai=AMfl-YQVDFHYkmyFwp1kz5LGAbQNdxZ85tvBF3WNYa1W_WE3KHw_-8CWjU17QXSCsJMa6V8u7SzQH7bZIl5LTuhE4ZjqhCZPk0FonUjCPxeP&sig=Cg0ArKJSzC96SG7jRq-oEAE&uach_m=[UACH]&adurl=
Frame ID: 95059E4936B93BBC73703AB34B9749EE
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 49F4EA192F07A4D51609F02840C4DA81
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AD668EB13C8894B1C3BECA49BF4F9F3C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Berita NTT Terbaru Terkini - iNews Portal

Page URL History Show full URLs

http://inewsntt.id/ HTTP 301
https://ntt.inews.id/?utm_source=inewsntt Page URL

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

306
Requests

98 %
HTTPS

68 %
IPv6

41
Domains

64
Subdomains

60
IPs

7
Countries

5290 kB
Transfer

9410 kB
Size

29
Cookies

204 Outgoing links

These are links going to different origins than the main page.

URL: https://www.inews.id/

Search URL Search Domain Scan URL

URL: https://aceh.inews.id/
Title: Aceh

Search URL Search Domain Scan URL

URL: https://sumut.inews.id/
Title: Sumut

Search URL Search Domain Scan URL

URL: https://sumsel.inews.id/
Title: Sumsel

Search URL Search Domain Scan URL

URL: https://jabar.inews.id/
Title: Jabar

Search URL Search Domain Scan URL

URL: https://jateng.inews.id/
Title: Jateng

Search URL Search Domain Scan URL

URL: https://yogya.inews.id/
Title: Yogya

Search URL Search Domain Scan URL

URL: https://jatim.inews.id/
Title: Jatim

Search URL Search Domain Scan URL

URL: https://bali.inews.id/
Title: Bali

Search URL Search Domain Scan URL

URL: https://kalbar.inews.id/
Title: Kalbar

Search URL Search Domain Scan URL

URL: https://sulsel.inews.id/
Title: Sulsel

Search URL Search Domain Scan URL

URL: https://babel.inews.id/
Title: Babel

Search URL Search Domain Scan URL

URL: https://regional.inews.id/
Title: Lainnya

Search URL Search Domain Scan URL

URL: https://lampung.inews.id/
Title: Lampung

Search URL Search Domain Scan URL

URL: https://maluku.inews.id/
Title: Maluku

Search URL Search Domain Scan URL

URL: https://papua.inews.id/
Title: Papua

Search URL Search Domain Scan URL

URL: https://sumbar.inews.id/
Title: Sumbar

Search URL Search Domain Scan URL

URL: https://ntb.inews.id/
Title: NTB

Search URL Search Domain Scan URL

URL: https://sulut.inews.id/
Title: Sulut

Search URL Search Domain Scan URL

URL: https://kalteng.inews.id/
Title: Kalteng

Search URL Search Domain Scan URL

URL: https://kalsel.inews.id/
Title: Kalsel

Search URL Search Domain Scan URL

URL: https://kaltim.inews.id/
Title: Kaltim

Search URL Search Domain Scan URL

URL: https://www.inews.id/indeks
Title: Indeks

Search URL Search Domain Scan URL

URL: https://tv.inews.id/

Search URL Search Domain Scan URL

URL: https://www.inews.id/sport
Title: Sport

Search URL Search Domain Scan URL

URL: https://www.inews.id/travel
Title: Travel

Search URL Search Domain Scan URL

URL: https://www.inews.id/techno
Title: Techno

Search URL Search Domain Scan URL

URL: https://www.inews.id/news
Title: News

Search URL Search Domain Scan URL

URL: https://www.inews.id/finance
Title: Finance

Search URL Search Domain Scan URL

URL: https://www.inews.id/lifestyle
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://www.inews.id/otomotif
Title: Otomotif

Search URL Search Domain Scan URL

URL: https://www.inews.id/multimedia
Title: Multimedia

Search URL Search Domain Scan URL

URL: https://www.okezone.com/
Title: Okezone

Search URL Search Domain Scan URL

URL: https://www.idxchannel.com/
Title: IDX Channel

Search URL Search Domain Scan URL

URL: https://www.celebrities.id/
Title: Celebrities.id

Search URL Search Domain Scan URL

URL: https://www.buddyku.com/
Title: BuddyKu

Search URL Search Domain Scan URL

URL: https://www.sindonews.com/
Title: SINDOnews

Search URL Search Domain Scan URL

URL: https://www.sportstars.id/
Title: Sportstars.id

Search URL Search Domain Scan URL

URL: https://koran-sindo.com/
Title: Koran SINDO

Search URL Search Domain Scan URL

URL: https://www.inews.id/streaming
Title: iNews TV

Search URL Search Domain Scan URL

URL: https://www.inews.id/streaming/gtv
Title: GTV

Search URL Search Domain Scan URL

URL: https://www.inews.id/streaming/rcti
Title: RCTI

Search URL Search Domain Scan URL

URL: https://www.inews.id/streaming/mnctv
Title: MNC TV

Search URL Search Domain Scan URL

URL: https://www.rctiplus.com/
Title: RCTI+

Search URL Search Domain Scan URL

URL: https://motionpay.id/
Title: MotionPay

Search URL Search Domain Scan URL

URL: https://aladinmall.misteraladin.com/
Title: AladinMall

Search URL Search Domain Scan URL

URL: https://www.roov.id/
Title: ROOV

Search URL Search Domain Scan URL

URL: https://emshop.id/
Title: eMSHOP

Search URL Search Domain Scan URL

URL: https://www.visionplus.id/
Title: Vision+

Search URL Search Domain Scan URL

URL: https://www.mnc-insurance.com/
Title: Motion Insure

Search URL Search Domain Scan URL

URL: https://www.motiontrade.id/
Title: Motion Trade

Search URL Search Domain Scan URL

URL: https://motionbanking.id/
Title: Motion Banking

Search URL Search Domain Scan URL

URL: https://www.misteraladin.com/
Title: Mister Aladin

Search URL Search Domain Scan URL

URL: https://www.inews.id/submission
Title: Klik Lebih Lanjut

Search URL Search Domain Scan URL

URL: https://acehutara.inews.id/
Title: Aceh Utara

Search URL Search Domain Scan URL

URL: https://asahanraya.inews.id/
Title: Asahan Raya

Search URL Search Domain Scan URL

URL: https://batam.inews.id/
Title: Batam

Search URL Search Domain Scan URL

URL: https://bengkuluutara.inews.id/
Title: Bengkulu Utara

Search URL Search Domain Scan URL

URL: https://deliraya.inews.id/
Title: Deli Raya

Search URL Search Domain Scan URL

URL: https://dumai.inews.id/
Title: Dumai

Search URL Search Domain Scan URL

URL: https://jambi.inews.id/
Title: Jambi

Search URL Search Domain Scan URL

URL: https://kutaraja.inews.id/
Title: Kutaraja

Search URL Search Domain Scan URL

URL: https://lamsel.inews.id/
Title: Lamsel

Search URL Search Domain Scan URL

URL: https://lintasbabel.inews.id/
Title: Lintasbabel

Search URL Search Domain Scan URL

URL: https://lhokseumawe.inews.id/
Title: Lhokseumawe

Search URL Search Domain Scan URL

URL: https://madina.inews.id/
Title: Madina

Search URL Search Domain Scan URL

URL: https://medan.inews.id/
Title: Medan

Search URL Search Domain Scan URL

URL: https://palembang.inews.id/
Title: Palembang

Search URL Search Domain Scan URL

URL: https://pekanbaru.inews.id/
Title: Pekanbaru

Search URL Search Domain Scan URL

URL: https://portalaceh.inews.id/
Title: Portal Aceh

Search URL Search Domain Scan URL

URL: https://pringsewu.inews.id/
Title: Pringsewu

Search URL Search Domain Scan URL

URL: https://riau.inews.id/
Title: Riau

Search URL Search Domain Scan URL

URL: https://siantar.inews.id/
Title: Siantar

Search URL Search Domain Scan URL

URL: https://waykanan.inews.id/
Title: Way Kanan

Search URL Search Domain Scan URL

URL: https://badung.inews.id/
Title: Badung

Search URL Search Domain Scan URL

URL: https://bandungraya.inews.id/
Title: Bandung Raya

Search URL Search Domain Scan URL

URL: https://banten.inews.id/
Title: Banten

Search URL Search Domain Scan URL

URL: https://batu.inews.id/
Title: Batu

Search URL Search Domain Scan URL

URL: https://bekasi.inews.id/
Title: Bekasi

Search URL Search Domain Scan URL

URL: https://blitar.inews.id/
Title: Blitar

Search URL Search Domain Scan URL

URL: https://bogor.inews.id/
Title: Bogor

Search URL Search Domain Scan URL

URL: https://bojonegoro.inews.id/
Title: Bojonegoro

Search URL Search Domain Scan URL

URL: https://bondowoso.inews.id/
Title: Bondowoso

Search URL Search Domain Scan URL

URL: https://boyolali.inews.id/
Title: Boyolali

Search URL Search Domain Scan URL

URL: https://brebes.inews.id/
Title: Brebes

Search URL Search Domain Scan URL

URL: https://ciamisraya.inews.id/
Title: Ciamis Raya

Search URL Search Domain Scan URL

URL: https://cianjur.inews.id/
Title: Cianjur

Search URL Search Domain Scan URL

URL: https://cilacap.inews.id/
Title: Cilacap

Search URL Search Domain Scan URL

URL: https://cilegon.inews.id/
Title: Cilegon

Search URL Search Domain Scan URL

URL: https://cirebon.inews.id/
Title: Cirebon

Search URL Search Domain Scan URL

URL: https://demak.inews.id/
Title: Demak

Search URL Search Domain Scan URL

URL: https://depok.inews.id/
Title: Depok

Search URL Search Domain Scan URL

URL: https://garut.inews.id/
Title: Garut

Search URL Search Domain Scan URL

URL: https://gresik.inews.id/
Title: Gresik

Search URL Search Domain Scan URL

URL: https://indramayu.inews.id/
Title: Indramayu

Search URL Search Domain Scan URL

URL: https://jatenginfo.inews.id/
Title: Jateng Info

Search URL Search Domain Scan URL

URL: https://jember.inews.id/
Title: Jember

Search URL Search Domain Scan URL

URL: https://joglosemar.inews.id/
Title: Joglo Semar

Search URL Search Domain Scan URL

URL: https://karanganyar.inews.id/
Title: Karanganyar

Search URL Search Domain Scan URL

URL: https://karawang.inews.id/
Title: Karawang

Search URL Search Domain Scan URL

URL: https://kediri.inews.id/
Title: Kediri

Search URL Search Domain Scan URL

URL: https://kuningan.inews.id/
Title: Kuningan

Search URL Search Domain Scan URL

URL: https://lamongan.inews.id/
Title: Lamongan

Search URL Search Domain Scan URL

URL: https://madiun.inews.id/
Title: Madiun

Search URL Search Domain Scan URL

URL: https://malang.inews.id/
Title: Malang

Search URL Search Domain Scan URL

URL: https://mojokerto.inews.id/
Title: Mojokerto

Search URL Search Domain Scan URL

URL: https://muria.inews.id/
Title: Muria

Search URL Search Domain Scan URL

URL: https://ngawi.inews.id/
Title: Ngawi

Search URL Search Domain Scan URL

URL: https://pandeglang.inews.id/
Title: Pandeglang

Search URL Search Domain Scan URL

URL: https://pangandaran.inews.id/
Title: Pangandaran

Search URL Search Domain Scan URL

URL: https://pantura.inews.id/
Title: Pantura

Search URL Search Domain Scan URL

URL: https://pasuruan.inews.id/
Title: Pasuruan

Search URL Search Domain Scan URL

URL: https://pemalang.inews.id/
Title: Pemalang

Search URL Search Domain Scan URL

URL: https://ponorogo.inews.id/
Title: Ponorogo

Search URL Search Domain Scan URL

URL: https://probolinggo.inews.id/
Title: Probolinggo

Search URL Search Domain Scan URL

URL: https://purwakarta.inews.id/
Title: Purwakarta

Search URL Search Domain Scan URL

URL: https://purwokerto.inews.id/
Title: Purwokerto

Search URL Search Domain Scan URL

URL: https://salatiga.inews.id/
Title: Salatiga

Search URL Search Domain Scan URL

URL: https://semarang.inews.id/
Title: Semarang

Search URL Search Domain Scan URL

URL: https://serpong.inews.id/
Title: Serpong

Search URL Search Domain Scan URL

URL: https://sidoarjo.inews.id/
Title: Sidoarjo

Search URL Search Domain Scan URL

URL: https://soloraya.inews.id/
Title: SoloRaya

Search URL Search Domain Scan URL

URL: https://sragen.inews.id/
Title: Sragen

Search URL Search Domain Scan URL

URL: https://subang.inews.id/
Title: Subang

Search URL Search Domain Scan URL

URL: https://sukabumi.inews.id/
Title: Sukabumi

Search URL Search Domain Scan URL

URL: https://surabaya.inews.id/
Title: Surabaya

Search URL Search Domain Scan URL

URL: https://tangsel.inews.id/
Title: Tangsel

Search URL Search Domain Scan URL

URL: https://tasikmalaya.inews.id/
Title: Tasikmalaya

Search URL Search Domain Scan URL

URL: https://tegal.inews.id/
Title: Tegal

Search URL Search Domain Scan URL

URL: https://temanggung.inews.id/
Title: Temanggung

Search URL Search Domain Scan URL

URL: https://tuban.inews.id/
Title: Tuban

Search URL Search Domain Scan URL

URL: https://tulungagung.inews.id/
Title: Tulungagung

Search URL Search Domain Scan URL

URL: https://baritoinfo.inews.id/
Title: Barito Info

Search URL Search Domain Scan URL

URL: https://balikpapan.inews.id/
Title: Balikpapan

Search URL Search Domain Scan URL

URL: https://kobar.inews.id/
Title: Kobar

Search URL Search Domain Scan URL

URL: https://kutai.inews.id/
Title: Kutai

Search URL Search Domain Scan URL

URL: https://samarinda.inews.id/
Title: Samarinda

Search URL Search Domain Scan URL

URL: https://celebes.inews.id/
Title: Celebes

Search URL Search Domain Scan URL

URL: https://kendari.inews.id/
Title: Kendari

Search URL Search Domain Scan URL

URL: https://lutra.inews.id/
Title: Lutra

Search URL Search Domain Scan URL

URL: https://manado.inews.id/
Title: Manado

Search URL Search Domain Scan URL

URL: https://palopo.inews.id/
Title: Palopo

Search URL Search Domain Scan URL

URL: https://palu.inews.id/
Title: Palu

Search URL Search Domain Scan URL

URL: https://parepare.inews.id/
Title: Parepare

Search URL Search Domain Scan URL

URL: https://polman.inews.id/
Title: Polman

Search URL Search Domain Scan URL

URL: https://toraja.inews.id/
Title: Toraja

Search URL Search Domain Scan URL

URL: https://sorongraya.inews.id/
Title: Sorong Raya

Search URL Search Domain Scan URL

URL: https://alor.inews.id/
Title: Alor

Search URL Search Domain Scan URL

URL: https://belu.inews.id/
Title: Belu

Search URL Search Domain Scan URL

URL: https://bima.inews.id/
Title: Bima

Search URL Search Domain Scan URL

URL: https://flores.inews.id/
Title: Flores

Search URL Search Domain Scan URL

URL: https://lombok.inews.id/
Title: Lombok

Search URL Search Domain Scan URL

URL: https://mataram.inews.id/
Title: Mataram

Search URL Search Domain Scan URL

URL: https://sumba.inews.id/
Title: Sumba

Search URL Search Domain Scan URL

URL: https://ternate.inews.id/
Title: Ternate

Search URL Search Domain Scan URL

URL: https://ttu.inews.id/
Title: TTU

Search URL Search Domain Scan URL

URL: https://www.inews.id/lifestyle/seleb/anak-artis-punya-banyak-fans-walau-masih-bayi
Title: 5 Anak Artis Punya Banyak Fans walau Masih Bayi, Nomor 2 Punya Warisan Rumah seperti Hotel dan Mobil Mewah

Search URL Search Domain Scan URL

URL: https://www.inews.id/news/internasional/liz-truss-mundur-begini-proses-pemilihan-pm-inggris-yang-baru
Title: Liz Truss Mundur, Begini Proses Pemilihan PM Inggris yang Baru

Search URL Search Domain Scan URL

URL: https://www.inews.id/finance/bisnis/10-kayu-termahal-di-dunia-nomor-7-dari-makassar
Title: 10 Kayu Termahal di Dunia, Nomor 7 dari Makassar

Search URL Search Domain Scan URL

URL: https://www.inews.id/news/internasional/profil-liz-truss-perdana-menteri-inggris-yang-mundur-setelah-45-hari-menjabat
Title: Profil Liz Truss, Perdana Menteri Inggris yang Mundur setelah 45 Hari Menjabat

Search URL Search Domain Scan URL

URL: https://www.inews.id/lifestyle/seleb/artis-ini-masih-tetap-cantik-di-usia-kepala-5
Title: Artis Ini Masih Tetap Cantik di Usia Kepala 5, Nomor 3 Disebut Vampir karena Bodynya seperti Anak Gadis

Search URL Search Domain Scan URL

URL: https://www.inews.id/news/internasional/7-fakta-sealand-negara-terkecil-di-dunia-sempat-akan-dijual-rp14-triliun
Title: 7 Fakta Sealand Negara Terkecil di Dunia, Sempat Akan Dijual Rp14 Triliun

Search URL Search Domain Scan URL

URL: https://www.inews.id/lifestyle/seleb/artis-yang-memilih-donor-organ-tubuhnya
Title: Deretan Artis Memilih Donor Organ Tubuhnya saat Meninggal, Nomor 5 Wanita Tercantik di Dunia Era 2000-an

Search URL Search Domain Scan URL

URL: https://www.inews.id/finance/bisnis/kisah-inspiratif-muhdi-sukses-ekspor-3-kontainer-keripik-singkong-setiap-bulan-ke-korsel
Title: Kisah Inspiratif Muhdi Sukses Ekspor 3 Kontainer Keripik Singkong Setiap Bulan ke Korsel

Search URL Search Domain Scan URL

URL: https://www.inews.id/otomotif/mobil/8-sopir-bus-cantik-idola-busmania-ada-yang-punya-perusahaan-otobus-sendiri
Title: 8 Sopir Bus Cantik Idola Busmania, Ada yang Punya Perusahaan Otobus Sendiri

Search URL Search Domain Scan URL

URL: https://www.inews.id/topic/hari-santri-2022
Title: Hari Santri 2022

Search URL Search Domain Scan URL

URL: https://www.inews.id/topic/ilmu-tajwid
Title: Ilmu Tajwid

Search URL Search Domain Scan URL

URL: https://www.inews.id/topic/doa-harian
Title: Doa Harian

Search URL Search Domain Scan URL

URL: https://www.inews.id/topic/destinasi
Title: Destinasi

Search URL Search Domain Scan URL

URL: https://www.inews.id/topic/pelaku-pembunuhan
Title: Pelaku pembunuhan

Search URL Search Domain Scan URL

URL: https://www.inews.id/topic/tausiah
Title: Tausiah

Search URL Search Domain Scan URL

URL: https://www.inews.id/topic/khutbah-jumat
Title: Khutbah Jumat

Search URL Search Domain Scan URL

URL: https://www.inews.id/topic/anak-komedian
Title: Anak Komedian

Search URL Search Domain Scan URL

URL: https://www.inews.id/topic/paras-cantik-anakkomedian
Title: Paras Cantik AnakKomedian

Search URL Search Domain Scan URL

URL: https://www.inews.id/topic/anak-komedian-terkenal
Title: Anak Komedian terkenal

Search URL Search Domain Scan URL

URL: https://www.inews.id/update-korona

Search URL Search Domain Scan URL

URL: https://kemkes.go.id/
Title: Kementerian Kesehatan Republik Indonesia

Search URL Search Domain Scan URL

URL: https://www.inews.id/news/nasional/update-21-oktober-2022-kasus-positif-covid-19-bertambah-2227-orang

Search URL Search Domain Scan URL

URL: https://www.inews.id/news/nasional/update-20-oktober-2022-kasus-positif-covid-19-bertambah-2307-orang

Search URL Search Domain Scan URL

URL: https://www.inews.id/news/nasional/update-19-oktober-2022-kasus-positif-covid-19-tambah-2390-orang

Search URL Search Domain Scan URL

URL: https://www.inews.id/news/nasional/kasus-harian-covid-19-naik-lagi-jakarta-sumbang-terbanyak

Search URL Search Domain Scan URL

URL: https://www.inews.id/news/nasional/update-18-oktober-2022-kasus-positif-covid-19-tambah-2164-orang

Search URL Search Domain Scan URL

URL: https://www.inews.id/multimedia/video

Search URL Search Domain Scan URL

URL: https://www.inews.id/indeks/article

Search URL Search Domain Scan URL

URL: https://www.inews.id/news/nasional/belajar-dari-pertahanan-dan-keamanan-digital-di-tengah-perang-rusia-ukraina

Search URL Search Domain Scan URL

URL: https://www.inews.id/news/nasional/mendampingi-hari-hari-akhir-prof-azra-sungguh-cahaya

Search URL Search Domain Scan URL

URL: https://www.inews.id/news/nasional/haornas-momentum-gotong-royong-nasional-untuk-raih-juara

Search URL Search Domain Scan URL

URL: https://www.inews.id/page/tentang-kami
Title: Tentang Kami

Search URL Search Domain Scan URL

URL: https://www.inews.id/page/redaksi
Title: Redaksi

Search URL Search Domain Scan URL

URL: http://www.jobsmnc.co.id/
Title: Karir

Search URL Search Domain Scan URL

URL: https://www.inews.id/page/pedoman-media-siber
Title: Pedoman Media Siber

Search URL Search Domain Scan URL

URL: https://www.inews.id/page/disclaimer
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://www.inews.id/page/term-of-services
Title: Term Of Services

Search URL Search Domain Scan URL

URL: https://www.inews.id/page/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.inews.id/page/sitemap
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://www.inews.id/page/kontak-kami
Title: Kontak Kami

Search URL Search Domain Scan URL

URL: https://www.mncgroup.com/business-unit
Title: MNC Group Businesses

Search URL Search Domain Scan URL

URL: https://www.mncgroup.com/
Title: Profile MNC Group

Search URL Search Domain Scan URL

URL: https://www.mncpeduli.org/
Title: MNC Peduli

Search URL Search Domain Scan URL

URL: https://www.instagram.com/inewsdotid

Search URL Search Domain Scan URL

URL: https://www.facebook.com/inewsdotid

Search URL Search Domain Scan URL

URL: https://twitter.com/inewsdotid

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCQA6NejSxQguRkD3L8eXHzA

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@inewsdotid

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://inewsntt.id/ HTTP 301
https://ntt.inews.id/?utm_source=inewsntt Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

Request Chain 55

https://sb.scorecardresearch.com/b?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1666400744080&ns_c=UTF-8&c7=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&c8=Berita%20NTT%20Terbaru%20Terkini%20-%20iNews%20Portal&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1666400744080&ns_c=UTF-8&c7=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&c8=Berita%20NTT%20Terbaru%20Terkini%20-%20iNews%20Portal&c9=

Request Chain 73

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fntt.inews.id%2F&domain=ntt.inews.id&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=uyrWM3xyak10S0pwcW5WdlloaHI2ZDNYRWxVSUV0ZEhqY3FyYzdHeSs2dS83NWxZNlJFcktzV0lhbWsycWh4OGFnZ1dVRlpmUVRITDVKSzByTFNQQ2tERUt2NHdLUXp5dEdNeVVWZFNic3YxRWFQWVlsZFNCeVgyTU1nR0tIQmVIVC94NnV4azRpcWNnK01QTnE0WkRWYjYrY1JYMXFSSWdGTHJUa2NZV2Z3SW55Sk1VdXZYcUFPNjdyeFQrcGRmNVFOZlRQL3BQVHd3MFMzamsrMU1laWw3ZkF4MGV0RUxXeDRneVZxU3hBWG5oVGdrPXw&cppv=2

Request Chain 234

https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
https://unpkg.com/swiper@8.4.4/swiper-bundle.min.js

306 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ntt.inews.id/
Redirect Chain

http://inewsntt.id/
https://ntt.inews.id/?utm_source=inewsntt

107 KB
14 KB

1385ms
1276ms

Document
text/html

2600:9000:218f:7600:1:b1a4:2f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218f:7600:1:b1a4:2f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a71aa2d8f421ec24850a82fa01a62b5f95d3b4ea98fdf9278366865083cde5ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 22 Oct 2022 01:05:43 GMT
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 1cfb3433a86e7969c88f0dfbfd15af32.cloudfront.net (CloudFront)
x-amz-cf-id: kBnj8bgvC63mgKvo8qBVNuXRkqpmV8UX_AOkGp72Q0H7nOBsiuLqLg==
x-amz-cf-pop: CDG52-P2
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 75de537f1f10b8b5-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 22 Oct 2022 01:05:42 GMT
Expires: Sat, 22 Oct 2022 02:05:42 GMT
Location: https://ntt.inews.id?utm_source=inewsntt
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xvdqljeaSHBOnM%2FxUps8sRUxLsvvyLxdM84mEGCO80sUZGwsRUK0lMG2zKLxl89tdBkSZxhPqoemCMbLhi4wLVBaare%2BFzF4cRnYlkl5vykjBd1D56R%2ButrEwPxKceDmvQSQEv2SfG%2BOg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 186ms
56ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb11eff3e63d6310b47c471ded236a1f64e1ecd532f2e8ddcf266b6464d032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27349
x-xss-protection: 0
server: sffe
etag: "1371 / 547 of 1000 / last-modified: 1666390088"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 22 Oct 2022 01:05:43 GMT

GET
H2 200 mix-desk-v2.min.css
static.inews.co.id/css/ 369 KB
52 KB 240ms
38ms Stylesheet
text/css 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9f63073f8d2d0342d31fd4074be34f73595862c5ae2041466056171e12d69938

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:46:11 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Wed, 14 Sep 2022 08:42:18 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 3255572
etag: W/"632193ea-5c365"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: cQT_MzxdkeUk2weYgXYrpVG_JmAJxu1sqGID3QGIy74ZJxIqrenVAQ==
expires: Wed, 21 Sep 2022 08:46:11 GMT

GET
H2 200 3kolom.css
static.inews.co.id/css/ 32 KB
6 KB 274ms
71ms Stylesheet
text/css 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/css/3kolom.css?v=72
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cd12c8f0f4e8a4d5f1903239c3be91906dff284068edd49c1a7f728ccb5dd264

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:46:11 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jun 2022 04:07:08 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 3255572
etag: W/"62b92cec-7eb6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: MDITj_gMBh6-XHJStvvxWDhcefQe8IkJgUXvUhAT-RDJdOiVaJoc2w==
expires: Wed, 21 Sep 2022 08:46:11 GMT

GET
H2 200 daerah.min.css
static.inews.co.id/css/ 940 B
791 B 274ms
72ms Stylesheet
text/css 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/css/daerah.min.css?v=72
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 36852a6f8fe58b46478b6c4eb9a6e725392fe4ec2dd3352a6a93941663bd657e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:12:16 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:48 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 3254007
etag: W/"61778478-3ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: -QiaTRzO9DpEPVsT6E1gJJu9S3YhKCodpgQBXn5ecUsdwU0FQ4MKkw==
expires: Wed, 21 Sep 2022 09:12:16 GMT

GET
H2 200 auto-complete.min.css
static.inews.co.id/css/ 533 B
709 B 274ms
72ms Stylesheet
text/css 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/css/auto-complete.min.css?v=72
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: bbcfed2a93dcef85f23e4618f1f53b979531ad7e256ba63dd0b4fe5fa4328033

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:46:11 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:48 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 3255572
etag: W/"61778478-215"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: 7ojtkiHRahM_e9btrEQb5lVTtPu2obHTDgsWClFx6N9ibUjcjz3msw==
expires: Wed, 21 Sep 2022 08:46:11 GMT

GET
H2 200 sticky_navbar.min.css
static.inews.co.id/css/ 3 KB
1 KB 272ms
70ms Stylesheet
text/css 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/css/sticky_navbar.min.css?v=72
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: bfc9928792050fbde5a1a1786a7d389c946a4f1ad23f69175fdb9171e0836006

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:46:11 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:43 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 3255572
etag: W/"61778473-ac7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: f8yiO6FDN4MuuLGIP6VOeZmhAFn8nT11xf_UyjPfVQNFvSwLkgaXcA==
expires: Wed, 21 Sep 2022 08:46:11 GMT

GET
H2 200 swiper-bundle.min.css
static.inews.co.id/js/swiper/ 15 KB
5 KB 271ms
69ms Stylesheet
text/css 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/js/swiper/swiper-bundle.min.css
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0278e05948f95ba94656b45a5547d33f57ed6e54e6a0f24bb731d51b24ba05c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 08:17:54 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Wed, 13 Apr 2022 08:03:41 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 9218869
etag: W/"625683dd-3b4e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: yhtKORPxtn4RncT6gS3W-38CLZELprwUGRn-614toBcdbzQ49tUWqQ==
expires: Thu, 14 Jul 2022 08:17:54 GMT

GET
H2 200 logoinews.png
img.inews.co.id/media/100/files/inews_new/2018/10/11/ 3 KB
4 KB 180ms
70ms Image
image/png 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/100/files/inews_new/2018/10/11/logoinews.png
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7bb4cac10236d97d976d9c18e8c7e8e2f38cc177f5a857eed4c269b372a7a321

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 02:22:03 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-original-content-length: 4454
server: nginx
x-amz-cf-pop: FRA60-P4
age: 168221
etag: W/"PSA-aj-VWlNbXjsGs"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315358706
content-length: 3338
x-amz-cf-id: d-vu3IWbF7xkfVl-WpqzkxxSxK9SxW1f4wDOPMnWUAp38R-q1WWM_Q==
expires: Sun, 17 Oct 2032 02:00:30 GMT

GET
H2 200 iNews@2x.png
static.inews.co.id/img/ 1 KB
2 KB 59ms
56ms Image
image/png 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/iNews@2x.png
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: abecc8df83a51a762faaacfd465ef9069eceb1ac0c1dc8fa44ae56f219897c72

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 08:21:51 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:49 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 4293832
etag: "61778479-5f8"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1528
x-amz-cf-id: W3SiIxKmkYA0fwgIyFONtQsyQ5dMTseErjo2DjdLulkVuKrisAxcrA==
expires: Fri, 09 Sep 2022 08:21:51 GMT

GET
H2 200 icon-inews-tv.gif
img.inews.co.id/files/img/ 49 KB
49 KB 150ms
40ms Image
image/gif 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/files/img/icon-inews-tv.gif
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1aaa0852e64e0974d0d684ddf2c2023969430bab106fdcca0bd09c1274f257fc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 02:22:04 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 168220
x-cache: Hit from cloudfront
content-length: 49785
server: nginx
etag: "5b6a89ce-c279"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BayL_xxJcGaKO58W3J_Nuw6EwyymDG83Zw5EGtGPTxi_b0FXV4ObNA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 right-menu.svg
static.inews.co.id/img/ 420 B
734 B 55ms
52ms Image
image/svg+xml 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/right-menu.svg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 91224a2be7a33f3e5c162dcffd319a9d4a804446efdc095cfd9d9c7130fe2cd6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 15:11:30 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 4355653
x-cache: Hit from cloudfront
last-modified: Thu, 01 Sep 2022 15:07:42 GMT
server: nginx
etag: W/"6310cabe-1a4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QuHvKwNCBsNYg3VRAtFl_jEarg0XU1npJnF3Dm8zkgfVMw3KgFEodQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 network.png
static.inews.co.id/img/ 550 B
935 B 57ms
54ms Image
image/png 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/network.png
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ba526a508ff52afa5358c83c97eff0206984c608c0ca75d5b422dfb9c22e879

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 15:32:18 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Thu, 01 Sep 2022 15:07:39 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 4354405
etag: "6310cabb-226"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 550
x-amz-cf-id: Lvlt4j4UirUqCNch-EpdUttVm-ssBhL8sgZV1ZFBlu9rnKx_ewpEyg==
expires: Thu, 08 Sep 2022 15:32:18 GMT

GET
H2 404 ntt.png
img.inews.co.id/media/600/files/img/ 0
0 680ms
571ms Image
text/html 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/600/files/img/ntt.png
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 close-red.png
static.inews.co.id/img/ 421 B
807 B 58ms
55ms Image
image/png 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/close-red.png
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d9bf54acfc2f866510bdb2ad1677da3086c72aeb69c979fca880d0fa07b24e1d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 23:30:45 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Thu, 01 Sep 2022 15:07:39 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 4325698
etag: "6310cabb-1a5"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 421
x-amz-cf-id: tBsZdTTXL_TO2n7Pdk1b9fikHDwWnWuhTBb7ONbi4eTV8b2lHriwZg==
expires: Thu, 08 Sep 2022 23:30:45 GMT

GET
H2 200 pencoblosan.jpg
img.inews.co.id/media/600/files/inews_new/2020/11/19/ 28 KB
28 KB 789ms
680ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/600/files/inews_new/2020/11/19/pencoblosan.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8b28b11c55732748a3cdb27bf098f990a52631b2d6295a2f3511c871e95a1e13

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Thu, 19 Nov 2020 02:37:43 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fb5da77-173f8"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 28395
x-amz-cf-id: lQNcS14zQbCTZb9jOLjBCIU12ZUPUlfSgSNMvq1AIOQWfzDHPEPBSA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lansia_dievakuasi_ke_rumah_sakit_dari_posko_pengu.jpg
img.inews.co.id/media/600/files/inews_new/2020/12/04/ 21 KB
21 KB 822ms
712ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/600/files/inews_new/2020/12/04/lansia_dievakuasi_ke_rumah_sakit_dari_posko_pengu.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f3e4b0b9cb7e4899eb18daa7e4d1217500ddeb9e12d1279b93c1ac7e4bf8c790

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Fri, 04 Dec 2020 01:40:15 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fc9937f-101e9"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 21234
x-amz-cf-id: PAYtBwyfwQ3Cc8OgBUd8LrvgORulcRgOWFYaYRKL2Cr9TtmDMyqylA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 doni_monardo.jpg
img.inews.co.id/media/600/files/inews_new/2020/12/02/ 48 KB
49 KB 828ms
718ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/600/files/inews_new/2020/12/02/doni_monardo.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 79adf9e5964c0c296744a2b06115685671557209f81382520499c7e62c8bc9d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Wed, 02 Dec 2020 04:33:56 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fc71934-2db2f"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 49223
x-amz-cf-id: GgENJNsTGtlAf9cwW6XmcN0SemHZzwOQ1DnJ9abeDN3e7-v7CSiXxg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 doni_monardo_di_ntt.jpg
img.inews.co.id/media/600/files/inews_new/2020/12/02/ 20 KB
20 KB 755ms
754ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/600/files/inews_new/2020/12/02/doni_monardo_di_ntt.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c4b2eb3e7b2d3f5d7ecb2e62185f2acc9a8043b76a59554537970a03b4ccf15b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Tue, 01 Dec 2020 18:49:59 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fc69057-11fd1"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 20070
x-amz-cf-id: 3GWGOPgGseMRNCzOGxLB2CnoAkUenMHVf8hXsMxookKvm2oUcIWhpQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pos_pantau_gunung_ile_ape.jpg
img.inews.co.id/media/600/files/inews_new/2020/12/01/ 14 KB
14 KB 242ms
242ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/600/files/inews_new/2020/12/01/pos_pantau_gunung_ile_ape.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: adb7832ac189f82a3a012eb3d1624195068432a1cada70167247da82cb8e5656

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Tue, 01 Dec 2020 00:39:50 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fc590d6-ae85"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 14100
x-amz-cf-id: uxPbWcPI97VS0YMpkJggFhCqXBgbU4QLJ8cjfBiank8-IlGjo4xibQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imageload.png
img.inews.co.id/media/250/files/inews_new/ 2 KB
3 KB 38ms
32ms Image
image/png 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/imageload.png
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a179ff3fe8c70e211932b694602858d21c9a0562058639eccd6eaaaba6306b80

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 02:22:03 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-original-content-length: 5557
server: nginx
x-amz-cf-pop: FRA60-P4
age: 168220
etag: W/"PSA-aj-M5eBqsrbNV"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315358835
content-length: 2479
x-amz-cf-id: wk5Eg6clxkwYPQNb0TINwjfYKqWyWILxbGO4FbqvwIJyvf4EU_WByA==
expires: Sun, 17 Oct 2032 02:02:39 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 133ms
28ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BAD) /
Resource Hash: 9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 22 Oct 2022 01:05:44 GMT
Content-Encoding: gzip
Age: 70
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29223
Last-Modified: Wed, 28 Sep 2022 20:05:37 GMT
Server: ECS (amb/6BAD)
Etag: "f26384f93da6974ed577808dfa1fede5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2

200

ab12745d93c5.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

15 KB
5 KB

33ms
33ms

Script
text/javascript

2a03:2880:f21c:81e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Server: 2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 22:57:09 GMT
content-encoding: br
x-fb-trip-id: 1679558926
etag: "ab12745d93c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 4843

Redirect headers

date: Sat, 22 Oct 2022 01:05:44 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: cln
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 auto-complete.min.js Show response
static.inews.co.id/js/ 5 KB
2 KB 32ms
32ms Script
application/javascript 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/js/auto-complete.min.js
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: dcd189b3bb4c3ea32c3613315081a69074fc0964337f04f3e5d783a23e0183c7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 06:53:12 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:43 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 3694351
etag: W/"61778473-1462"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: TPj-1ok0_2ALPCPsc4nxxlj6obb7KH2-d0uI7kRE_87rdXOp7iRPVg==
expires: Fri, 16 Sep 2022 06:53:12 GMT

GET
H2 200 mix-desk.min.js Show response
static.inews.co.id/js/ 228 KB
68 KB 31ms
31ms Script
application/javascript 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 56c76feb47fcf244ff18d7e708bdc5a3e1a146a41456a1949890c6714f3aea1f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:46:11 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:43 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 3255572
etag: W/"61778473-390af"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: VsHuu4LtwzCIt_-yDK10zdoNTCkdlFBJFiLa7Mkbh0jbceGrhrYS5Q==
expires: Wed, 21 Sep 2022 08:46:11 GMT

GET
H2 200 script-v2.js Show response
static.inews.co.id/js/ 4 KB
2 KB 35ms
31ms Script
application/javascript 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/js/script-v2.js?v=4
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ffb71469816e7541203d7fc634d6f98a77e5ce2709d8abe7e468a87f6d35e86a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:46:12 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Thu, 01 Sep 2022 15:07:42 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 3255571
etag: W/"6310cabe-e6c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: ezsjECE3Vl_dXS4SVUCcWQLXtV_8ppIDeHnCO75UjtULtIneVQ2m6w==
expires: Wed, 21 Sep 2022 08:46:12 GMT

GET
H2 200 lazy.js Show response
static.inews.co.id/js/ 4 KB
2 KB 36ms
32ms Script
application/javascript 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/js/lazy.js
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 12eb096a7e01e8496f2a796e0d22e8f4555c695dc307290f6dab408e8d7ee01c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 00:52:16 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:43 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 4839207
etag: W/"61778473-e1e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: b4FV8XANqOfFGoqT8NScwVpNOp9behMV_yW7JNOSWG5T1gsWizJM5w==
expires: Sat, 03 Sep 2022 00:52:16 GMT

GET
H2 200 crypto-js.min.js Show response
static.inews.co.id/js/ 47 KB
17 KB 58ms
54ms Script
application/javascript 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/js/crypto-js.min.js
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 01:32:50 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jun 2022 04:07:11 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 4059173
etag: W/"62b92cef-bcbc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: roOOVCN0EXAwHD6uU926jcTsld8v-Mxt3YNnyRDo5BSDqEA-mDLX0w==
expires: Mon, 12 Sep 2022 01:32:50 GMT

GET
H2 200 swiper-bundle.min.js Show response
static.inews.co.id/js/swiper/ 132 KB
37 KB 53ms
49ms Script
application/javascript 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/js/swiper/swiper-bundle.min.js
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f31219ecb01defc9ebb8aa29a6d0ce82e0f23a6eb146d79b470cc83906a23f76

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 02:11:22 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Wed, 13 Apr 2022 08:03:47 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 4229660
etag: W/"625683e3-20eb2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-id: 196_XnIArbEz8tizfPbJ2PHlD3BRrLNU2QhrGIaschs0FLZrZEzOeg==
expires: Sat, 10 Sep 2022 02:11:22 GMT

GET
H2 200 pubads_impl_2022101901.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
128 KB 101ms
31ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196eb4e1c32206100f0e8ad4ec1d25770d5dc9d91acd7b7972ec369440323aaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 15:12:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130799
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 08:34:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 21 Oct 2023 15:12:35 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 374 B
801 B 137ms
39ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ntt.inews.id

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

823df4d4f681a392ef918e106005063d7567466259efc12b0687117b4526d7a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164
x-xss-protection: 0
expires: Sat, 22 Oct 2022 01:05:44 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 117ms
32ms Script
application/javascript 13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 05:13:02 GMT
content-encoding: gzip
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 71563
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: wx6A6MT_6S_XcrMT3YHZKE42cSMUGmeDmASRZDjRsVmrpQDjlJyElA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 171 KB
59 KB 329ms
59ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5W2Q4KP&gtm_auth=0aYrfmVrkylJ7eB5zVRQYA&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90faf4a27491583e8a4490274fbb7a898bfb4fbf40e188d95598fa2c80f8a0f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59608
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK index.php Show response
hbs.ph.affinity.com/v5/inews.id/ 3 KB
2 KB 587ms
138ms Script
application/javascript 216.139.248.131
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to

Full URL: https://hbs.ph.affinity.com/v5/inews.id/index.php?t=2291
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.139.248.131 , United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: 216-139-248-131.aus.us.siteprotect.com
Software: nginx / PHP/7.3.6
Resource Hash: dbfdc38f5f89b3ba3b06024d23c576ece8f5d05ed3fbb7537099ecc206283bc4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 22 Oct 2022 01:05:44 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.3.6
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/Javascript; charset=utf-8
Cache-Control: public, max-age=31536000
Connection: close
Expires: Sun, 22 Oct 2023 01:05:44 GMT

GET
H2 200 chevron-down.svg
static.inews.co.id/img/ 212 B
744 B 54ms
54ms Image
image/svg+xml 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/chevron-down.svg
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2afd80dd7d92497bacd3831ed176ace1538b0e5512c8519754610d6f1ab197f6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 19:02:34 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 2786589
x-cache: Hit from cloudfront
content-length: 212
last-modified: Tue, 26 Jul 2022 07:32:36 GMT
server: nginx
etag: "62df9894-d4"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mMAx1dTuDwKNizy-1d-MnERMQ5FO6p0jgD8y4wyMotJ716QXdwkqxA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
static.inews.co.id/fonts/ 18 KB
18 KB 893ms
825ms Font
font/woff2 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Origin: https://ntt.inews.id
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:43 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: "61778473-466c"
x-cache: Miss from cloudfront
content-type: font/woff2
access-control-allow-origin: *
accept-ranges: bytes
content-length: 18028
x-amz-cf-id: 7vY13LfqppovSTG8RT86w5QzK6RiVKYgzgKMDQyZFzynnLpxAl0rkg==

GET
H2 200 icon-live.svg
static.inews.co.id/img/ 2 KB
1 KB 43ms
43ms Image
image/svg+xml 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/icon-live.svg
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 107cd8b4fd2286d6891309790c30e191fcf7955a9d24af52c76b288b2e6a6ff3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 15:11:32 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 4355651
x-cache: Hit from cloudfront
last-modified: Thu, 01 Sep 2022 15:07:39 GMT
server: nginx
etag: W/"6310cabb-8a1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gp5wPxDuX2NWRiMoAZ4UmTbTIChqDuXqEIT8dYpCfjlhZtR6aOFJMQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ntt Show response
ntt.inews.id/getstreaming/desktop/ 0
1 KB 2045ms
2044ms XHR
text/html 2600:9000:218f:7600:1:b1a4:2f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ntt.inews.id/getstreaming/desktop/ntt

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:218f:7600:1:b1a4:2f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
content-encoding: br
via: 1.1 1cfb3433a86e7969c88f0dfbfd15af32.cloudfront.net (CloudFront)
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: CDG52-P2
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
x-amz-cf-id: hnpG_W7n9aRd4AxjClXBrqbYH57YVow1wbLySffnzYNCDRNPzLZTNw==
x-xss-protection: 1; mode=block

GET
H2 200 editor_choice Show response
sindikasi.inews.id/widget/desktop/ 17 KB
18 KB 1097ms
878ms XHR
text/html 2600:9000:2491:5200:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/editor_choice?id=ntt&div=sideLeft0&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:5200:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

28c97ead5adc3c0fef50ff7aa0f1ebc0005be9af587ad25b945d2e4420f3cdda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: CNMm2AA-kdVE22X2DLMP-pGUh3WuRoCdlqhcnhyvAIWxEZO54C91nA==
x-xss-protection: 1; mode=block

GET
H2 200 popular_news Show response
sindikasi.inews.id/widget/desktop/ 0
394 B 860ms
642ms XHR
text/html 2600:9000:2491:5200:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/popular_news?id=ntt&div=sideLeft1&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:5200:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: JxqgF0Hu0aQdbbABZEjQ5eA4sriVXGg7psRkwfDa0uf4B8CIm-IbhA==
x-xss-protection: 1; mode=block

GET
H2 200 popular_topics Show response
sindikasi.inews.id/widget/desktop/ 2 KB
2 KB 935ms
718ms XHR
text/html 2600:9000:2491:5200:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/popular_topics?id=ntt&div=sideLeft2&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:5200:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

06e5a6c54dead4b0a6bf969005f9e0be1347f1b5e265c50619fa29538c3e2c91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: JbKQah6lYjqIAhLMV4mjgfhMGXjMABKBFsZxHSGA8k7r8UM7ZmUrew==
x-xss-protection: 1; mode=block

GET
H2 200 banner-right Show response
sindikasi.inews.id/widget/desktop/ 0
395 B 857ms
639ms XHR
text/html 2600:9000:2491:5200:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/banner-right?id=ntt&div=sideRight1&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:5200:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: -xlSmywIx8pJ_9Yi0AKeoe_mrZ5y3DE_k6Ykqs63U5amTKkxbLW0eg==
x-xss-protection: 1; mode=block

GET
H2 200 streaming Show response
sindikasi.inews.id/widget/desktop/ 384 B
789 B 909ms
692ms XHR
text/html 2600:9000:2491:5200:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/streaming?id=ntt&div=sideRight2&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:5200:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f5a9f6010307729a4ff2ea25ef1e832fd1f524c3a4d74febfc3a1f65333e75b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: hYQg3_xSMpqrIThY40B8Zp9yEg1a9_9hOFOmWyWVNovCSvpD5HiZXA==
x-xss-protection: 1; mode=block

GET
H2 200 korona Show response
sindikasi.inews.id/widget/desktop/ 10 KB
10 KB 980ms
763ms XHR
text/html 2600:9000:2491:5200:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/korona?id=ntt&div=sideRight3&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:5200:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

74f2bc40f6244cb2a2c7fbe997ee4eccea7d0947b06ca80096b952dc03e85880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: 1cQ2eLJCFjPuipbcjC-1ESI5gaezy-UyzzUmoRtjO8SjJGOKUAQqcw==
x-xss-protection: 1; mode=block

GET
H2 200 side_video Show response
sindikasi.inews.id/widget/desktop/ 10 KB
11 KB 1014ms
798ms XHR
text/html 2600:9000:2491:5200:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/side_video?id=ntt&div=sideRight4&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:5200:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7edc0cb931e1b025ba217ba5484c5717c952e55ba0c62d5f8eff4a31f9d29f38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: L6s6SAivKspsWzpUropUBTYmGstDP-2pljtY13EprIv0D21elEeVeQ==
x-xss-protection: 1; mode=block

GET
H2 200 side_photo Show response
sindikasi.inews.id/widget/desktop/ 181 B
585 B 935ms
719ms XHR
text/html 2600:9000:2491:5200:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/side_photo?id=ntt&div=sideRight5&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:5200:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e1cb0961cc3ad7eaa0740b49dc2e286cf4cf386bd86d523eae4bf4d954965217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: sven2Azhpdv-_jKZplKNxHHvfaMHPKuNkii8G8FoBV-29LrqOknFQQ==
x-xss-protection: 1; mode=block

GET
H2 200 mncportal Show response
sindikasi.inews.id/widget/desktop/ 502 B
905 B 925ms
709ms XHR
text/html 2600:9000:2491:5200:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/mncportal?id=ntt&div=sideRight6&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:5200:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9af02dc140425ce2947dc03ebfd19271127747d2578ba8aaab72e500a3f53f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: 6wrpf9vK7Z9zOcVvSlDqueNOf74oI2ovs1WtSeevYAli7hQ_BrTPiw==
x-xss-protection: 1; mode=block

GET
H2 200 rctiplus Show response
sindikasi.inews.id/widget/desktop/ 785 B
1 KB 911ms
696ms XHR
text/html 2600:9000:2491:5200:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/rctiplus?id=ntt&div=sideRight7&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:5200:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1dd559e191ad2988517dcdd3001d5c3d4c9df406ff10b59172685d12212d8138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: MuIqIDPMTiOFQYW_2j3mtlCjSxfq1IP5zSl3weLeX2wRPhzmnSTqpw==
x-xss-protection: 1; mode=block

GET
H2 200 visionplus Show response
sindikasi.inews.id/widget/desktop/ 756 B
1 KB 883ms
669ms XHR
text/html 2600:9000:2491:5200:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/visionplus?id=ntt&div=sideRight8&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:5200:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

eca0dcbdaed5985a680233abe61ac188e947b85f2b48165cce08a8887db495db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: WJ7kKB6vl10AxNUzTzP2Zq1OC94yahJDOILlj012VwHFrJE1Toj6xA==
x-xss-protection: 1; mode=block

GET
H2 200 article Show response
sindikasi.inews.id/widget/desktop/ 4 KB
5 KB 927ms
712ms XHR
text/html 2600:9000:2491:5200:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/article?id=ntt&div=sideRight9&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:5200:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7405346c27ac86dfa9c7f8ae8e48de433573f951990ab34f80026d033c79c446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: 08y2ybO1mZoTw4cH7xJfikhpAyhzOt7UG0axblK13MQUi_IB69_ADA==
x-xss-protection: 1; mode=block

GET
H2 200 social_media Show response
sindikasi.inews.id/widget/desktop/ 4 KB
4 KB 937ms
722ms XHR
text/html 2600:9000:2491:5200:f:e29d:1c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sindikasi.inews.id/widget/desktop/social_media?id=ntt&div=sideRight10&slug=ntt&subslug=&type=&source=region

Requested by

Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:5200:f:e29d:1c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

74fd74d010b59678e8cdd1d6702978a5a5585c5bee01efa016dfa0fbb069711e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amz-cf-id: cXURHw3njZinnoddFxRr_qnn2MuyjL0Wgh95JuU6JJmwBuezOAMh1A==
x-xss-protection: 1; mode=block

GET
H2 200 slick.woff
static.inews.co.id/plugins/slick/fonts/ 1 KB
2 KB 504ms
504ms Font
font/woff 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/plugins/slick/fonts/slick.woff
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Request headers

Referer: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Origin: https://ntt.inews.id
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:43 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: "61778473-564"
x-cache: Miss from cloudfront
content-type: font/woff
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1380
x-amz-cf-id: ZnnKMorVAsO5WOE_lYd2Ma5T90cXPj-A_y1krRNB0UNdlhP2ZXkjOA==

GET
H2 200 ajax-loader.gif
static.inews.co.id/plugins/slick/ 4 KB
4 KB 38ms
37ms Image
image/gif 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/plugins/slick/ajax-loader.gif
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 10:02:25 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:43 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 5151799
etag: "61778473-1052"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4178
x-amz-cf-id: ACBgR7BtKtkDtg7PWJIuSHeTPmiwDwN2V8gjRN--1j3ml-Rm6k1ItA==
expires: Tue, 30 Aug 2022 10:02:25 GMT

GET
H2 200 load-aiml Show response
ntt.inews.id/ 3 KB
1 KB 773ms
772ms XHR
text/html 2600:9000:218f:7600:1:b1a4:2f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ntt.inews.id/load-aiml
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218f:7600:1:b1a4:2f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a6ce02617a10530cf0538138cd4c0540a8f917aee304338f42d38bedc1e2e8af

Request headers

Accept: */*
Referer
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
content-encoding: br
via: 1.1 1cfb3433a86e7969c88f0dfbfd15af32.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: CDG52-P2
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, private
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4nM1ioMftDCcZTywEYVAOxn2xRpVXlI4MnRX56x2NdcVgPB4Q-SgWQ==

GET
H2 200 6.JPG
img.inews.co.id/media/250/files/inews_new/2020/12/05/ 8 KB
9 KB 559ms
559ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/12/05/6.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 013dba738c2ef768c6a2339406a490ace9f450cab1a7d5e3142ba2a2074dcbf8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Sat, 05 Dec 2020 07:42:25 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fcb39e1-9930"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 8477
x-amz-cf-id: amle1ot2A7872meoY4Mtg8EW6-0dEPCRJT5qKNcN2BsLQSdv-YyZlw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3.JPG
img.inews.co.id/media/250/files/inews_new/2020/12/05/ 6 KB
7 KB 539ms
539ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/12/05/3.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1521e234e96ef5150b56b60c5288e85ab18efbad583aeb6125739caf92d1001f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Sat, 05 Dec 2020 05:55:47 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fcb20e3-4f7e"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 6337
x-amz-cf-id: 2M4uRcHBGdtX6wNcfusrYy11_gp_hcNkEBVsy19yzITWSMboyQkIbg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1666400744080&ns_c=UTF-8&c7=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&c8=Berita%20NTT%20Terbaru%20Terki...
https://sb.scorecardresearch.com/b2?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1666400744080&ns_c=UTF-8&c7=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&c8=Berita%20NTT%20Terbaru%20Terk...

0
190 B

33ms
32ms

Image
text/plain

13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1666400744080&ns_c=UTF-8&c7=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&c8=Berita%20NTT%20Terbaru%20Terkini%20-%20iNews%20Portal&c9=
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: BtqEnSVz_C_B2R9aFnJWU3DjVhdJKTgE8M4v3cjqi8IqHLa-8pl4Aw==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1666400744080&ns_c=UTF-8&c7=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&c8=Berita%20NTT%20Terbaru%20Terkini%20-%20iNews%20Portal&c9=
date: Sat, 22 Oct 2022 01:05:44 GMT
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: 8bVtdTrL6XQzna32EvOA5P5I8gnGqByOWque573M583Am81GYu-dnQ==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK widget_iframe.7dae38096d06923d683a2a807172322a.html Show response
platform.twitter.com/widgets/ Frame 3676 320 KB
104 KB 25ms
24ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fntt.inews.id
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B8C) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 138101
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Sat, 22 Oct 2022 01:05:44 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B8C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 174ms
39ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=ntt.inews.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 185ms
53ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ntt.inews.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 69 KB
13 KB 312ms
311ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4313724485563589&correlator=4253092594353685&eid=31068498%2C31070473%2C21065725&output=ldjh&gdfp_req=1&vrg=2022101901&ptt=17&impl=fifs&iu_parts=7108725%2CHome-TopLeaderboard%2CDesktop-Home-Billboard%2CDesktop-Home-Rectangle1%2CDesktop-Home-BottomBanner&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C970x90%2C300x250%2C970x90&ifi=1&adks=3239413752%2C3215994126%2C4046664198%2C1852379673&sfv=1-0-38&prev_scp=Room%3DRegional%7CRoom%3DRegional%7CRoom%3DRegional%7CRoom%3DRegional&sc=1&cookie_enabled=1&abxe=1&dt=1666400744199&lmt=1666400744&dlt=1666400743662&idt=508&adxs=591%2C436%2C1084%2C315&adys=65%2C242%2C374%2C1062&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&frm=20&vis=1&psz=757x5%7C1106x132%7C254x18%7C970x-1&msz=728x5%7C728x90%7C250x0%7C970x-1&fws=0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0&ga_vid=1709644260.1666400744&ga_sid=1666400744&ga_hid=106343843&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bec56237a23452a7f35a7d752c45e6c97bd6c17ea717ea32dd1c7b47e9e89f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12776
x-xss-protection: 0
google-lineitem-id: -1,-1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ntt.inews.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4031 6 KB
4 KB 154ms
39ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 01:05:44 GMT
expires: Sun, 22 Oct 2023 01:05:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3676 851 B
676 B 298ms
135ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=b58daa46f1c3ea967eea1e41d806011577918fcd

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fntt.inews.id

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time: 106
date: Sat, 22 Oct 2022 01:05:43 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Sat, 22 Oct 2022 01:05:44 GMT
server: tsa_f
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: e491c89fcf858fab
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 4c19e4040dbc8d456c29eefea3896ddacd9e840e5e059808bd6d2766c4cc7ee0
content-length: 355

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 112 KB
43 KB 131ms
61ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-59VRJBF

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W2Q4KP&gtm_auth=0aYrfmVrkylJ7eB5zVRQYA&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1add158a89a2fb6ede9ce43694df19a39cf258b14549ab0a83d510ce62bc4f3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 22 Oct 2022 01:05:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 97ms
31ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W2Q4KP&gtm_auth=0aYrfmVrkylJ7eB5zVRQYA&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Oct 2022 23:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6587
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 22 Oct 2022 01:15:57 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/159495/4556/ 319 KB
97 KB 100ms
31ms Script
text/javascript 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/159495/4556/pwt.js
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d887163975d331ecb96feb1f8470dd4d943de0f2e0303627182a7111702be2bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 05:39:04 GMT
server: Apache
etag: "10a1a71-4fddc-5cf4f03122543"
vary: Accept-Encoding
content-type: text/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=75860
accept-ranges: bytes
content-length: 99148
expires: Sat, 22 Oct 2022 22:10:04 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
75 KB 106ms
44ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-10CQL436CK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W2Q4KP&gtm_auth=0aYrfmVrkylJ7eB5zVRQYA&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

108824c867822978dc2b2a8f8cc4c3780a0be22a6441fc6b241f448327e1f44c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76671
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 22 Oct 2022 01:05:44 GMT

GET
H3 200 container.html Show response
7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BC8C 6 KB
3 KB 173ms
58ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 01:05:44 GMT
expires: Sun, 22 Oct 2023 01:05:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6FEE 6 KB
3 KB 174ms
63ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 01:05:44 GMT
expires: Sun, 22 Oct 2023 01:05:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 98A3 6 KB
3 KB 171ms
64ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 01:05:44 GMT
expires: Sun, 22 Oct 2023 01:05:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 103ms
38ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=106343843&t=pageview&_s=1&dl=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&ul=en-us&de=UTF-8&dt=Berita%20NTT%20Terbaru%20Terkini%20-%20iNews%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChACEABRAAAACAEK~&jid=64655651&gjid=37410232&cid=1709644260.1666400744&tid=UA-109056487-1&_gid=1382991204.1666400745&_r=1&gtm=2wgaj05W2Q4KP&cd1=null&cd2=null&cd3=0&cd4=Non%20AMP%20Page&cd5=GTM-5W2Q4KP&cd6=1666400744380.nltsmhkg&cd8=2022-10-22T01%3A05%3A44.380%2B00%3A00&cd9=null&cd10=null&cd11=null&cd12=null&cd13=null&cd14=null&cd15=null&cd16=null&cd17=null&cd25=gtm.js&cd7=1709644260.1666400744&z=2159389

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 01:05:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ntt.inews.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 100ms
39ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 01:05:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ntt.inews.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
345 B 80ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-10CQL436CK&gtm=2oeaj0&_p=106343843&cid=1709644260.1666400744&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666400744&sct=1&seg=0&dl=https%3A%2F%2Fntt.inews.id%2F%3Futm_source%3Dinewsntt&dt=Berita%20NTT%20Terbaru%20Terkini%20-%20iNews%20Portal&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-10CQL436CK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 01:05:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ntt.inews.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 88ms
24ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fntt.inews.id%2F&domain=ntt.inews.id&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ntt.inews.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ntt.inews.id
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 22 Oct 2022 01:05:44 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 511337
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fntt.inews.id%2F&domain=ntt.inews.id&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=uyrWM3xyak10S0pwcW5WdlloaHI2ZDNYRWxVSUV0ZEhqY3FyYzdHeSs2dS83NWxZNlJFcktzV0lhbWsycWh4OGFnZ1dVRlpmUVRITDVKSzByTFNQQ2tERUt2NHdLUXp5dEdNeVVWZFNic3YxRWFQWVlsZFNCeVgyTU1nR0...

381 B
661 B

72ms
25ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=uyrWM3xyak10S0pwcW5WdlloaHI2ZDNYRWxVSUV0ZEhqY3FyYzdHeSs2dS83NWxZNlJFcktzV0lhbWsycWh4OGFnZ1dVRlpmUVRITDVKSzByTFNQQ2tERUt2NHdLUXp5dEdNeVVWZFNic3YxRWFQWVlsZFNCeVgyTU1nR0tIQmVIVC94NnV4azRpcWNnK01QTnE0WkRWYjYrY1JYMXFSSWdGTHJUa2NZV2Z3SW55Sk1VdXZYcUFPNjdyeFQrcGRmNVFOZlRQL3BQVHd3MFMzamsrMU1laWw3ZkF4MGV0RUxXeDRneVZxU3hBWG5oVGdrPXw&cppv=2

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

88bab1c8012f83138804d6002ba7f04dcb18a69ba922637e6ccf547654813a98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 01:05:44 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1048840
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 22 Oct 2022 01:05:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=uyrWM3xyak10S0pwcW5WdlloaHI2ZDNYRWxVSUV0ZEhqY3FyYzdHeSs2dS83NWxZNlJFcktzV0lhbWsycWh4OGFnZ1dVRlpmUVRITDVKSzByTFNQQ2tERUt2NHdLUXp5dEdNeVVWZFNic3YxRWFQWVlsZFNCeVgyTU1nR0tIQmVIVC94NnV4azRpcWNnK01QTnE0WkRWYjYrY1JYMXFSSWdGTHJUa2NZV2Z3SW55Sk1VdXZYcUFPNjdyeFQrcGRmNVFOZlRQL3BQVHd3MFMzamsrMU1laWw3ZkF4MGV0RUxXeDRneVZxU3hBWG5oVGdrPXw&cppv=2
access-control-allow-origin: https://ntt.inews.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 274835
content-length: 0
expires: 0

GET
H2 200 v2.js Show response
cdn4-hbs.affinitymatrix.com/hvrlib/inews.id/1663580391/ 62 KB
23 KB 360ms
109ms Script
application/javascript 64.185.181.185
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4-hbs.affinitymatrix.com/hvrlib/inews.id/1663580391/v2.js
Requested by: Host: hbs.ph.affinity.com
URL: https://hbs.ph.affinity.com/v5/inews.id/index.php?t=2291
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.185.181.185 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS: pc-b-d.bitgravity.com
Software: v/6.5.0/6.5.14/v12iad1-www / PHP/7.3.6
Resource Hash: 657a91f8fb81963b23b45732abbd8712eede2d140681eb3754eba862ec1ca075

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-version: 9
date: Mon, 03 Oct 2022 14:23:36 GMT
content-encoding: gzip
server: v/6.5.0/6.5.14/v12iad1-www
age: 1594322
x-tata-request-id: 5b87dc12485fc750afd0020082f282f4, 5b87dc12485fc750afd0020082f282f4
x-powered-by: PHP/7.3.6
vary: Accept-Encoding
x-cache: HIT,v12iad1
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 22673
expires: Sun, 22 Oct 2023 01:05:44 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 97ms
32ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-109056487-1&cid=1709644260.1666400744&jid=64655651&gjid=37410232&_gid=1382991204.1666400745&_u=aChACEAARAAAACAEK~&z=661722189

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 22 Oct 2022 01:05:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ntt.inews.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 97ms
33ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-109056487-4&cid=1709644260.1666400744&jid=1536536034&gjid=2069942106&_gid=1382991204.1666400745&_u=aCjACEABRAAAACAEK~&z=188193111

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 22 Oct 2022 01:05:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ntt.inews.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BC8C 0
0 99ms
99ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CC1vC6EFTY9HNEMPtgQfzloqACMme0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItODMwNzU5ODIwODAxNjYxOcgBCakC39KZasmEsD7gAgCoAwGqBMwBT9CM-oQoTFK7zjq4OT6ZXVlhcephTP4RxccLgsa-dKpZeQ0LO3sUbuMUX4lwhU3rlC7DPg97wFBy2cXJ3hbzFqTGVZl20HeGCbndrG9D7qTW3gE2LOrFav9yhqz1JJZa2EINcNSgYW4LzfJ0PYy9xEJKoVYFuf6gJ2wBLMQcrWy2xwHw1gPd01-gVwByKttnuBecHTzgLecNdfLUj_WqmgCMPMQGbWKDMWMWd40K7SoNff7_9gQUQXBafhzBSJLy_CoZFWtwgfO1vW_Z4AQBgAanz52npq_QkkmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04MzA3NTk4MjA4MDE2NjE5GL2cFA&sigh=e8eaMGI0n04&uach_m=[UACH]&cid=CAQSPwDq26N9s_3Sud4hTaDhhb7vF0xg3YkqQVzB3FdsP6Pyzn7Rj9g2JzjDTgKY8l7pfoOGrwXXzr0jrWZjtQOcPRgBIBM
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame BC8C 0
0 90ms
29ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kuOtFPBB2AVanYNiAgIAAACsaFIRWScdY4bvUw0Q50FTY86BYkC2iLX82eROABIAAA&wp=Y1NB6AAEJtEK4HbDAAKLc2uONnC9f56St1aqtw

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 426923
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 67D9 47 KB
18 KB 89ms
28ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1NB6AAEJtEK4HbDAAKLc2uONnC9f56St1aqtw&u=%7CMlr4B4FuYy7Bu%2FxBL9B%2FtY8Csz35J9vKFbsqtfu3FF0%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7JvP7Dm--2WQz0kNoXpvmfQhgfJXasdzCK-Q77BHxp9q9pJjDQa7PaEpYWmtP7eXz_BMX8tOIxPfeMnlhRePrlItZ3hQpaDDgdj3CmW1hohawgN8cfwx_4qMDyZTOoD0rhfRW_UnxtAmbyIn4H0XOGfv8AbXSlm0i7mIll6Oz4mypo0Xo-BfKrxvHN-IE3hmbAhI1BGXPBIcYJ-aEsm0NqIZPvo4TW5tArV8SfRtj7AXI6GmswPIZOqVEkD9oqLExFMCNZOQI3RUJYaaj5H9YtstDBSMzewj6Ml0btsIlR2eFquNhLze9hdKuvhMzVyJwKtFTTP61gWv-AFqlACM5xPpd9rH0PJBLirLATs1i7qu-CmT6jpPbj9Gkt-xYbxDhexQbY_ZdpEvT2obJYWnnKfV5xO682aKwTpXjohoXeAz1_AcftEbgnMg0hg3yvSkNY6IpXAd79EOMynAvpHIO-BoTteq4F_mxemDmRIwiRnSQrMPfxzfRoPdsAb9m2vCAX6KTYGZvToQmF0vW509Lh9NcU-DqS7oBpntW9Ys7NOwRqDPzmVh1U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7UNe6EFTY9HNEMPtgQfzloqACMme0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItODMwNzU5ODIwODAxNjYxOcgBCakC39KZasmEsD7gAgCoAwGqBM8BT9CM-oQoTFK7zjq4OT6ZXVlhcephTP4RxccLgsa-dKpZeQ0LO3sUbuMUX4lwhU3rlC7DPg97wFBy2cXJ3hbzFqTGVZl20HeGCbndrG9D7qTW3gE2LOrFav9yhqz1JJZa2EINcNSgYW4LzfJ0PYy9xEJKoVYFuf6gJ2wBLMQcrWy2xwHw1gPd01-gVwByKttnuBecHTzgLecNdfLUj_WqmgCMPMQGbSCBEPGR-BEZUrYZ3i7CUPwdVXrsdDLZyiY6wYzrqnVcmXYfOXxmi5_54AQBgAanz52npq_QkkmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_00Q5ido4-wKtBoeUtFCk13IbaBCA%26client%3Dca-pub-8307598208016619%26adurl%3D

Requested by

Host: 7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com
URL: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0e7f143ab01a31627abf8eb65cf4312a01420129535b8dc843f43ef93638162b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 01:05:44 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=_eQOQ_rqgbIfYWiv5_MB53pR01f9RH0q-W2UKAeMYW_kAm0ZtCrSnHXtPv1hHeyGl-MF_hoV5MfKqhCkcBO2rlWb7bjlAslI6DIPcKi9Hsd4brz2P5sf3DA0c1j0zKbIYI26t7IMcl3zLPWsTQJeCzcXp1-2jj-FV26JONeKy6lr3ramRGT990qNjGOeOMNwQKJVP4fBuxTq1dXJW8pJqGE8EZOpF7wQSIZ52waxYSKAe9uuqh9HrNhITSCoKm5uLPqplw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 4143065
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame BC8C 3 KB
1 KB 155ms
74ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com
URL: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 12:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Nov 2022 12:32:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame BC8C 17 KB
8 KB 111ms
31ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com
URL: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 11:14:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Nov 2022 11:14:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BC8C 0
0 109ms
39ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQjP9xchprFL1NodkHinvzu3i-FoYgtgzF8WqCiBtuMxR-_AGgzOOd8dNCTHoCkVGU6bGKmLgYv67ySb42pn1kTornkgg
Requested by: Host: 7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com
URL: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame BC8C 22 KB
7 KB 114ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com
URL: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 03:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 21 Oct 2023 03:07:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC8C 152 KB
46 KB 106ms
41ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com
URL: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47476
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666179788250400"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Oct 2022 01:05:44 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6FEE 0
0 97ms
97ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEOZX6EFTY9LNEMPtgQfzloqACMme0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItODMwNzU5ODIwODAxNjYxOcgBCakC39KZasmEsD7gAgCoAwGqBM8BT9BDBo9YYerU_xVn-w3J8VmFK7rNALkZRP4ALvTWU7ZvYjtHuFPQlaFXL85lpw1s3zxtj3zdIgQINHNERM6olXsWhQSdBRL_KVJ2UviUl9X7ImrFGh4BqayJNjycSYlskaXP_fZGtimUcTCPWbYlJ79AxyQIVbpqlDtY8bbauGq8oTviAW2YmD8YIESS594IJzj-tRPDeiPaMeKe1uXoH0aNcABdA6X-XmLBNLg4DJcxsD7WLxa1Y3Q6LCm1phT2zQAnaUFsHo4FYlC_jDk74AQBgAb5rrfX0K_i4JQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODMwNzU5ODIwODAxNjYxORi9nBQ&sigh=ssxf0VHsYvE&uach_m=[UACH]&cid=CAQSPwDq26N9s_3Sud4hTaDhhb7vF0xg3YkqQVzB3FdsP6Pyzn7Rj9g2JzjDTgKY8l7pfoOGrwXXzr0jrWZjtQOcPRgBIBM
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 6FEE 0
0 218ms
26ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=ktLjDfrMCcoHWp2DYgICAAAArGhSEVknHWOG71MNEOhBU2N42TQsqyTSYT0LxgASAAA&wp=Y1NB6AAEJtIK4HbDAAKLc5tnx9u_f-tKflowNg

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 261071
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 4DBE 121 KB
43 KB 155ms
99ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1NB6AAEJtIK4HbDAAKLc5tnx9u_f-tKflowNg&u=%7CMlr4B4FuYy5lU4eF57in%2BX5Xz779dueiaGIOkVzKtL4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTEBrWaUcMEzDEPcMYO5KXKKokDOS3mrbr6Es9r_IKxreF0UgY4P7dGelGz72T9HjAfMMR9QmcbjsQL9jQib5C7S87F5Dg5aml5NVGHPCAluZBfyq9gunbKC-7cN4vZ9Xoz28y-Bh32t2PbsfhbkFJYr2PKjzerZRKYuT5YZsEEhy3G_M12DCWwOEr58M52I9vhTO6m9nL6kTeW3MlhdRWUDChG94CaxBj9UYMFrPzqfmmySAO0iacSZ6SGmflYJq5kVkxzUfDSKRT3NcNRxa6ZkUdD_02MBV2uqwsRBhJqT1Aw1gOz0wXGiL67EcAVuEZTacVlbSoZFPX51WITTd9KMmJ70IEBFjs76xVMAr3wv3xvf6mtNea5yKWRgihyidijOrJMbtuOSY_P4ZN7jMY0Eiki4pD1JOE6dSk0fE6jWItNASSXubVgflg0NnjLhFqfiYMYpRi6ErofCPvRwahcR3ZxSENlMz9UUXPCvLIMvHQ9pJthLsX24FSOOQj-k_50d2YJ4f_Fz0JlS6fHYbwEcIE9OQgJAE8Uc37nBmTmw-GdH2ObZG1uw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSXmh6EFTY9LNEMPtgQfzloqACMme0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItODMwNzU5ODIwODAxNjYxOcgBCakC39KZasmEsD7gAgCoAwGqBNIBT9BDBo9YYerU_xVn-w3J8VmFK7rNALkZRP4ALvTWU7ZvYjtHuFPQlaFXL85lpw1s3zxtj3zdIgQINHNERM6olXsWhQSdBRL_KVJ2UviUl9X7ImrFGh4BqayJNjycSYlskaXP_fZGtimUcTCPWbYlJ79AxyQIVbpqlDtY8bbauGq8oTviAW2YmD8YIESS594IJzj-tRPDeiPaMeKe1uXoH0aNcABdA6X-XiDDFSq_gwsiD6LCjMaIxYwzOCMDrDruT7TvVOeeoZApetUVCCqEtDpb4AQBgAb5rrfX0K_i4JQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_30f7xbbEfZagbnotBXWcH5iJvr4w%26client%3Dca-pub-8307598208016619%26adurl%3D

Requested by

Host: 7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com
URL: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

287b6f06439e45d18c49c89c821c656e74d20bc42d4ebf2f3cffd4078c3446dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 01:05:44 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=KHGCKPrqgbIfYWiv0ygZhRfA7OnQ4qPf1NV8DEWhGVJXbgsv1sHmph2kbp4GcftTqOaoacGL1WAzS3HenmP0iwbusbBl4PMaK8GNLhoDYXrrzen6OfxwAj47r4wHb8seoY40EJabE9P-7kjyNJIHBlCGjWMY3zAkEOJ6VZ4G20Ku7WbdtbMLFo_AkaQkHuH3YmKiHmFbyIVgAyjqZx6GDpfvbMYhr3N69J8ktYXVu9XzXBsk78TZmPx0IZgkeoJojYH6kw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 74457006
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 6FEE 3 KB
1 KB 152ms
75ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com
URL: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 12:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Nov 2022 12:32:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 6FEE 17 KB
7 KB 114ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com
URL: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 11:14:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Nov 2022 11:14:50 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6FEE 22 KB
7 KB 136ms
60ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com
URL: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 03:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 21 Oct 2023 03:07:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6FEE 152 KB
46 KB 119ms
57ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com
URL: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47476
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666179788250400"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Oct 2022 01:05:44 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 98A3 0
0 100ms
99ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C914t6EFTY9TNEMPtgQfzloqACMme0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItODMwNzU5ODIwODAxNjYxOcgBCakC39KZasmEsD7gAgCoAwGqBNIBT9CwXWUu6KkpjBcBoP1S1vjiT_herJmsN5v-8x7gJeWN9gTAl7ZzZ0WQrbkDHLvCpVRbnJYG8xNcVplGht2cZVGmGtnT9JKY-vx-LCo5K_xC0ueyXSeSYLSwwtdnEbfRjQO_Izdy350u0qQL5gTtemGPTUm0rBIKwI777b31STfyB6XCadxQHHSr9roKXPbGq_XweS10C_aS17JVuCv96vJjB1ZhjMh-fQLjFi5g_OuWj3sheezP9PWYS2IZVxaCufse5lTl493eK6wPJEe7QmOs4AQBgAa1xMLl_LuA27QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODMwNzU5ODIwODAxNjYxORi9nBQ&sigh=MW193TLaghw&uach_m=[UACH]&cid=CAQSPwDq26N9s_3Sud4hTaDhhb7vF0xg3YkqQVzB3FdsP6Pyzn7Rj9g2JzjDTgKY8l7pfoOGrwXXzr0jrWZjtQOcPRgBIBM
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 98A3 0
0 212ms
25ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=koLRC_rMCcoHWp2DYgICAAAArGhSEVknHWOG71MNEOhBU2N5VynjCDbblCj-BwASAAA&wp=Y1NB6AAEJtQK4HbDAAKLc_IguVjkcmGXykcLeA

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 319608
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D773 140 KB
46 KB 175ms
124ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1NB6AAEJtQK4HbDAAKLc_IguVjkcmGXykcLeA&u=%7CMlr4B4FuYy4uSWFA74OOUL2LA7Pd8t%2F2jHN3PChFHCA%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N4nNlBVGgvJ_VoK3WgXPD8uK4p8u7_zm06fpz5T5hbmiHBNBT664Yh4yklKi4Udp8gdnPJKpXICeXBR4Nzw40-7tTGUiiRwVCHpbQVGexvvZENPwd3mXihGlw7X8arpMjzxcUPrFETexl7tebN_NsWL-NzE54TbHVH5cymsEXyG263oEufNQLEKUOaCH2Rfl9oyN3nJ01QvmJAt_gnJUsrK3zc1o2voJM4TMLbPFT5EDlq_aKstv8O03Q0fLzZHxL39RfxuXsGiJTagA8yVj8OQoyR3F6DxFrFpZVPS_lCxmIB5v6TIWuRtpQKTV-e6bjRgxTZ5_EHpAm1jT4tRTqVd9s8FEd7Cx-hanMAg6ms_hueJF_kopUtlHINa6sLPAvELLOsjTmrSVjeuxfWk_LGVRWniKMUfexb2m2x6_W8wZqzS08kxebEdzkK7_gAsne-H1EGGifS1I8ubBx5zxvGTSVvPC7l0wxZs7APhvQdi1kumPtHFmBvbBp2ll6bHoJk_K5zGG9TV6WeWVt1fr_jSVnRpwXUCBRjHRFSS__0RPSTEqjWxynDw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFc406EFTY9TNEMPtgQfzloqACMme0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItODMwNzU5ODIwODAxNjYxOcgBCakC39KZasmEsD7gAgCoAwGqBNUBT9CwXWUu6KkpjBcBoP1S1vjiT_herJmsN5v-8x7gJeWN9gTAl7ZzZ0WQrbkDHLvCpVRbnJYG8xNcVplGht2cZVGmGtnT9JKY-vx-LCo5K_xC0ueyXSeSYLSwwtdnEbfRjQO_Izdy350u0qQL5gTtemGPTUm0rBIKwI777b31STfyB6XCadxQHHSr9roKXPbGq_XweS10C_aS17JVuCv96vJjB1ZhjMh-fQLjFmxi3XkRAOcyxnDbVyWl7ZoQQxw0s9UGZOAt3nsslLIjPMIRxnATPJx04AQBgAa1xMLl_LuA27QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1k-D1hn5VWDKhOmJHdNvJfIhNDgw%26client%3Dca-pub-8307598208016619%26adurl%3D

Requested by

Host: 7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com
URL: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

81a2193f4efc051682bf3138fb4a3dde46aeb1cf5a0e2c87f287bf9e357260f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 01:05:43 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=I0ZhKfrqgbIfYWivh-gn1mrVoufZqA7arcb_Ox6xzVUS_rdRe1RL972Gy63h9ijmZev_hQZd1n96rcJzBzcK3AdbeLRGzNgSUI_mGiU_QX2YMmZRtrvRJzpyNM0L4WAXgMy2Tn-AxbWD6ww97khejgTc1EmMCb2oa-1Ln3AMNxS4mM5DHy-ek94HT8ULfKca5dZx8NLa5FVZrFloOzgz_lWv_NXUyk-GT0kTdCd3MiXhgTAXFXfQVawODjlrtu_K2NkIYg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 91122480
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 98A3 3 KB
1 KB 147ms
76ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com
URL: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 12:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Nov 2022 12:32:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 98A3 17 KB
7 KB 140ms
69ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com
URL: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 11:14:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Nov 2022 11:14:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 98A3 0
0 99ms
38ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQasZpfsLjGVJDY1R6BE4hKO6sk_odD6l5xwVoQ9b0LfLSEuh2SslLaJfPVZwDxbH1v_uhEjBaVxHy5i5Z26hi8tb-tew
Requested by: Host: 7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com
URL: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 98A3 22 KB
7 KB 135ms
65ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com
URL: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 03:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 21 Oct 2023 03:07:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98A3 152 KB
46 KB 148ms
92ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com
URL: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47476
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666179788250400"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Oct 2022 01:05:44 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 73ms
42ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-109056487-1&cid=1709644260.1666400744&jid=64655651&_u=aChACEAARAAAACAEK~&z=228109138

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 01:05:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 192ms
69ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-109056487-1&cid=1709644260.1666400744&jid=64655651&_u=aChACEAARAAAACAEK~&z=228109138

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 01:05:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
324 B 72ms
42ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-109056487-4&cid=1709644260.1666400744&jid=1536536034&_u=aCjACEABRAAAACAEK~&z=1253670261

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 01:05:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
501 B 190ms
67ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-109056487-4&cid=1709644260.1666400744&jid=1536536034&_u=aCjACEABRAAAACAEK~&z=1253670261

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 01:05:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 91ms
24ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 22 Oct 2022 01:05:44 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 214714
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 67D9 2 KB
1 KB 395ms
64ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1NB6AAEJtEK4HbDAAKLc2uONnC9f56St1aqtw&u=%7CMlr4B4FuYy7Bu%2FxBL9B%2FtY8Csz35J9vKFbsqtfu3FF0%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7JvP7Dm--2WQz0kNoXpvmfQhgfJXasdzCK-Q77BHxp9q9pJjDQa7PaEpYWmtP7eXz_BMX8tOIxPfeMnlhRePrlItZ3hQpaDDgdj3CmW1hohawgN8cfwx_4qMDyZTOoD0rhfRW_UnxtAmbyIn4H0XOGfv8AbXSlm0i7mIll6Oz4mypo0Xo-BfKrxvHN-IE3hmbAhI1BGXPBIcYJ-aEsm0NqIZPvo4TW5tArV8SfRtj7AXI6GmswPIZOqVEkD9oqLExFMCNZOQI3RUJYaaj5H9YtstDBSMzewj6Ml0btsIlR2eFquNhLze9hdKuvhMzVyJwKtFTTP61gWv-AFqlACM5xPpd9rH0PJBLirLATs1i7qu-CmT6jpPbj9Gkt-xYbxDhexQbY_ZdpEvT2obJYWnnKfV5xO682aKwTpXjohoXeAz1_AcftEbgnMg0hg3yvSkNY6IpXAd79EOMynAvpHIO-BoTteq4F_mxemDmRIwiRnSQrMPfxzfRoPdsAb9m2vCAX6KTYGZvToQmF0vW509Lh9NcU-DqS7oBpntW9Ys7NOwRqDPzmVh1U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7UNe6EFTY9HNEMPtgQfzloqACMme0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItODMwNzU5ODIwODAxNjYxOcgBCakC39KZasmEsD7gAgCoAwGqBM8BT9CM-oQoTFK7zjq4OT6ZXVlhcephTP4RxccLgsa-dKpZeQ0LO3sUbuMUX4lwhU3rlC7DPg97wFBy2cXJ3hbzFqTGVZl20HeGCbndrG9D7qTW3gE2LOrFav9yhqz1JJZa2EINcNSgYW4LzfJ0PYy9xEJKoVYFuf6gJ2wBLMQcrWy2xwHw1gPd01-gVwByKttnuBecHTzgLecNdfLUj_WqmgCMPMQGbSCBEPGR-BEZUrYZ3i7CUPwdVXrsdDLZyiY6wYzrqnVcmXYfOXxmi5_54AQBgAanz52npq_QkkmgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_00Q5ido4-wKtBoeUtFCk13IbaBCA%26client%3Dca-pub-8307598208016619%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 adchoices_nl.svg
static.criteo.net/flash/icon/ Frame 67D9 2 KB
1 KB 394ms
63ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-754"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 67D9 308 B
637 B 358ms
28ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 67D9 293 B
621 B 397ms
67ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 67D9 43 B
348 B 132ms
27ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=YySYs2H6WEaEzlApExi3_Ms0q0tn0vjhsvN9sQ7TNjeL35X8xTprHE6pUeGrlGIY6hcJm8h-3a1Zpmj_H0fTYPJke3dgGFYchvj37_HjnFfLTdZjIFKpzRG9tVxSJVttUUtcn9yL1r9SISFW18YEYDaMCwGJzaOZIqq28l9I7m0jC7I6mtu_MtUeo6G6Wil3OV0irkLZPnE879T0Vd0e1IXhcLgyqw7W0EZ_9hVyP7MNuQyeRKp7494BwyvVcuWmFDuSnKyeLnOOBatJFwUNI_XUWfZXHE3VDjmNRbDMMGXqw3J4fZxL7FWmb-wNrgI2ooH2vVY03wTK7LQ_ws-fX7Wixi0RkRtgiHg-t89GkdFoKrFdv-PZGKc3SUN41_PnqyBciWWqax2oS-NO7pPba5nl4IR7T_GrJ-NLVpojVxrQSsiC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 01:05:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3800101
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 b4881a07fa9a4555bf42225e00ef4b64_image_ad_728x90.png
static.criteo.net/design/dt/2413/221014/ Frame 67D9 31 KB
31 KB 383ms
55ms Image
image/png 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/2413/221014/b4881a07fa9a4555bf42225e00ef4b64_image_ad_728x90.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e6d1c29dc9d38f999ae4c2cda3884effa8e17b0bb80054fb30cdc1e50908671f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Oct 2022 12:13:04 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63495250-7a85"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 31365
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 create-geolocation Show response
ntt.inews.id/ 160 B
598 B 812ms
811ms XHR
application/json 2600:9000:218f:7600:1:b1a4:2f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ntt.inews.id/create-geolocation?geolocation=false&latitude=&longitude=&action=created
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218f:7600:1:b1a4:2f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8273e4392917c12d573def2d0b3db4e2d34f5d712e008cfa6fd36430e25978aa

Request headers

Accept: */*
Referer
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
content-encoding: br
via: 1.1 1cfb3433a86e7969c88f0dfbfd15af32.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: CDG52-P2
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, private
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Z8S0br1jX3KjtpRfCNgdwEAK_oL7k2_1tipDB9Hmhh7qEH6mlgNDjw==

POST
H2 200 all
csm.eu.criteo.net/ Frame 67D9 0
128 B 159ms
33ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=_eQOQ_rqgbIfYWiv5_MB53pR01f9RH0q-W2UKAeMYW_kAm0ZtCrSnHXtPv1hHeyGl-MF_hoV5MfKqhCkcBO2rlWb7bjlAslI6DIPcKi9Hsd4brz2P5sf3DA0c1j0zKbIYI26t7IMcl3zLPWsTQJeCzcXp1-2jj-FV26JONeKy6lr3ramRGT990qNjGOeOMNwQKJVP4fBuxTq1dXJW8pJqGE8EZOpF7wQSIZ52waxYSKAe9uuqh9HrNhITSCoKm5uLPqplw&sds=2&rev=83303&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 22 Oct 2022 01:05:44 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 67D9 2 KB
1 KB 407ms
87ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
DATA 200
OK truncated
/ Frame BC8C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33488fdc6d4984eb17255d2cfbe8700c4ee626a9bc4e834b52cbddac06fb2528

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6FEE 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c009c5a8e84bb752e33508b3f54ece0fef823555100cbae70210abef24ea1b65

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 4DBE 2 KB
1 KB 326ms
65ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1NB6AAEJtIK4HbDAAKLc5tnx9u_f-tKflowNg&u=%7CMlr4B4FuYy5lU4eF57in%2BX5Xz779dueiaGIOkVzKtL4%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N7_Ai_ZCvZZTEBrWaUcMEzDEPcMYO5KXKKokDOS3mrbr6Es9r_IKxreF0UgY4P7dGelGz72T9HjAfMMR9QmcbjsQL9jQib5C7S87F5Dg5aml5NVGHPCAluZBfyq9gunbKC-7cN4vZ9Xoz28y-Bh32t2PbsfhbkFJYr2PKjzerZRKYuT5YZsEEhy3G_M12DCWwOEr58M52I9vhTO6m9nL6kTeW3MlhdRWUDChG94CaxBj9UYMFrPzqfmmySAO0iacSZ6SGmflYJq5kVkxzUfDSKRT3NcNRxa6ZkUdD_02MBV2uqwsRBhJqT1Aw1gOz0wXGiL67EcAVuEZTacVlbSoZFPX51WITTd9KMmJ70IEBFjs76xVMAr3wv3xvf6mtNea5yKWRgihyidijOrJMbtuOSY_P4ZN7jMY0Eiki4pD1JOE6dSk0fE6jWItNASSXubVgflg0NnjLhFqfiYMYpRi6ErofCPvRwahcR3ZxSENlMz9UUXPCvLIMvHQ9pJthLsX24FSOOQj-k_50d2YJ4f_Fz0JlS6fHYbwEcIE9OQgJAE8Uc37nBmTmw-GdH2ObZG1uw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSXmh6EFTY9LNEMPtgQfzloqACMme0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItODMwNzU5ODIwODAxNjYxOcgBCakC39KZasmEsD7gAgCoAwGqBNIBT9BDBo9YYerU_xVn-w3J8VmFK7rNALkZRP4ALvTWU7ZvYjtHuFPQlaFXL85lpw1s3zxtj3zdIgQINHNERM6olXsWhQSdBRL_KVJ2UviUl9X7ImrFGh4BqayJNjycSYlskaXP_fZGtimUcTCPWbYlJ79AxyQIVbpqlDtY8bbauGq8oTviAW2YmD8YIESS594IJzj-tRPDeiPaMeKe1uXoH0aNcABdA6X-XiDDFSq_gwsiD6LCjMaIxYwzOCMDrDruT7TvVOeeoZApetUVCCqEtDpb4AQBgAb5rrfX0K_i4JQBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_30f7xbbEfZagbnotBXWcH5iJvr4w%26client%3Dca-pub-8307598208016619%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 adchoices_nl.svg
static.criteo.net/flash/icon/ Frame 4DBE 2 KB
1 KB 345ms
85ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-754"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 4DBE 308 B
636 B 240ms
54ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 4DBE 293 B
621 B 254ms
69ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 4DBE 43 B
347 B 28ms
27ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=IoFw23sx5Nsy6Bsssc6uprpsuzAlHrOUjvvMCV_qIN0JrPppbkChhj2r2_F5l6vBaK41fil8qIb1k0p1TFBZo6MzMszmaDT_iy77Ae7l4k8dBGPbMYHOyXRC9dYXq1FxXHK2JPavvs7QMK1AGQQ-mtHParwcosu1RR59zx9hOfOCIp731yNv_0ke-qmA21j5D7_nB1fr5ajTm48GW2BDATd6icVI_1rUYxeAyrGMryhoOkxQtOkNstOrf5ErB23obsdOKBV8l-yYGMbMtsJWn2eHMHaL0IkCYRkDDWFi8FvLAwmkGPXMlu8Ctw4hWEUYqC2rkX9SmMf3mvhQTRwNWk58AC03DQnKfVAjJ9gQvgoY2_ziFWfa2xR2VsCpmSCYsj4k8npoDrftCxirMYQ6-eVqZEPtiwpV53nfdPfY3ds_62cW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 01:05:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3789640
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 widgetvisionplus Show response
sindikasi.okezone.com/widget/iframe/ 96 B
366 B 628ms
517ms XHR
application/json 2600:9000:2394:4a00:9:965a:8240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sindikasi.okezone.com/widget/iframe/widgetvisionplus
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:4a00:9:965a:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.9 (Unix) /
Resource Hash: 10980d61a054f279e0d593a30d004e37a24bfa1ae1130b766fc7138e84c5905d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 2d8216898001f8ce3fde38c8796d2fa6.cloudfront.net (CloudFront)
server: Apache/2.4.9 (Unix)
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
content-length: 96
x-amz-cf-id: wgFidLD9M-cu8pN9xRF7LRuOFtkrFQBRnPI2lKlMn3EednGKjh2twg==

GET
DATA 200
OK truncated
/ Frame 98A3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9d3f9a535c897d07a1daab90df4be8438fbae05a972650723e8c0b2d1c030f6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D773 2 KB
1 KB 228ms
53ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y1NB6AAEJtQK4HbDAAKLc_IguVjkcmGXykcLeA&u=%7CMlr4B4FuYy4uSWFA74OOUL2LA7Pd8t%2F2jHN3PChFHCA%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr-zNgOWxNGK8hcdazcCQ4TV7lxzc5U56N4nNlBVGgvJ_VoK3WgXPD8uK4p8u7_zm06fpz5T5hbmiHBNBT664Yh4yklKi4Udp8gdnPJKpXICeXBR4Nzw40-7tTGUiiRwVCHpbQVGexvvZENPwd3mXihGlw7X8arpMjzxcUPrFETexl7tebN_NsWL-NzE54TbHVH5cymsEXyG263oEufNQLEKUOaCH2Rfl9oyN3nJ01QvmJAt_gnJUsrK3zc1o2voJM4TMLbPFT5EDlq_aKstv8O03Q0fLzZHxL39RfxuXsGiJTagA8yVj8OQoyR3F6DxFrFpZVPS_lCxmIB5v6TIWuRtpQKTV-e6bjRgxTZ5_EHpAm1jT4tRTqVd9s8FEd7Cx-hanMAg6ms_hueJF_kopUtlHINa6sLPAvELLOsjTmrSVjeuxfWk_LGVRWniKMUfexb2m2x6_W8wZqzS08kxebEdzkK7_gAsne-H1EGGifS1I8ubBx5zxvGTSVvPC7l0wxZs7APhvQdi1kumPtHFmBvbBp2ll6bHoJk_K5zGG9TV6WeWVt1fr_jSVnRpwXUCBRjHRFSS__0RPSTEqjWxynDw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFc406EFTY9TNEMPtgQfzloqACMme0rFc1Z2R93DAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItODMwNzU5ODIwODAxNjYxOcgBCakC39KZasmEsD7gAgCoAwGqBNUBT9CwXWUu6KkpjBcBoP1S1vjiT_herJmsN5v-8x7gJeWN9gTAl7ZzZ0WQrbkDHLvCpVRbnJYG8xNcVplGht2cZVGmGtnT9JKY-vx-LCo5K_xC0ueyXSeSYLSwwtdnEbfRjQO_Izdy350u0qQL5gTtemGPTUm0rBIKwI777b31STfyB6XCadxQHHSr9roKXPbGq_XweS10C_aS17JVuCv96vJjB1ZhjMh-fQLjFmxi3XkRAOcyxnDbVyWl7ZoQQxw0s9UGZOAt3nsslLIjPMIRxnATPJx04AQBgAa1xMLl_LuA27QBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1k-D1hn5VWDKhOmJHdNvJfIhNDgw%26client%3Dca-pub-8307598208016619%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 adchoices_nl.svg
static.criteo.net/flash/icon/ Frame D773 2 KB
1 KB 243ms
68ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_nl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-754"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D773 308 B
636 B 153ms
66ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D773 293 B
621 B 155ms
68ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame D773 43 B
347 B 27ms
26ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=qyS3ob9GDvMX__YxlUxlZSZ2dOiPW29N-N0QaBynDauN6uns3ygmNuetq08EbCRZ-tMIeNUsbblImiL3SHty0RJ-eqmXxccW-Pej50rz11HK392Z7op4Sgun8A-zHPbdA8_GJnaVPBNbRKcO5usclaQbRje_aXfezNc1y77MxhlpmdQGhNLeHpJEZhOFR2vXK_zxGOaaWYNAdQtWnhOSp-xgoDrCI2rQgo5Zl6b4fpZMJ2GcIrbaevnftQtVGVmlw-k9_a49gy9qzg73lzfJBlmL0P2l_b3Y9wLKse5g5IQT1rf7up-qDVwGswgO7aF35JB2g3jDZSPMmeMCdkeX7bmBXlW4Ovjazsf6zB7BT4PdH65z-g9wLy1XZGJouURa9iKg3xiqW1l-YckOt6Typ0wr8Y4NU1xqkufTAZf9Qpn9NlvT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 01:05:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3122866
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 live.jpg
img.inews.co.id/files/img/ 41 KB
41 KB 48ms
48ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/files/img/live.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 24758169dd6ea3dca49bbacb4076ffc3b2448b50ed0c98cc7a10a167be0431be

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 02:22:05 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-original-content-length: 173991
x-amz-cf-pop: FRA60-P4
age: 168220
x-cache: Hit from cloudfront
content-length: 41749
server: nginx
etag: W/"PSA-aj-fewYzPc9mg"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315358520
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rQlp7KABCUOXyjRt9b2WyH8MS7G4_HW5VgiAMbLiS2wFjqiS-gVmww==
expires: Sun, 17 Oct 2032 01:57:26 GMT

GET
H2 200 widgetrctiplus Show response
sindikasi.okezone.com/widget/iframe/ 180 B
452 B 254ms
202ms XHR
application/json 2600:9000:2394:4a00:9:965a:8240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sindikasi.okezone.com/widget/iframe/widgetrctiplus
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:4a00:9:965a:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.9 (Unix) /
Resource Hash: c29349db5a9fd48170b7bbc29a98b63d609e5a81ad5d9219061c4d8f826a374c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 2d8216898001f8ce3fde38c8796d2fa6.cloudfront.net (CloudFront)
server: Apache/2.4.9 (Unix)
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
content-length: 180
x-amz-cf-id: viikC1FcbkYy7HRpPdSWPeKaam4OmKw9onPDqcQjnV7lOQzBXsdXPQ==

GET
H2 200 harryanto_aryodiguno_perindo_ist.jpg
img.inews.co.id/media/200/files/inews_new/2022/09/19/ 3 KB
4 KB 46ms
45ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/200/files/inews_new/2022/09/19/harryanto_aryodiguno_perindo_ist.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 88968ee29b6ae40aa82d4a5fc20e3a7b3ac853c51044ac3d5ef1cfc90af7761a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 02:22:08 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-original-content-length: 3914
server: nginx
x-amz-cf-pop: FRA60-P4
age: 168216
etag: W/"PSA-aj-2s3pZjIaxZ"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315358570
content-length: 3516
x-amz-cf-id: 3PfeC47FnObzFMZkE816u1gxk9v_nepxEB9CIVqCqXmOyWSuKEQoJg==
expires: Sun, 17 Oct 2032 01:58:19 GMT

GET
H2 200 yadi_hendriana_mpi.jpg
img.inews.co.id/media/200/files/inews_new/2022/09/18/ 3 KB
3 KB 47ms
46ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/200/files/inews_new/2022/09/18/yadi_hendriana_mpi.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 26f08a503e5ae3e0b71454740be5a1646b971c387d35660f6f0914159cd17724

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 02:22:09 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-original-content-length: 3471
server: nginx
x-amz-cf-pop: FRA60-P4
age: 168216
etag: W/"PSA-aj-nZVaeBqKeq"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315358558
content-length: 3060
x-amz-cf-id: romMpeILrF56ulyaNMl1rSnNMp-i-OeXYJMxORbRuKJkeTSQQbhaBQ==
expires: Sun, 17 Oct 2032 01:58:08 GMT

GET
H2 200 agus_kristiyanto_dokpri.jpg
img.inews.co.id/media/200/files/inews_new/2022/09/10/ 8 KB
8 KB 47ms
46ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/200/files/inews_new/2022/09/10/agus_kristiyanto_dokpri.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b105220d8c044084da36f099681f5558fde5163076a4e994e05fda234187839d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 02:22:09 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-original-content-length: 8661
server: nginx
x-amz-cf-pop: FRA60-P4
age: 168216
etag: W/"PSA-aj-PDqmdSBvED"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315358557
content-length: 8228
x-amz-cf-id: r99FmHH7umwLDckhdRjgUUNrdQToInlRMjYY5PUESzhyEyI18yWvbA==
expires: Sun, 17 Oct 2032 01:58:07 GMT

GET
H2 200 fontawesome-webfont.woff2
static.inews.co.id/fonts/ 75 KB
76 KB 364ms
363ms Font
font/woff2 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Origin: https://ntt.inews.id
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:43 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: "61778473-12d68"
x-cache: Miss from cloudfront
content-type: font/woff2
access-control-allow-origin: *
accept-ranges: bytes
content-length: 77160
x-amz-cf-id: SnRuSktsGxpI5OTJa1ec_CeSxqWxH0p368WaBJsFq9ReGtSdarNEAQ==

GET
H2 200 open-sans.bold.ttf
static.inews.co.id/fonts/ 219 KB
220 KB 669ms
669ms Font
application/octet-stream 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.inews.co.id/fonts/open-sans.bold.ttf
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5894a3649b213cf5b2d673b6e7a871815fd1d120fa68a463592f27db14eae323

Request headers

Referer: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Origin: https://ntt.inews.id
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
last-modified: Tue, 26 Oct 2021 04:30:48 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: "61778478-36d50"
x-cache: Miss from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 224592
x-amz-cf-id: bAjmkGWAxY4H2xRdO_aQ2dzlbsq-JPx_F0g3aM8m_knVK5TOjw359A==

GET
H2 200 korban_tersambar_petir.jpg
img.inews.co.id/media/250/files/inews_new/2020/12/03/ 6 KB
6 KB 546ms
543ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/12/03/korban_tersambar_petir.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a48720f34b8333900287903d50275de90ae3d9929e6d35ec3948089badb7258d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Thu, 03 Dec 2020 04:50:24 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fc86e90-1210a"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 5991
x-amz-cf-id: V6gF38WxJUrt7JDLx-A36DzfayFVgCBKA4bGhWWDD9xpyXiC39JUNg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tes_swab.jpg
img.inews.co.id/media/250/files/inews_new/2020/12/03/ 8 KB
9 KB 241ms
239ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/12/03/tes_swab.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b82cbdaa2cc09331a02e98cc02272b4c6e338ca4098abeed6cbc65e655d69618

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Thu, 03 Dec 2020 03:06:56 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fc85650-1a958"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 8566
x-amz-cf-id: dabq5naBCnmRPSvTblWG2e4xPFR8Riq-8RXoFVc1vUiexAoQknu-aQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20.JPG
img.inews.co.id/media/250/files/inews_new/2020/12/02/ 6 KB
6 KB 571ms
569ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/12/02/20.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5bbffa7322a01459d23bac2cfca73edab07ccf4071858026533384ff4415797d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Wed, 02 Dec 2020 09:10:44 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fc75a14-5afd"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 5996
x-amz-cf-id: XaAY-jOBAQWKQF7ZzeGZP3kbesacFqtYWee6PALCmVHvEkxFFYPpCQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lokasi_dapur_umum_pengungsian.jpg
img.inews.co.id/media/250/files/inews_new/2020/12/02/ 7 KB
7 KB 257ms
254ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/12/02/lokasi_dapur_umum_pengungsian.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 482f89ec31e57302372b11a3d7392ce139d9fa7e9b1148a0cadc0096d0547a2a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Wed, 02 Dec 2020 06:33:38 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fc73542-13841"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 6681
x-amz-cf-id: QBkdafRDfGVd10CwZgNr8T7_7dzKkzd6K3MxCvh985Vt7zL84KZNaw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ili_lewotolok.jpg
img.inews.co.id/media/250/files/inews_new/2020/12/01/ 4 KB
4 KB 540ms
538ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/12/01/ili_lewotolok.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9474333d7aa7245993d7b1e587cbaa03f01caf631c11e356cd18694e93ee1242

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Mon, 30 Nov 2020 17:20:33 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fc529e1-b572"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 3839
x-amz-cf-id: UeeWBqARbCj6bFPIvbLKGzwI9eukMMWmrx-8BZtWXGJopcTLfnYSmw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gunung_ili_lewotolok.jpg
img.inews.co.id/media/250/files/inews_new/2020/11/29/ 8 KB
9 KB 242ms
240ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/11/29/gunung_ili_lewotolok.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 95f36d2c3212d5e41caa894cddd8aa4d4904f70b27fde249382cd641b2e483cd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Sun, 29 Nov 2020 09:44:52 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fc36d94-2f50f"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 8527
x-amz-cf-id: Qi9hJmTWeizrv-roOGPtumxNALQrUThNETf9GWiSsb4cg6t6WbOXMQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20.JPG
img.inews.co.id/media/250/files/inews_new/2020/11/29/ 7 KB
8 KB 228ms
226ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/11/29/20.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8d47b4c2593df99176a3f38c179227f8d717f8809b6fa72af241871aee2cf88a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Sun, 29 Nov 2020 08:22:03 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fc35a2b-5c56"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 7615
x-amz-cf-id: NyCd7Jx0MCnrg8Mmvvh9C2YeSrdlsbiP8Wsb46UxcBQ4eFdXvCFzQA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 19.JPG
img.inews.co.id/media/250/files/inews_new/2020/11/29/ 6 KB
6 KB 556ms
555ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/11/29/19.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c1ea18d11886b00baca4d0974e5d4b057eb7a068f6c04c81aa6a0205894c5215

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Sun, 29 Nov 2020 08:00:35 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fc35523-7d43"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 5700
x-amz-cf-id: YefmaSZPxfes0igbv9DQUHuIPv4YH-8B1Bs8yzH_b35-T20MsL-NjQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 17.JPG
img.inews.co.id/media/250/files/inews_new/2020/11/29/ 4 KB
4 KB 243ms
242ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/11/29/17.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c289874df4757fcc9027ccbd38b7d7f7805ce67a37a048b86069089b02942f4f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Sun, 29 Nov 2020 07:41:39 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fc350b3-3540"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 4004
x-amz-cf-id: vxaUDZ7_vaLRru0QMyoBcX0McTyzF04O4Qq2uM1G0KyxM9YbrDTNng==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gunung_ili_lewotolok_erupsi.jpg
img.inews.co.id/media/250/files/inews_new/2020/11/29/ 8 KB
8 KB 274ms
273ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/11/29/gunung_ili_lewotolok_erupsi.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: feb1cf7d72afdeb62e3a3973f203c731647a570163df294ce1be39443e8ccb7a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Sun, 29 Nov 2020 04:28:47 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fc3237f-13199"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 7736
x-amz-cf-id: A4U-1b6GGBaIxJLbbkqJ_Hxvcn2cvY-TtHFgJ3gLB3aB1D0ZQw7iSw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gunung_ili_lewotolok.jpg
img.inews.co.id/media/250/files/inews_new/2020/11/27/ 4 KB
4 KB 234ms
233ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/11/27/gunung_ili_lewotolok.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b573aeae6c5504229688d1ff3d72b734f1f5e146ec18414d055efe267f99c0bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Fri, 27 Nov 2020 00:55:01 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fc04e65-f536"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 4199
x-amz-cf-id: 2LOcsemJHRO4kUbZPxwOkVyRvPzaKVWPvuNHz_SXyGaEzSspIQfdBA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 aktivis_mahasiswa_di_kabupaten_sikka.jpg
img.inews.co.id/media/250/files/inews_new/2020/11/26/ 12 KB
12 KB 551ms
550ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/250/files/inews_new/2020/11/26/aktivis_mahasiswa_di_kabupaten_sikka.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f69b89737fd40509b450eb354bf0e4778f281372d6504d30465a97cb338df8d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Thu, 26 Nov 2020 05:31:05 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fbf3d99-3220b"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 11814
x-amz-cf-id: 8s8gqpFnAKVmmptGbyLohHun3hrLiZDssZKvPAsxRMz8PUPXr3VRMA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IG.svg
static.inews.co.id/img/ 3 KB
2 KB 51ms
49ms Image
image/svg+xml 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/IG.svg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 79e4cb833a7960f3d8c453e4f675bb2ca02c12c1bfadf0bb1c4b7f58aaf11427

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:45:21 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 3255623
x-cache: Hit from cloudfront
last-modified: Wed, 14 Sep 2022 08:42:21 GMT
server: nginx
etag: W/"632193ed-d09"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CD0RJ7KDkK4q6qeUw1FPPwEtUebawDSfd5XwD_qtmjrBn-sw_zvwtA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 FB.svg
static.inews.co.id/img/ 795 B
973 B 51ms
50ms Image
image/svg+xml 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/FB.svg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 55a0bf1642d1bd7a234f600647e44646e616fee58bb74db6a7796555e36124bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:45:21 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 3255624
x-cache: Hit from cloudfront
last-modified: Wed, 14 Sep 2022 08:42:18 GMT
server: nginx
etag: W/"632193ea-31b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TgwEe1Ziza2bh9G_lxthDlP7pMu7v6laSD-fra5dD1pmCndueX6HEA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 TWITTER.svg
static.inews.co.id/img/ 1 KB
1 KB 59ms
58ms Image
image/svg+xml 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/TWITTER.svg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d0fea9c53e716be3a1533132706858c49afa9386dce14c34e602634de7e5fb13

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:45:22 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 3255623
x-cache: Hit from cloudfront
last-modified: Wed, 14 Sep 2022 08:42:18 GMT
server: nginx
etag: W/"632193ea-5ad"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: M-texw2-gnlPW9QBNPgxYuqt2nKuHDwnrWlkPc8w2KhB4O4Nx6EbxQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 YT.svg
static.inews.co.id/img/ 1 KB
1 KB 52ms
50ms Image
image/svg+xml 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/YT.svg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 662ac00075123b7f5d3762d2b99737218a4699a7e930071535649b0c03d992b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:45:22 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 3255623
x-cache: Hit from cloudfront
last-modified: Wed, 14 Sep 2022 08:42:21 GMT
server: nginx
etag: W/"632193ed-4be"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XG3YSYOzvcOFjah-K-sHVvc4hANHf8i582Pmiebjz3yyNlrXzGuIEA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 TIKTOK.svg
static.inews.co.id/img/ 2 KB
1 KB 58ms
57ms Image
image/svg+xml 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/TIKTOK.svg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 58406bdb89d442965b8ee73be2adfe68135734ce95ff80839130c0db7e93d186

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:45:22 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 3255623
x-cache: Hit from cloudfront
last-modified: Wed, 14 Sep 2022 08:42:18 GMT
server: nginx
etag: W/"632193ea-787"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wHTnSFu9JwfVWvBttfBjX3oBh2Hy2nQwECq5y6cXAi8ZihzkMw1hEA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mnc-portal-2.svg
static.inews.co.id/img/ 11 KB
5 KB 56ms
55ms Image
image/svg+xml 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/mnc-portal-2.svg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f089ee5ec465c07bbae50fd32ad44489d511bb66f27d1c166bca2a091ea4f740

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:45:22 GMT
content-encoding: gzip
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 3255623
x-cache: Hit from cloudfront
last-modified: Wed, 14 Sep 2022 08:42:21 GMT
server: nginx
etag: W/"632193ed-2ddb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TycGi5QQkIDAvrlt94pPwToPTjk_AWhbJODE9-DZAl5ZgHybKsJMHQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 footer-sq-top.png
static.inews.co.id/img/ 1 KB
2 KB 57ms
56ms Image
image/png 2600:9000:2250:4200:c:4bf0:5680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.inews.co.id/img/footer-sq-top.png
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:c:4bf0:5680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 967b13c657d05d28926c464daa81fea65e885b115c26b68e144034398e41f5ba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 15:12:19 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Thu, 01 Sep 2022 15:07:42 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 4355606
etag: "6310cabe-54f"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1359
x-amz-cf-id: n_Ejrhp9u1hd3Up18v_PbSQfi5eGMyFr5D0tUnN7-F08LELKk28YMA==
expires: Thu, 08 Sep 2022 15:12:19 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4DBE 12 KB
5 KB 92ms
29ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 206245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75de53913f9eb7c1-AMS
expires: Thu, 12 Oct 2023 01:05:45 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 4DBE 12 KB
6 KB 191ms
85ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff
static.criteo.net/design/dt/ Frame 4DBE 31 KB
31 KB 139ms
34ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/b4338c429b884dd1a41cf5d47720754c_gotham-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 30 Oct 2017 21:00:07 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"59f792d7-7a00"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4DBE 47 KB
48 KB 272ms
64ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=15718&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F15718%2F221004%2Fd7ee4aec45f84731966e6d23332e0df0_img_horizontal_1.jpg&v=3&w=1200&s=_JxDPZkTiVcc4fzvdxjTCtxh

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5e5558cb88e11a5f18ea8eb9bcee840434eb4c20a5a0d2d3b6937b33ed900df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29586213
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48490
expires: Fri, 29 Sep 2023 11:29:18 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4DBE 11 KB
11 KB 240ms
32ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=15718&q=80&r=0&u=https%3A%2F%2Fi1.adis.ws%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_561783_a%26resmode%3Dsharp%26qlt%3D80%26w%3D600%26h%3D425%26v%3D1&v=3&w=400&s=5lq0OeUJkeQjhU8FfCsZxz96&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

7a70b3626d95924416fae501e1977ebd0029fdd4d74ae0fafb9bc84e02391014

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1448
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11468
expires: Sat, 22 Oct 2022 01:29:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4DBE 10 KB
11 KB 284ms
77ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=15718&q=80&r=0&u=https%3A%2F%2Fi1.adis.ws%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_549610_a%26resmode%3Dsharp%26qlt%3D80%26w%3D600%26h%3D425%26v%3D1&v=3&w=400&s=JYmw8J0796cogQItv7qhgd4v&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f12c075e062e645162c407ef8e9288be9b757bfc466eaaf83d67520d6646a64f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1742
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10494
expires: Sat, 22 Oct 2022 01:34:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4DBE 11 KB
11 KB 264ms
57ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=15718&q=80&r=0&u=https%3A%2F%2Fi1.adis.ws%2Ft%2Fjpl%2Fjd_product_list%3Fplu%3Djd_409036_a%26resmode%3Dsharp%26qlt%3D80%26w%3D600%26h%3D425%26v%3D1&v=3&w=400&s=B7UQQeylk4ZB9preep5m_8dL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9be05e75a8010e27cff48cd1d42f39661764c4ec06a46c21fe0dff5df09e2155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=842
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11164
expires: Sat, 22 Oct 2022 01:19:48 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4DBE 0
127 B 34ms
33ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=KHGCKPrqgbIfYWiv0ygZhRfA7OnQ4qPf1NV8DEWhGVJXbgsv1sHmph2kbp4GcftTqOaoacGL1WAzS3HenmP0iwbusbBl4PMaK8GNLhoDYXrrzen6OfxwAj47r4wHb8seoY40EJabE9P-7kjyNJIHBlCGjWMY3zAkEOJ6VZ4G20Ku7WbdtbMLFo_AkaQkHuH3YmKiHmFbyIVgAyjqZx6GDpfvbMYhr3N69J8ktYXVu9XzXBsk78TZmPx0IZgkeoJojYH6kw&sds=2&rev=83303&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 22 Oct 2022 01:05:44 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 4DBE 2 KB
1 KB 34ms
34ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 covid_19.jpg
img.inews.co.id/media/200/files/inews_new/2022/10/07/ 5 KB
5 KB 523ms
507ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/200/files/inews_new/2022/10/07/covid_19.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 625ffa977b5dd03b4d406e0a633325a3a9265042bc16c9238f046d6669a3623e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-original-content-length: 5623
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"PSA-aj-O8_VIyyI7o"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315359537
content-length: 5250
x-amz-cf-id: F8eGogC2L8FFnxAaAtM-hJKPO93Bfp1qP5jAdmfHs9fM5x3YZBgJsw==
expires: Tue, 19 Oct 2032 00:58:03 GMT

GET
H2 200 covid_19.jpg
img.inews.co.id/media/200/files/inews_new/2022/10/09/ 5 KB
6 KB 52ms
37ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/200/files/inews_new/2022/10/09/covid_19.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 73539907a0136f79953669a4cf5e69b93c67d3bf4c8ee059d16773743b6b4e93

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 07:34:56 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-original-content-length: 5905
server: nginx
x-amz-cf-pop: FRA60-P4
age: 63048
etag: W/"PSA-aj-X4MPg96esP"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315357815
content-length: 5498
x-amz-cf-id: OmBCJxeHJiuhJnXJoGnXiCT8ffclWsxczSc4tUwIUhogMAnXEUqoRA==
expires: Mon, 18 Oct 2032 06:58:32 GMT

GET
H2 200 covid_194.jpg
img.inews.co.id/media/200/files/inews_new/2022/08/23/ 5 KB
6 KB 47ms
32ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/200/files/inews_new/2022/08/23/covid_194.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 104bb3f6901464dd1baffcb3b07eb508224ca309fd94569e68895e9e17362c3d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 02:22:04 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-original-content-length: 5868
server: nginx
x-amz-cf-pop: FRA60-P4
age: 168221
etag: W/"PSA-aj-_15_Li8z9b"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315358575
content-length: 5271
x-amz-cf-id: b604H-eX9wQ4pxPR5cBFwu8jQ5ZAAt3b6DnmUz7PtZsvv0-OFL39CA==
expires: Sun, 17 Oct 2032 01:58:20 GMT

GET
H2 200 Perkantoran__ant_.jpg
img.inews.co.id/media/200/files/inews_new/2020/Ilustrasi/ 5 KB
5 KB 47ms
33ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/200/files/inews_new/2020/Ilustrasi/Perkantoran__ant_.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d7c0ce8ff67ff51c00843aaede30ab687a7f8aa58efb12f6b711fa56287ebc16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 02:22:04 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-original-content-length: 5607
server: nginx
x-amz-cf-pop: FRA60-P4
age: 168220
etag: W/"PSA-aj-7dZe8IBbLz"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315358695
content-length: 5209
x-amz-cf-id: 2KYUdRQyD8IAFqOzCBOaJIzTGgEBtFU5f1E5Xwh8fK5RLgZh4poemw==
expires: Sun, 17 Oct 2032 02:00:20 GMT

GET
H2 200 covid_19.jpg
img.inews.co.id/media/200/files/inews_new/2022/10/06/ 6 KB
6 KB 47ms
35ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/200/files/inews_new/2022/10/06/covid_19.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b05e1785e2dc74687cf2aa6351d949daa10e4c1e67385fc33dd450ade3f279ad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 02:22:05 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-original-content-length: 6373
server: nginx
x-amz-cf-pop: FRA60-P4
age: 168220
etag: W/"PSA-aj-ysvO60sV9e"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315358607
content-length: 5970
x-amz-cf-id: 64zSJCLwrRMDdGJ2RMQMPd6vjpP9xlGJb0N4R3dUsxPwdIVjMKOPOQ==
expires: Sun, 17 Oct 2032 01:58:53 GMT

GET
H2 200 vidicon_play_image.png
img.inews.co.id/files/inews_new/2019/01/09/ 3 KB
4 KB 32ms
31ms Image
image/png 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/files/inews_new/2019/01/09/vidicon_play_image.png
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/css/mix-desk-v2.min.css?v=72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8374e43ee6f7512f5d01e7fdf1b0110d754afffdcce407c5f6f78c287b88afef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://static.inews.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 02:22:05 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-original-content-length: 5410
x-amz-cf-pop: FRA60-P4
age: 168220
x-cache: Hit from cloudfront
content-length: 3253
server: nginx
etag: W/"PSA-aj-SlCzXrTPH6"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315358561
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PyjPFK2wn0lq4_Ghhv0aQ-Mt3MW3L1rhWWf-ysin64p6ARbI03cLqQ==
expires: Sun, 17 Oct 2032 01:58:07 GMT

GET
H2 200 imageload.png
img.inews.co.id/media/400/files/ 4 KB
5 KB 33ms
31ms Image
image/png 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/400/files/imageload.png
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a1d9b56ca3fe9f2986f33516b17b42565d93548760107c2940ad38cfa53827

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 02:22:05 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 168220
etag: W/"60c3deb8-229c"
vary: User-Agent
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 4318
x-amz-cf-id: t2QVZr0DCQu84Mu19nfwiSvfIrEABfrBvjFdzme9zD6kH3xXbWROUw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imageload.png
img.inews.co.id/media/150/files/ 1 KB
2 KB 33ms
32ms Image
image/png 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/150/files/imageload.png
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1a4d0de3d4c5c46bdfe137e53ed5ce780f331969ce905a38b914ba407cb91103

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 02:22:04 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 168221
etag: W/"60c3deb8-229c"
vary: User-Agent
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 1392
x-amz-cf-id: YxrqoO-1BrEgkPeDG7ZPpgFV30Oe74MI2dmXObhZIANAiuBjRFaFew==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6.JPG
img.inews.co.id/media/400/files/inews_new/2020/12/05/ 16 KB
16 KB 678ms
677ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/400/files/inews_new/2020/12/05/6.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 937aaa154deed9b1e222398561218f8fac221943d4c0e7790e5014d4e67288fd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Sat, 05 Dec 2020 07:42:25 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fcb39e1-9930"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 15944
x-amz-cf-id: DkHsPuRzDe-9irkR91tux--djIb4UTwM_-jXO9Wf7CpKfyLBaAeeig==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3.JPG
img.inews.co.id/media/150/files/inews_new/2020/12/05/ 3 KB
4 KB 204ms
203ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/150/files/inews_new/2020/12/05/3.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6639c89c562db38912bcc62216b60dffd7ad9c7b74b0a39636a531dc86704c4c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Sat, 05 Dec 2020 05:55:47 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fcb20e3-4f7e"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 3405
x-amz-cf-id: W8_vSzOOFIGUfijNpFCFE4aAL6vHzoXYwWBJA5IbHoVnmckiN8c-sg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20.JPG
img.inews.co.id/media/150/files/inews_new/2020/12/02/ 3 KB
4 KB 525ms
524ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/150/files/inews_new/2020/12/02/20.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f0a086c3cb3b3d4d09ae9ba96af6506ebebec54a7181ec8bdb23f2ee2aa31d0a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Wed, 02 Dec 2020 09:10:44 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fc75a14-5afd"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 3348
x-amz-cf-id: ZyegVx3JzuBdZ4mecK3pi6PLX1TQ0YT0nDIQ_OjKJI6RR0YjHk1G6Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20.JPG
img.inews.co.id/media/150/files/inews_new/2020/11/29/ 4 KB
4 KB 514ms
514ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/150/files/inews_new/2020/11/29/20.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d96d17e0808e153cc1bea4b5608862917b322df6d84d75abe13373596a1d646

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Sun, 29 Nov 2020 08:22:03 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fc35a2b-5c56"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 3872
x-amz-cf-id: kuskDTfeNUcest6DXCkRKbDj5UcxLr6uTSgssi4m_lMtCDoJWk_qAw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 19.JPG
img.inews.co.id/media/150/files/inews_new/2020/11/29/ 3 KB
3 KB 205ms
204ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/150/files/inews_new/2020/11/29/19.JPG
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d5722dd6b464726069fab1c1821c6681abe2a5a143fcd58fc109aecebdb44460

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Sun, 29 Nov 2020 08:00:35 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"5fc35523-7d43"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 2972
x-amz-cf-id: fjWFHDdkxPSh3MmNPh86kE9ZGl5yjdY5rqTF91fpR-Cz9zebONMxwg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D773 12 KB
4 KB 29ms
29ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 206245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75de53915fbab7c1-AMS
expires: Thu, 12 Oct 2023 01:05:45 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D773 12 KB
6 KB 107ms
84ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 15d5d703c42e4428ac44dab5cf9e86fc_futurahemaproot-bold_0.woff
static.criteo.net/design/dt/ Frame D773 15 KB
16 KB 90ms
66ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/15d5d703c42e4428ac44dab5cf9e86fc_futurahemaproot-bold_0.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

604531a3d1929b4f0103f311b4a194ecee5f52ab81b289ce5792f6dbf3a5a593

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 29 Dec 2017 15:49:56 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5a466424-3d44"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 5991924ed4e144428143169b81cd6177_futurahemaproot-bold_gdi.woff
static.criteo.net/design/dt/ Frame D773 18 KB
18 KB 135ms
111ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/5991924ed4e144428143169b81cd6177_futurahemaproot-bold_gdi.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b3f015deb2a341a339024a15a640b0cd3f2151856f495eb9dc9c815a80bcc54a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Dec 2017 11:21:43 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5a292447-4788"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 26172a1cdafc4f0e93232eb625530c4f_futurahemaproot-book_0.woff
static.criteo.net/design/dt/ Frame D773 14 KB
15 KB 144ms
121ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/26172a1cdafc4f0e93232eb625530c4f_futurahemaproot-book_0.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

338e84586decc51ac996395ee4039d88040a863dd2775c2f7c22ff161c1c896f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 29 Dec 2017 15:49:56 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5a466424-3990"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D773 6 KB
6 KB 222ms
111ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=176&m=0&partner=5515&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5515%2F190823%2F1426abe1824e40879aaabab899eb96a7_logo.png&v=3&w=256&s=mwtSfbzPSIfnCaRusInhxDvA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3b571f3642807f973bcaeba0dfb25d873313fb66fa894fa01de708e734f0cc47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28780519
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6041
expires: Wed, 20 Sep 2023 03:41:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D773 3 KB
3 KB 167ms
56ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5515&q=80&r=0&u=https%3A%2F%2Fwww.hema.nl%2Fdw%2Fimage%2Fv2%2FBBRK_PRD%2Fon%2Fdemandware.static%2F-%2FSites-HEMA-master-catalog%2Fdefault%2Fdwf45881a9%2Fproduct%2F60410002_01_001_01.jpg%3Fsw%3D1100%26sh%3D1500%26sm%3Dfit&v=3&w=400&s=WJAxt-6CijqO2zJhRzPvbOLr&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a053164365385c569e3fa4d968fb9c16675c88d3bf4bd9a402fd0a05e48fc1c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1287916
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2838
expires: Sat, 05 Nov 2022 22:51:02 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D773 4 KB
4 KB 244ms
134ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5515&q=80&r=0&u=https%3A%2F%2Fwww.hema.nl%2Fdw%2Fimage%2Fv2%2FBBRK_PRD%2Fon%2Fdemandware.static%2F-%2FSites-HEMA-master-catalog%2Fdefault%2Fdwce5a952c%2Fproduct%2F20510074_01_001_01.jpg%3Fsw%3D1100%26sh%3D1500%26sm%3Dfit&v=3&w=400&s=VW0wbPTzmiegRCQRs_HeL8lI&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4f42878772b8f0da147cd8218966b6369dabaef673af964077745ade9303a4a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1865216
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3680
expires: Sat, 12 Nov 2022 15:12:41 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D773 20 KB
20 KB 236ms
126ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5515&q=80&r=0&u=https%3A%2F%2Fwww.hema.nl%2Fdw%2Fimage%2Fv2%2FBBRK_PRD%2Fon%2Fdemandware.static%2F-%2FSites-HEMA-master-catalog%2Fdefault%2Fdw9df58e5b%2Fproduct%2F05330003_01_001_01.jpg%3Fsw%3D1100%26sh%3D1500%26sm%3Dfit&v=3&w=400&s=H8BXux-iyWASY597_rs4-w4K&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

44af12a38e94a85d1147dc4f771905165b71c5d391a80db23cc20411b11f05ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1905193
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20664
expires: Sun, 13 Nov 2022 02:18:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D773 69 KB
69 KB 205ms
95ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=5515&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F5515%2F220826%2Fe93c301594214dd6b783ea9870aae485_img_horizontal_7.jpg&v=3&w=1200&s=SAYng3w5ZWuOvOVkLDRJKEIf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

cb8e5ca3f590885848c95d7493525ecdfeb4271f60c79274334177a32db12ff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28894362
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 70478
expires: Thu, 21 Sep 2023 11:18:27 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D773 0
127 B 34ms
34ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=I0ZhKfrqgbIfYWivh-gn1mrVoufZqA7arcb_Ox6xzVUS_rdRe1RL972Gy63h9ijmZev_hQZd1n96rcJzBzcK3AdbeLRGzNgSUI_mGiU_QX2YMmZRtrvRJzpyNM0L4WAXgMy2Tn-AxbWD6ww97khejgTc1EmMCb2oa-1Ln3AMNxS4mM5DHy-ek94HT8ULfKca5dZx8NLa5FVZrFloOzgz_lWv_NXUyk-GT0kTdCd3MiXhgTAXFXfQVawODjlrtu_K2NkIYg&sds=2&rev=83153&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 22 Oct 2022 01:05:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D773 2 KB
1 KB 80ms
79ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 WhatsApp_Image_2022_10_21_at_3_00_43_PM.jpeg
img.inews.co.id/media/150/files/inews_new/2022/10/21/ 5 KB
5 KB 530ms
530ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/150/files/inews_new/2022/10/21/WhatsApp_Image_2022_10_21_at_3_00_43_PM.jpeg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 76694185e6cb27d3a75efad2bc8ee3a5af8ed11286e5c3465bdd9bfddcb08747

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
last-modified: Fri, 21 Oct 2022 08:01:05 GMT
server: nginx
x-amz-cf-pop: FRA60-P4
etag: W/"635251c1-2bab5"
vary: User-Agent
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, s-maxage=10
content-length: 4726
x-amz-cf-id: gfsCIteMp3NLKa1h-0dHXXoheulGjUl1pRrO5URwLQxPYE2vLUfehA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 liz_truss3_reu.jpg
img.inews.co.id/media/150/files/inews_new/2022/10/21/ 2 KB
2 KB 35ms
35ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/150/files/inews_new/2022/10/21/liz_truss3_reu.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: afc6db7a549a92fc1296855f5414e33c5d02d97d938e5f8865a2ffa31bde1643

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 07:34:56 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-original-content-length: 2446
server: nginx
x-amz-cf-pop: FRA60-P4
age: 63048
etag: W/"PSA-aj-1vTBdSFIyk"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315357880
content-length: 2068
x-amz-cf-id: x54HGMjwBWF-bDSJgjEqHlg6kKc4lqzX8G8AdQfANy02RfZL981U1A==
expires: Mon, 18 Oct 2032 06:59:37 GMT

GET
H2 200 kayu_gaharu.jpg
img.inews.co.id/media/150/files/inews_new/2022/05/14/ 4 KB
4 KB 34ms
34ms Image
image/jpeg 2600:9000:225e:8e00:c:5e3e:d280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.inews.co.id/media/150/files/inews_new/2022/05/14/kayu_gaharu.jpg
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:8e00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f1c31a63c5d089392ee3b79c6622f4e7642d4cd964e940b0c850ee25fe80abc8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ntt.inews.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 07:34:56 GMT
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-original-content-length: 4622
server: nginx
x-amz-cf-pop: FRA60-P4
age: 63048
etag: W/"PSA-aj-RSkRK4j4ce"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315358003
content-length: 4235
x-amz-cf-id: 6eJvqrXVBWkAdXFTZr0M7p5HG3TeOz-4TVS4WJyUeKS8ei2_xpvDtQ==
expires: Mon, 18 Oct 2032 07:01:40 GMT

GET
H/1.1 200
OK affhb.data.js.php Show response
hbs.ph.affinity.com/v5/hvr_man_inews.id/ 53 KB
18 KB 418ms
144ms Script
application/javascript 216.139.248.131
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to

Full URL: https://hbs.ph.affinity.com/v5/hvr_man_inews.id/affhb.data.js.php?t=2291
Requested by: Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/hvrlib/inews.id/1663580391/v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.139.248.131 , United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: 216-139-248-131.aus.us.siteprotect.com
Software: nginx / PHP/7.3.6
Resource Hash: dce5283ca6d723890e74d9a6889450f33095eb892262d4bd4c46f9a476a1d5f6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 22 Oct 2022 01:05:45 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.3.6
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/Javascript; charset=utf-8
Cache-Control: public, max-age=31536000
Connection: close
Expires: Sun, 22 Oct 2023 01:05:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D773 3 KB
1 KB 180ms
56ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 22 Oct 2022 01:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 22 Oct 2022 00:34:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Oct 2022 01:05:45 GMT

GET
H2 200 19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff
static.criteo.net/design/dt/ Frame 4DBE 15 KB
15 KB 52ms
52ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/19b6feaf7bb04307a5ed79d69ca28780_gotham-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f9d374ef87ca2b8179870daa8739f8b060fc77446a4109ec87dc523bd8059ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 01 Dec 2017 12:57:30 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5a2151ba-3b68"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 17 Oct 2023 01:05:45 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame D773 30 KB
31 KB 181ms
57ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 03:24:20 GMT
x-content-type-options: nosniff
age: 164485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 03:24:20 GMT

GET
H2 200 prebid7.8.0-adke-adte-apac-appn-bizz-grid-medi-nobi-onet-pubm-rubi-sovr-yiel-cur-sch-gdpr-ccpa-ucrit.js Show response
cdn4-hbs.affinitymatrix.com/app/pbjs/2022A/ 315 KB
99 KB 109ms
109ms Script
application/x-javascript 64.185.181.185
BITGRAVITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4-hbs.affinitymatrix.com/app/pbjs/2022A/prebid7.8.0-adke-adte-apac-appn-bizz-grid-medi-nobi-onet-pubm-rubi-sovr-yiel-cur-sch-gdpr-ccpa-ucrit.js
Requested by: Host: hbs.ph.affinity.com
URL: https://hbs.ph.affinity.com/v5/hvr_man_inews.id/affhb.data.js.php?t=2291
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.185.181.185 , United States, ASN40009 (BITGRAVITY, US),
Reverse DNS: pc-b-d.bitgravity.com
Software: v/6.5.0/6.5.14/v12iad1-www /
Resource Hash: 8f60ca67e9c5c8d69de099e1c7c18d47e4766c4ddbd45a22cd92cde859686520

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-version: 9
date: Mon, 03 Oct 2022 14:11:23 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 10:07:43 GMT
server: v/6.5.0/6.5.14/v12iad1-www
age: 1594525
x-tata-request-id: 20e999d55cdbdba4ba4f55c2e7bef606, 20e999d55cdbdba4ba4f55c2e7bef606
vary: Accept-Encoding
x-cache: HIT,v12iad1
content-type: application/x-javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 100556
expires: Sun, 22 Oct 2023 01:05:45 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 67D9 0
127 B 34ms
34ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 22 Oct 2022 01:05:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6FEE 42 B
497 B 135ms
66ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmmOIZdr4sK8c4rWPDM4xCrZpEqNpFKR_n07K1Zj2Q_q1j5jZ-OrjwqIIJVBi0cd931iPXgjepbHh9OFeA8fIF2Ew&sig=Cg0ArKJSzLW3lNEJ8Gk-EAE&id=lidar2&mcvt=1000&p=242,436,332,1406&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221019&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3215994126&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666400744548&rpt=429&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 01:05:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 98A3 42 B
108 B 169ms
101ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv2meVWrT9xQDZTPdpNyXvXyJjCAgwXucV04kdkO-F1wmtIZu-pWReHLl208MJBvR3IPPtUTtB3pp3w6OcZUPQpTw8&sig=Cg0ArKJSzKyDtKDJ5fnhEAE&id=lidar2&mcvt=1002&p=1083,315,1173,1285&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221019&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1852379673&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666400744552&rpt=447&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 01:05:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BC8C 42 B
108 B 167ms
101ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7-CgpO9QfyEQHs870hHYnFkaQwFYEDEvXe8Q6sEH3bbGsP3qE_r2ZaO7WGBWPOj0Ns2m8cFcVfZ0RimhplsxYW5Y&sig=Cg0ArKJSzMIcBTFDt86XEAE&id=lidar2&mcvt=1003&p=65,591,155,1319&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20221019&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3239413752&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666400744543&rpt=414&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 01:05:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 96ms
31ms XHR
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221022

Requested by

Host: cdn4-hbs.affinitymatrix.com
URL: https://cdn4-hbs.affinitymatrix.com/app/pbjs/2022A/prebid7.8.0-adke-adte-apac-appn-bizz-grid-medi-nobi-onet-pubm-rubi-sovr-yiel-cur-sch-gdpr-ccpa-ucrit.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40cb368f045d5452437d16c14a82ceeec9b37204f16b657be49d086106ae4700

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 22 Oct 2022 01:05:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 36291
x-jsd-version: 1.0.1499
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19153-FRA, cache-yyz4532-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"663-m5zFW9QZB+4iGVgL4HRK+wU5t5E"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 75de53979bae0b6b-AMS

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 107ms
45ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0ff0c11cdeaff05a49fca0881be9b9417acb5f208994c8fc512dc84552a8e96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11227
x-xss-protection: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 4DBE 0
127 B 34ms
34ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 22 Oct 2022 01:05:46 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame D773 0
127 B 34ms
33ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 22 Oct 2022 01:05:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 106ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070473

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Oct 2022 01:05:46 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CE2A 13 KB
5 KB 32ms
30ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 38683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Oct 2022 14:21:03 GMT
expires: Sat, 21 Oct 2023 14:21:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3DAF 783 B
533 B 109ms
43ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0188a714186d85517d2dbbe16fd3722c92c84d05af90f94a2b348aface0d1b23

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wiaig20MYR8A2bwwivIeNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-wiaig20MYR8A2bwwivIeNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 01:05:46 GMT
expires: Sat, 22 Oct 2022 01:05:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 zmeOo8ONk1YqWYD8DpPjl7c0n4Y1CeYWRiKSJrvfmvk.js Show response
pagead2.googlesyndication.com/bg/ Frame CE2A 36 KB
16 KB 93ms
31ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zmeOo8ONk1YqWYD8DpPjl7c0n4Y1CeYWRiKSJrvfmvk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce678ea3c38d93562a5980fc0e93e397b7349f863509e61646229226bbdf9af9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16035
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 21:40:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3DAF 0
0 64ms
64ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101901&jk=4313724485563589&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CE2A 0
10 B 31ms
30ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oO_qxA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H/1.1 200 628.json Show response
id5-sync.com/g/v2/ 216 B
622 B 107ms
32ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/628.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159495/4556/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

f1a1582bbe8c17b03cddc3dbf54f4ad7132fc56f171cad76a33004da623a09b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ntt.inews.id
date: Sat, 22 Oct 2022 01:05:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
335 B 165ms
72ms XHR
application/json 54.76.69.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159495/4556/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.69.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-69-59.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 4baad1cfa65428f1dc07ce2a2783fa7572394665f2a85a1721a972ea4814ac2d

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 01:05:46 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://ntt.inews.id
cache-control: no-cache
x-server: 10.45.2.221
access-control-allow-credentials: true
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
388 B 133ms
41ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159495/4556/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 0bb9c46e2afd92a2737caed5c84895c475c7891eb42e9fd0301794dc9df79f5d

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 22 Oct 2022 01:05:46 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ntt.inews.id
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Mon, 21 Nov 2022 01:05:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 78ms
78ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101901&jk=4313724485563589&bg=!2tml2Z3NAAaaxvStusY7ACkAdvg8WuKjdeIzJbFcsOOPhZMOPIphVyU1QkKfdTWQnWggZ7DD0eI1FQIAAABPUgAAAAJoAQeZApuxLK_OQyuk93rQyXY3NsHyGkRUaZZdhV_YAlqryAKosrd2NClp_zg5fY7kQ-7N_u7jMscXOsMB3kPLVdCmZvcWR__Z4Buk43W5RBbUwpDD1sBC641vO4xKHebpk9Izwu2Mln4Er7WOwpsUkCN3aPxoKD6j5qTvBENIh4j2ZEi3gC7HVSyJRxNznmsEBYgvdareeNa4cG226X7hhz_Eqk38pbPCAujwnF1R0_i3IQKcgPZnMuIT43OwUbI5CuO0SDztufD5fK7Fk8NgEP_6Qjrif2Tgks636jSi-jq8SALjOhf18talvOKDoSeubIXY5q6TvyMz8MyAihwUUVP0piTz1eksJ7Yj9fsNTrf5RvhFG5wMI-iBSE04AJ2rW2e1Q_6B0umu2TBunTQERsHBFco6PbLIBd5PkEm2-VZINpeJpNg094Wl33Ectq8mbWkQcizPIzJk-ZsdTeEDuz7M4WbpY4MzoJ8_ifSl_BX6YLoGQasGQEwT8CAbIqAIZxHNMt6yA1UUpZp5fkibsiwNosujJeu88Rvxo4aveETOmm99CkVg2ow7KSNn4RYQmgnOZvrGMTgOdzFABnGsr4cQRa883YqBrQiDISma0D0XLoAIAofv8R7f9hxUgzi9QDWP97EQhoJ0AlnXKxoRTfk12nuV0m1MCwqMU802HLgCbJsYDJprtfQoREHZZdPvoPYbT7YnfOutHd-ZlkkUok5-fr2wUNmeH-s0l41gLo1bYmCf5dfE1iU8uMUv1haiCFWHHXMNACC93aeD9dezkZxwMMLovggyzSvbIE18rzm4NudddJFkAYkFU4YS90Dx2t9ONZWnobqZ8qU9zw7UHYBxISJFkkSHYTgZuSfqFnzhQcWcXJe4jdkw-A8fo6b3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 vertikal Show response
sindikasi.okezone.com/widget/portal/inews/ Frame 0C63 10 KB
10 KB 570ms
520ms Document
text/html 2600:9000:2394:4a00:9:965a:8240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:4a00:9:965a:8240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.9 (Unix) /
Resource Hash: e75f63b4b75f9c117a8e8d562532e65ba574d9c3a1a0732945c41b18b83ad08d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
content-type: text/html; charset=UTF-8
date: Sat, 22 Oct 2022 01:05:48 GMT
server: Apache/2.4.9 (Unix)
via: 1.1 701ed6d11cb535ec9687bbfbe3b14bc0.cloudfront.net (CloudFront)
x-amz-cf-id: VVf-YElVjTZeOmtbWZ8RDFBNuWhlE0jdlLGVwF5Beyq8ByCBOum3yQ==
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront

GET
H/1.1 200
OK survei-lsi-80-persen-lebih-warga-dki-puas-dengan-kinerja-anies Show response
www.rctiplus.com/global/3051323/ Frame F96F 13 KB
5 KB 554ms
476ms Document
text/html 79.133.177.229
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rctiplus.com/global/3051323/survei-lsi-80-persen-lebih-warga-dki-puas-dengan-kinerja-anies?1666400745296
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.133.177.229 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / Dark Phoenix
Resource Hash: e3429744f6e4166afaf9ca7a925540bdaa869e65ed4b15000300e971e1675092

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1666400748
Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 22 Oct 2022 01:05:48 GMT
EagleId: 4f85b19516664007483954060e
Server: Tengine
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Vary: Accept-Encoding User-Agent
Via: cache16.l2de2[443,443,200-0,M], cache1.l2de2[444,0], cache2.de3[446,445,200-0,M], cache1.de3[447,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Powered-By: Dark Phoenix
X-Robots-Tag: noindex
X-Swift-CacheTime: 0
X-Swift-SaveTime: Sat, 22 Oct 2022 01:05:48 GMT

GET
H2 200 styles.css
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/ Frame 0C63 36 KB
2 KB 134ms
34ms Stylesheet
text/css 2600:9000:223f:a000:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a000:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e59c79c198476d8b48b3292805b2c97f96b737328d956158e52109766f64ad3d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:33:44 GMT
content-encoding: gzip
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-original-content-length: 37497
x-amz-cf-pop: FRA56-P5
age: 232324
x-cache: Hit from cloudfront
content-length: 1761
server: nginx/1.20.1
etag: W/"PSA-aj-8uD94D-oYB"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=720009
x-amz-cf-id: fIpOHfcGS4l2KjuKoxCA9snjQoMPztTY-3RGQsHaeaPVm8-orlwOjw==
expires: Thu, 27 Oct 2022 16:33:54 GMT

GET
H2 200 all.css
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/fa-5.15.1/css/ Frame 0C63 58 KB
13 KB 137ms
38ms Stylesheet
text/css 2600:9000:223f:a000:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/fa-5.15.1/css/all.css
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a000:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 672cad7677095651c6240ced97dfd1fcdd9e727b29c07215e5f84e2bb5507f16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:33:44 GMT
content-encoding: gzip
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-original-content-length: 73625
x-amz-cf-pop: FRA56-P5
age: 232324
x-cache: Hit from cloudfront
content-length: 12604
server: nginx/1.20.1
etag: W/"PSA-aj-3fi2KfM5qy"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=976361
x-amz-cf-id: xk6cEOK9uV8v_k_Uf7hCP981JfRZfjsK3WGdXKWR9L7EDVT5Xi2G-Q==
expires: Sun, 30 Oct 2022 15:46:26 GMT

GET
H2 200 master_5FHk53l4v3_383_pelatih_man_united_erik_ten_hag_memimpin_latihan_di_carrington_foto_reuters_jason_cairnduff.JPG
img.sportstars.id//2022/10/01vR8U/ Frame 0C63 34 KB
34 KB 161ms
39ms Image
image/webp 2606:4700::6812:a80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportstars.id//2022/10/01vR8U/master_5FHk53l4v3_383_pelatih_man_united_erik_ten_hag_memimpin_latihan_di_carrington_foto_reuters_jason_cairnduff.JPG

Requested by

Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f1a7a629c9f040b7ab9a191f139c563c8591d95e1b84222dac76a7bf962809e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:48 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 142131
age: 1300
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34468
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"PSA-aj-wsVy2bQAMH"
x-frame-options: SAMEORIGIN
vary: User-Agent,Save-Data, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 75de53a7cb28d0b5-AMS
link: <http://img.sportstars.id//2022/10/01vR8U/master_5FHk53l4v3_383_pelatih_man_united_erik_ten_hag_memimpin_latihan_di_carrington_foto_reuters_jason_cairnduff.JPG>; rel="canonical"
expires: Sun, 22 Oct 2023 01:05:48 GMT

GET
H2 200 sportstars.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame 0C63 2 KB
2 KB 164ms
69ms Image
image/png 2600:9000:223f:a000:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.okezone.com/underwood/revamp/mncgroup/portal/sportstars.png
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a000:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 99414a4adab183b81675a3047de21a9d07078e76b151aa264c6e0432996e5cc6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 23:54:45 GMT
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-original-content-length: 1845
server: nginx/1.20.1
x-amz-cf-pop: FRA56-P5
age: 177062
etag: W/"PSA-aj-Py3HXLPLBk"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=921072
accept-ranges: bytes
content-length: 1832
x-amz-cf-id: j8omeS1_QJEdncwoQAbQs7cH0RUKGz4VEyQltZVm_i4MtX_YhK5CVA==
expires: Sun, 30 Oct 2022 15:45:58 GMT

GET
H2 200 8x513(3).jpg
www.mnctrijaya.com/uploads/news/ Frame 0C63 43 KB
44 KB 802ms
682ms Image
image/jpeg 2600:9000:223e:3e00:e:c3de:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mnctrijaya.com/uploads/news/8x513(3).jpg
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:3e00:e:c3de:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e4495efeacd58f428b4d48983980d71779f815671571af299f50b82f3a85871f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:49 GMT
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
last-modified: Sat, 22 Oct 2022 00:56:15 GMT
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "63533faf-ace5"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 44261
x-amz-cf-id: sqLwEvqQm-ifpbFSsWMjyB7heneNoBbSaQM9k223o3ui9lq-VjJdfg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mnctrijaya.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame 0C63 10 KB
11 KB 168ms
72ms Image
image/png 2600:9000:223f:a000:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.okezone.com/underwood/revamp/mncgroup/portal/mnctrijaya.png
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a000:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: f0e0f85d2239bedc9d11a77ca7b647cca281ea1be72731f5239ea482c828f01a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:33:46 GMT
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-original-content-length: 13116
server: nginx/1.20.1
x-amz-cf-pop: FRA56-P5
age: 232322
etag: W/"PSA-aj-qAx-oOOL5R"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=976350
accept-ranges: bytes
content-length: 10422
x-amz-cf-id: AtJdHkpDSSNTbIyzu46PJshtSh1qcgf8Ba2gcQ401rsbZD67uCEGMA==
expires: Sun, 30 Oct 2022 15:46:17 GMT

GET
H2 200 bau-badan-tertentu-pengaruhi-nyamuk-untuk-menggigit-manusia-oat.jpg
pict.sindonews.net/dyn/620/pena/news/2022/10/22/166/919455/ Frame 0C63 17 KB
18 KB 197ms
39ms Image
image/jpeg 2600:9000:223e:8600:1f:4c6b:cc00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pict.sindonews.net/dyn/620/pena/news/2022/10/22/166/919455/bau-badan-tertentu-pengaruhi-nyamuk-untuk-menggigit-manusia-oat.jpg
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:8600:1f:4c6b:cc00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d7c772fb9baf80dd21c56afe929a81bfceeed6a1b33c51a9f6062cade47bae21

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Sat, 22 Oct 2022 00:58:14 GMT
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
last-modified: Sat, 22 Oct 2022 00:51:22 GMT
server: nginx
x-amz-cf-pop: FRA56-P4
age: 454
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-length: 17916
x-amz-cf-id: 4ReCyrmDne7VeNw2wfMYBJSwWrS1UI7E-YBoF1CJhzMtSkfh7_Mdtg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sindonews.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame 0C63 4 KB
4 KB 163ms
68ms Image
image/png 2600:9000:223f:a000:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.okezone.com/underwood/revamp/mncgroup/portal/sindonews.png
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a000:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: ecdbf9b9d351f5f5fadd54fc1713931a02fab5dbe76698b5fedc240a0d727ca4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:33:45 GMT
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-original-content-length: 4018
server: nginx/1.20.1
x-amz-cf-pop: FRA56-P5
age: 232322
etag: W/"PSA-aj-scGGmu-WOv"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=976323
accept-ranges: bytes
content-length: 4016
x-amz-cf-id: bKnNodef9apswgCdt1fGaAqtSCXfZMGhc8yxF884jXIA4LbMwEfXpA==
expires: Sun, 30 Oct 2022 15:45:49 GMT

GET
H2 200 master_93rr3z66ez_387_hafiz_faturrahman.jpg
img.celebrities.id/okz/800/81P2DP/ Frame 0C63 54 KB
54 KB 1341ms
1218ms Image
image/jpeg 2606:4700::6812:1d64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.celebrities.id/okz/800/81P2DP/master_93rr3z66ez_387_hafiz_faturrahman.jpg

Requested by

Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65f75b3fb7e299ad87fa7bd72657ed7da5ddcf1e8690768c30629a4575ba3e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:49 GMT
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54825
x-xss-protection: 1; mode=block
last-modified: Sat, 22 Oct 2022 01:02:27 GMT
server: cloudflare
etag: W/"PSA-7DTc7M6MMC"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 75de53a7ce440b6b-AMS
link: <http://img.celebrities.id/okz/800/81P2DP/master_93rr3z66ez_387_hafiz_faturrahman.jpg>; rel="canonical"
expires: Tue, 19 Oct 2032 01:05:49 GMT

GET
H2 200 celebrities.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame 0C63 2 KB
2 KB 38ms
38ms Image
image/png 2600:9000:223f:a000:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.okezone.com/underwood/revamp/mncgroup/portal/celebrities.png
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a000:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: c02945ec1830ffe8b505b7a284e52664439d29600b783fed6e7b0e14c50004da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:33:45 GMT
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-original-content-length: 1745
server: nginx/1.20.1
x-amz-cf-pop: FRA56-P5
age: 232323
etag: W/"PSA-aj-YBT1KxLyB6"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=976664
accept-ranges: bytes
content-length: 1732
x-amz-cf-id: DOduEdhMvRejTN2TAGKBzxfv8CLgFtzqWg54ao2zccgbMIQgbPDM2Q==
expires: Sun, 30 Oct 2022 15:51:30 GMT

GET
H2 200 situasi-covid-19-di-indonesia-mulai-melandai-ppkm-akan-dihapus-WrhNcdih5Y.jpg
img.okezone.com/dynamic/content/2022/10/21/483/2691900/ Frame 0C63 5 KB
6 KB 306ms
205ms Image
image/jpeg 2600:9000:206f:c800:1f:824e:58c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.okezone.com/dynamic/content/2022/10/21/483/2691900/situasi-covid-19-di-indonesia-mulai-melandai-ppkm-akan-dihapus-WrhNcdih5Y.jpg?w=300

Requested by

Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:c800:1f:824e:58c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

783192d3d88a72abee589a03a3adfeac587f7626882a4cce02a2aba07f230827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 5390
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Oct 2022 08:42:58 GMT
server: nginx/1.20.1
etag: W/"63525b92-3930"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000, s-maxage=10
link: <http://img.okezone.com/dynamic/content/2022/10/21/483/2691900/situasi-covid-19-di-indonesia-mulai-melandai-ppkm-akan-dihapus-WrhNcdih5Y.jpg?w=300>; rel="canonical"
x-amz-cf-id: eAkip23pKMcs2N9W37xgYXmGBzX22UcFRTiel5cTNj03Airw1JYkFg==
expires: Sun, 22 Oct 2023 01:05:48 GMT

GET
H2 200 okezone.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame 0C63 3 KB
3 KB 39ms
39ms Image
image/png 2600:9000:223f:a000:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.okezone.com/underwood/revamp/mncgroup/portal/okezone.png
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a000:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 665820ac1bd1cc62b68f8cc6b54485c4721681f161fb9871ba318fca8e1620a1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:33:45 GMT
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-original-content-length: 2761
server: nginx/1.20.1
x-amz-cf-pop: FRA56-P5
age: 232323
etag: W/"PSA-aj-tyMZq5pz7-"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=720025
accept-ranges: bytes
content-length: 2748
x-amz-cf-id: xqVJ5deBkSBMrsAEwpgul2cXgq6f8nut5XlbMgyL5F56CNQ8egvftg==
expires: Thu, 27 Oct 2022 16:34:11 GMT

GET
H2 200 SR2iMk-63529ab3c5635615a123484c.jpg
i.buddyku.id/cms/2022/10/21/SR2iMk/ Frame 0C63 903 KB
905 KB 269ms
39ms Image
image/jpeg 2600:9000:2156:5200:1c:7874:a680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.buddyku.id/cms/2022/10/21/SR2iMk/SR2iMk-63529ab3c5635615a123484c.jpg
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5200:1c:7874:a680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58829310446141245c0d42db51e4ae4956161a6908ece19e3dad56bc139d56c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 13:18:27 GMT
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
last-modified: Fri, 21 Oct 2022 13:12:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 42443
etag: "168170c784c785be9c76f7427dda4fba"
x-cache: Hit from cloudfront
content-type: .jpg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 924931
x-amz-cf-id: D3BcMHtoe9_eethBtuTxJN7KxqT35dREJ-fvLM86t5nw192c9fzxOg==

GET
H2 200 buddyku.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame 0C63 3 KB
3 KB 35ms
35ms Image
image/png 2600:9000:223f:a000:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.okezone.com/underwood/revamp/mncgroup/portal/buddyku.png
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a000:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 01473cfcbee7a16017e14a60249ad7fda667b2811c0a51b3207bf8d9707f9a3d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:33:45 GMT
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-original-content-length: 5483
server: nginx/1.20.1
x-amz-cf-pop: FRA56-P5
age: 232323
etag: W/"PSA-aj-IcrYddWUxz"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2405417
accept-ranges: bytes
content-length: 2693
x-amz-cf-id: NCGRcvud7KuqoRT0mYh-6qMz0AvPZ1uSKFPfz9RIF_fbRLewR3xzeA==
expires: Wed, 16 Nov 2022 04:44:03 GMT

GET
H2 200 Wall_street__3_.jpg
img.idxchannel.com/media/439/images/idx/2022/07/19/ Frame 0C63 26 KB
26 KB 811ms
687ms Image
image/jpeg 2600:9000:2491:7400:15:c3e:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.idxchannel.com/media/439/images/idx/2022/07/19/Wall_street__3_.jpg
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:7400:15:c3e:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.2 /
Resource Hash: d59749aa9443b8d0e58bcb6e3c23efb08177e738f9a7cb8bc77e9266abd79c04

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:49 GMT
via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 15:07:12 GMT
server: nginx/1.17.2
x-amz-cf-pop: FRA56-P7
etag: W/"62d6c8a0-bd86"
x-cache: Miss from cloudfront
content-type: image/jpeg
content-length: 26551
x-amz-cf-id: GQtjNLhXguQYyze3stgOC3oFdy2CQNjax8OXBlUwrGOmwM533MHgHg==

GET
H2 200 idx_simple.png
cdn.okezone.com/underwood/revamp/mncgroup/portal/ Frame 0C63 5 KB
5 KB 33ms
33ms Image
image/png 2600:9000:223f:a000:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.okezone.com/underwood/revamp/mncgroup/portal/idx_simple.png
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a000:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: c8cdc80bcc7e8f046889f36c7a6fb85939969429b33937f122eb8db920e768c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:33:46 GMT
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-original-content-length: 13405
server: nginx/1.20.1
x-amz-cf-pop: FRA56-P5
age: 232322
etag: W/"PSA-aj-ynhC4ViFMt"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=720008
accept-ranges: bytes
content-length: 4649
x-amz-cf-id: rAzFXZ8VM0IkJG34ubvDRX7Enu6W-7Cr9Lxjp-c-LwVBRFeF1LdArg==
expires: Thu, 27 Oct 2022 16:33:55 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/js/ Frame 0C63 87 KB
31 KB 158ms
61ms Script
application/javascript 2600:9000:223f:a000:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/js/jquery-3.6.0.min.js
Requested by: Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a000:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:33:44 GMT
content-encoding: gzip
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-original-content-length: 89501
x-amz-cf-pop: FRA56-P5
age: 232324
x-cache: Hit from cloudfront
content-length: 30812
server: nginx/1.20.1
etag: W/"PSA-aj-vSq_cOaZon"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=720011
x-amz-cf-id: FrQH8hZL_v7U3sZJFj8B0bBMc4WiTJtoPcStaQVwVbVaRH_gkbZUNA==
expires: Thu, 27 Oct 2022 16:33:56 GMT

GET
H2

200

swiper-bundle.min.js Show response
unpkg.com/swiper@8.4.4/ Frame 0C63
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.js
https://unpkg.com/swiper@8.4.4/swiper-bundle.min.js

140 KB
40 KB

37ms
37ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@8.4.4/swiper-bundle.min.js

Requested by

Host: sindikasi.okezone.com
URL: https://sindikasi.okezone.com/widget/portal/inews/vertikal

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05beb5a9a40307eb0228cca06a6426d2501485abcf448e8a31fedfb70e87e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sindikasi.okezone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:48 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 823709
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GF62160TFJVJNW2X680A6BRB-ams
server: cloudflare
etag: W/"2310e-YgoXHzBgFVHspCsWstmF72fEP1g"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75de53a7abe5d0c9-AMS

Redirect headers

date: Sat, 22 Oct 2022 01:05:48 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GFYK6AMZ4SE0QCHMZ09X2Q79-ams
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 416
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /swiper@8.4.4/swiper-bundle.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 75de53a76b9ad0c9-AMS

GET
H2 200 bpe.html Show response
www.visionplus.id/besportse/photose/ Frame 3235 22 KB
4 KB 700ms
228ms Document
text/html 202.147.193.156
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619
Requested by: Host: static.inews.co.id
URL: https://static.inews.co.id/js/mix-desk.min.js?v=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.147.193.156 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS: ip-193-156.mncplaymedia.com
Software: nginx /
Resource Hash: ff0e175b37ff5c67ebfe82a9a016bef10216dde257b6cd5b1fde6a80cedd47d4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
content-type: text/html
date: Sat, 22 Oct 2022 01:05:49 GMT
etag: W/"631e95c9-57ed"
expires: Sat, 22 Oct 2022 01:05:48 GMT
last-modified: Saturday, 22-Oct-2022 01:05:49 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 xred.png.pagespeed.ic.jpXU9Y2YLq.png
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/images/ Frame 0C63 122 B
640 B 31ms
31ms Image
image/png 2600:9000:223f:a000:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/images/xred.png.pagespeed.ic.jpXU9Y2YLq.png
Requested by: Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a000:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 45ad770b839452a1f5a64e57052d2b7ea4f41e8d9bfe95507d085c3439f73609

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 02:22:11 GMT
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-original-content-length: 135
x-amz-cf-pop: FRA56-P5
age: 168217
x-cache: Hit from cloudfront
content-length: 122
x-page-speed: Powered By okezone.com
last-modified: Thu, 29 Sep 2022 13:29:34 GMT
server: nginx/1.20.1
etag: W/"0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
link: <https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/images/red.png>; rel="canonical"
x-amz-cf-id: j8VOzuICKtpxgqvQakmFx5TB96LQRQPhDYH6xvhR7W6VkldUw5_xkw==
expires: Fri, 29 Sep 2023 13:29:34 GMT

GET
H2 200 Roboto-Medium.ttf
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/roboto/ Frame 0C63 175 KB
176 KB 132ms
68ms Font
application/octet-stream 2600:9000:223f:a000:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/roboto/Roboto-Medium.ttf
Requested by: Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a000:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 1bcc94e40f42e94375694b00d4f60d5eb609cfda21f7c64d58cb4a270823200f

Request headers

Referer: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Origin: https://sindikasi.okezone.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 02:22:08 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 13:00:28 GMT
server: nginx/1.20.1
x-amz-cf-pop: FRA56-P5
age: 168219
etag: "61b743ec-2bc60"
x-cache: Hit from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
accept-ranges: bytes
content-length: 179296
x-amz-cf-id: VI0PJWhZKGduBrP7iHaw5fvh5ByqvouyRIzB9t_L6CEjsIVU8IR1SQ==
expires: Sat, 19 Nov 2022 02:22:08 GMT

GET
H2 200 Roboto-Bold.ttf
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/roboto/ Frame 0C63 166 KB
167 KB 194ms
130ms Font
application/octet-stream 2600:9000:223f:a000:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/roboto/Roboto-Bold.ttf
Requested by: Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a000:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 6c01f8b138e3f7110a33606de5e2758d5fecb58e114be771b96fffa3bbd48bbe

Request headers

Referer: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Origin: https://sindikasi.okezone.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 02:22:09 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 13:00:33 GMT
server: nginx/1.20.1
x-amz-cf-pop: FRA56-P5
age: 168219
etag: "61b743f1-297ec"
x-cache: Hit from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
accept-ranges: bytes
content-length: 169964
x-amz-cf-id: zbW3nkqwA2VvP9vVNPrFGKRqx8nCS2M8VrR9VdQPL-EKhfO1oI1n2Q==
expires: Sat, 19 Nov 2022 02:22:09 GMT

GET
H2 200 Heebo-Regular.ttf
cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/heebo/static/ Frame 0C63 32 KB
33 KB 102ms
38ms Font
application/octet-stream 2600:9000:223f:a000:11:320f:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/fonts/heebo/static/Heebo-Regular.ttf
Requested by: Host: cdn.okezone.com
URL: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a000:11:320f:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: cc7029afe33654ed250644d8dfa2daa4ab0549731816980ab4733d92b86b1fca

Request headers

Referer: https://cdn.okezone.com/underwood/revamp/2021/portal/vertikal/css/styles.css
Origin: https://sindikasi.okezone.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 02:22:12 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 13:00:32 GMT
server: nginx/1.20.1
x-amz-cf-pop: FRA56-P5
age: 168216
etag: "61b743f0-8110"
x-cache: Hit from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000, s-maxage=10
accept-ranges: bytes
content-length: 33040
x-amz-cf-id: 1lbZJpT6hLgVkD8UrZGIZJ33fGS3mw5V7Nwz_5SMWyIG1m1vQ3tz3w==
expires: Sat, 19 Nov 2022 02:22:12 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame F96F 135 KB
48 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T84V6N3

Requested by

Host: www.rctiplus.com
URL: https://www.rctiplus.com/global/3051323/survei-lsi-80-persen-lebih-warga-dki-puas-dengan-kinerja-anies?1666400745296

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a93822df32bb4e9bcf552797ffca7e1af92bc5c663ab086fec978a8fc1d4f69c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49123
x-xss-protection: 0
last-modified: Sat, 22 Oct 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Oct 2022 01:05:48 GMT

GET
H/1.1 200
OK rcti__news.png
static.rctiplus.id/fta_rcti/logo/ Frame F96F 11 KB
11 KB 272ms
29ms Image
image/png 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.rctiplus.id/fta_rcti/logo/rcti__news.png

Requested by

Host: www.rctiplus.com
URL: https://www.rctiplus.com/global/3051323/survei-lsi-80-persen-lebih-warga-dki-puas-dengan-kinerja-anies?1666400745296

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

a6ba4db3da98fc64d9def424dd8489edbaafc56a3e7dc8db4718b7837949ee03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000
Date: Sat, 15 Oct 2022 04:27:20 GMT
Via: cache3.l2de2[0,0,304-0,H], cache9.l2de2[0,0], cache9.l2de2[9,0], cache1.de3[0,0,200-0,H], cache13.de3[1,0]
Age: 592709
X-Swift-CacheTime: 2591996
X-Cache: HIT TCP_MEM_HIT dirn:12:192284754
Connection: keep-alive
X-Swift-SaveTime: Sat, 15 Oct 2022 04:27:24 GMT
Content-Length: 10963
Last-Modified: Thu, 29 Apr 2021 05:19:32 GMT
Server: Tengine
ETag: "608a41e4-2ad3"
Ali-Swift-Global-Savetime: 1665808040
Content-Type: image/png
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Timing-Allow-Origin: *
EagleId: 4f85b1a116664007491248581e

GET placeholder.jpeg
static.rctiplus.id/fta_rcti/logo/ Frame F96F 0
0

GET
H2 200 cegah-pungutan-liar-di-jalanan-kapolri-larang-tilang-manual_145356.jpeg
rm.id/images/berita/med/ Frame F96F 37 KB
37 KB 2314ms
408ms Image
image/jpeg 116.204.249.112

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rm.id/images/berita/med/cegah-pungutan-liar-di-jalanan-kapolri-larang-tilang-manual_145356.jpeg

Requested by

Host: www.rctiplus.com
URL: https://www.rctiplus.com/global/3051323/survei-lsi-80-persen-lebih-warga-dki-puas-dengan-kinerja-anies?1666400745296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.204.249.112 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

7b619d37297cc78043688c9e695a6a0762adfcd63cc834f0736fbcc94ff6bc44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:50 GMT
strict-transport-security: max-age=63072000
last-modified: Fri, 21 Oct 2022 17:13:47 GMT
server: nginx
etag: "6352d34b-94ca"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 38090
expires: Mon, 21 Nov 2022 01:05:50 GMT

GET
H2 200 data-kemiskinan-tak-sinkron-puluhan-juta-warga-miskin-tidak-tersentuh-bantuan_145349.jpg
rm.id/images/berita/med/ Frame F96F 47 KB
48 KB 2314ms
408ms Image
image/jpeg 116.204.249.112

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rm.id/images/berita/med/data-kemiskinan-tak-sinkron-puluhan-juta-warga-miskin-tidak-tersentuh-bantuan_145349.jpg

Requested by

Host: www.rctiplus.com
URL: https://www.rctiplus.com/global/3051323/survei-lsi-80-persen-lebih-warga-dki-puas-dengan-kinerja-anies?1666400745296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.204.249.112 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

0affaf9e68cb104b016ac6a37fbe87f22bfef68099bcae04f277889bf5ecbcc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:50 GMT
strict-transport-security: max-age=63072000
last-modified: Fri, 21 Oct 2022 16:56:50 GMT
server: nginx
etag: "6352cf52-bd4d"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 48461
expires: Mon, 21 Nov 2022 01:05:50 GMT

GET
H2 200 pamitan-di-istana-anies-selalu-hormat-ke-jokowi_145342.jpg
rm.id/images/berita/med/ Frame F96F 36 KB
36 KB 2314ms
409ms Image
image/jpeg 116.204.249.112

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rm.id/images/berita/med/pamitan-di-istana-anies-selalu-hormat-ke-jokowi_145342.jpg

Requested by

Host: www.rctiplus.com
URL: https://www.rctiplus.com/global/3051323/survei-lsi-80-persen-lebih-warga-dki-puas-dengan-kinerja-anies?1666400745296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.204.249.112 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

090a17ab307902519fdfb7747fcc2ea435c47d8c97433648ccea300759ce4b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:50 GMT
strict-transport-security: max-age=63072000
last-modified: Fri, 21 Oct 2022 16:08:45 GMT
server: nginx
etag: "6352c40d-8f7b"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 36731
expires: Mon, 21 Nov 2022 01:05:50 GMT

GET
H2 200 ketua-dpd-nasdem-janji-siap-antarkan-herman-jadi-gubernur-sumsel_145352.jpg
rm.id/images/berita/med/ Frame F96F 33 KB
34 KB 2314ms
409ms Image
image/jpeg 116.204.249.112

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rm.id/images/berita/med/ketua-dpd-nasdem-janji-siap-antarkan-herman-jadi-gubernur-sumsel_145352.jpg

Requested by

Host: www.rctiplus.com
URL: https://www.rctiplus.com/global/3051323/survei-lsi-80-persen-lebih-warga-dki-puas-dengan-kinerja-anies?1666400745296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.204.249.112 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

f0cfb0f9c31550d88260508ec92ba1e62e5724234a19187c219f3352efb5f8b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:50 GMT
strict-transport-security: max-age=63072000
last-modified: Fri, 21 Oct 2022 16:57:09 GMT
server: nginx
etag: "6352cf65-8582"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 34178
expires: Mon, 21 Nov 2022 01:05:50 GMT

GET
H2 200 penuhi-semua-kriteria-demokrat-sebut-ahy-pantas-dampingi-anies_145350.jpg
rm.id/images/berita/med/ Frame F96F 47 KB
48 KB 2314ms
409ms Image
image/jpeg 116.204.249.112

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rm.id/images/berita/med/penuhi-semua-kriteria-demokrat-sebut-ahy-pantas-dampingi-anies_145350.jpg

Requested by

Host: www.rctiplus.com
URL: https://www.rctiplus.com/global/3051323/survei-lsi-80-persen-lebih-warga-dki-puas-dengan-kinerja-anies?1666400745296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.204.249.112 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a23d8a1e2ce9010b3f371ffee8afb4ea8b915054ff9f0341a61da5926b49924d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:50 GMT
strict-transport-security: max-age=63072000
last-modified: Fri, 21 Oct 2022 16:56:57 GMT
server: nginx
etag: "6352cf59-bd3b"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 48443
expires: Mon, 21 Nov 2022 01:05:50 GMT

GET
H2 200 korban-bertambah-tapi-sudah-ada-obatnya-gangguan-ginjal-akut-mulai-bisa-diatasi_145340.jpg
rm.id/images/berita/med/ Frame F96F 50 KB
50 KB 2314ms
409ms Image
image/jpeg 116.204.249.112

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rm.id/images/berita/med/korban-bertambah-tapi-sudah-ada-obatnya-gangguan-ginjal-akut-mulai-bisa-diatasi_145340.jpg

Requested by

Host: www.rctiplus.com
URL: https://www.rctiplus.com/global/3051323/survei-lsi-80-persen-lebih-warga-dki-puas-dengan-kinerja-anies?1666400745296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

116.204.249.112 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

c0fc112f62a5e22811ad8af18fd933517f4132414bdd4aca7fe7d344e7e6e9a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:50 GMT
strict-transport-security: max-age=63072000
last-modified: Fri, 21 Oct 2022 15:57:15 GMT
server: nginx
etag: "6352c15b-c7e1"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 51169
expires: Mon, 21 Nov 2022 01:05:50 GMT

GET
H2 200 analytics.js Show response
analytics.rctiplus.com/tracking/ Frame F96F 3 KB
2 KB 297ms
229ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.rctiplus.com/tracking/analytics.js?id=RA-000001-1
Requested by: Host: www.rctiplus.com
URL: https://www.rctiplus.com/global/3051323/survei-lsi-80-persen-lebih-warga-dki-puas-dengan-kinerja-anies?1666400745296
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.15, Dark Phoenix
Resource Hash: 4bc293beff345fafa59f04bdc380ef8d03bb5b58f10aaf344122d5798dc60a24

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:49 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.15, Dark Phoenix
vary: Accept-Encoding, User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SF0quW95Q7IODFrfWAr6BeQX7UidfQmFCToY20lrra%2BBKFlOFmGh0S9M7rRTYWFn%2B24whyhfPCFXWd5ylkebIai6gQWwLyQrwTaTOZphIp4EqIDvEACbNO8T5cK%2FQvqDfvlTkIkpvqSwcS54kx7E%2Baj%2FgmXz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-robots-tag: noindex
cf-ray: 75de53a8fe8a0c5d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame F96F 49 KB
20 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T84V6N3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Oct 2022 23:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6591
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 22 Oct 2022 01:15:57 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ Frame F96F 4 KB
5 KB 133ms
31ms Script
application/javascript 108.138.17.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 28 May 2022 01:59:52 GMT
Via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 12697558
ETag: "d89453438fbf10dcf4c13265c40d5160"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=26920000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4255
X-Amz-Cf-Id: ApwBNCbEX-OmaAJFmJW3l0mRD4F8VVOSq4plfhCzeu2L1PDxrgtDQQ==

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ Frame F96F 43 B
552 B 119ms
32ms Image
image/gif 18.66.122.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=600&frame_width=279&iframe=1&title=RCTI%2B&time=1666400749066&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.rctiplus.com%2Fglobal%2F3051323%2Fsurvei-lsi-80-persen-lebih-warga-dki-puas-dengan-kinerja-anies%3F1666400745296&random_number=9668517543&sess_cookie=1c9fcb55183fd398609d7743a7b&sess_cookie_flag=1&user_cookie=1c9fcb55183fd398609d7743a7b&user_cookie_flag=1&dynamic=true&domain=rctiplus.com&account=8oNJt1FYxz20cv&jsv=20130128&user_lang=en-US
Requested by: Host: www.rctiplus.com
URL: https://www.rctiplus.com/global/3051323/survei-lsi-80-persen-lebih-warga-dki-puas-dengan-kinerja-anies?1666400745296
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 21 Oct 2022 02:09:37 GMT
Via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 82573
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
x-amz-meta-alexa-last-modified: 20110117123941
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: w3R6x_c2AygtHm092oIHtTXKSKyvahM0EFMq13L9-jvxKt-Vw5GfaA==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ Frame F96F 0
48 B 600ms
173ms Image
text/plain 35.83.35.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.rctiplus.com
URL: https://www.rctiplus.com/global/3051323/survei-lsi-80-persen-lebih-warga-dki-puas-dengan-kinerja-anies?1666400745296
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.83.35.236 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-83-35-236.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.rctiplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:49 GMT
server: Server

GET
H2 200 config-widget.js Show response
www.visionplus.id/besportse/photose/shareconf/ Frame 3235 2 KB
2 KB 236ms
235ms Script
application/javascript 202.147.193.156
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.visionplus.id/besportse/photose/shareconf/config-widget.js
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.147.193.156 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS: ip-193-156.mncplaymedia.com
Software: nginx /
Resource Hash: 255fb384fd4c7d30b572bf2553bf338e8535144f1e52ebe332267928c6238e1e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:49 GMT
last-modified: Saturday, 22-Oct-2022 01:05:49 GMT
server: nginx
etag: "631e9507-802"
content-type: application/javascript
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
content-length: 2050
expires: Sat, 22 Oct 2022 01:05:48 GMT

GET
H2 200 config-widget.js Show response
www.visionplus.id/besportse/photose/ Frame 3235 2 KB
2 KB 235ms
234ms Script
application/javascript 202.147.193.156
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.visionplus.id/besportse/photose/config-widget.js
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.147.193.156 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS: ip-193-156.mncplaymedia.com
Software: nginx /
Resource Hash: edddaf0e134d150369adebdc563c702a7ffef371aa60f25af68931453fee16e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:49 GMT
last-modified: Saturday, 22-Oct-2022 01:05:49 GMT
server: nginx
etag: "633d537b-727"
content-type: application/javascript
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
content-length: 1831
expires: Sat, 22 Oct 2022 01:05:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3235 109 KB
43 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-111351533-7

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a67d561154f280b75f36748087da31dae11310f7bc4d2a45587d5bbf0aedf8b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43591
x-xss-protection: 0
last-modified: Sat, 22 Oct 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Oct 2022 01:05:49 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3235 109 KB
43 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-154114411-1

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ecadbc29a7ba5c12fde2b9651274b277c0e3e1404133d4eddbfa84c677b6bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43587
x-xss-protection: 0
last-modified: Sat, 22 Oct 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Oct 2022 01:05:49 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame 3235 86 KB
31 KB 184ms
57ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 06:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 06:16:12 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 3235 79 KB
27 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffeaca6b0115d6e87b953c56dcf21601b48c1887ed1f4a07e5aee5392be607b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27348
x-xss-protection: 0
server: sffe
etag: "1371 / 744 of 1000 / last-modified: 1666390018"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 22 Oct 2022 01:05:49 GMT

GET
H2 200 app_logo.png
www.visionplus.id/besportse/photose/img/ Frame 3235 8 KB
8 KB 464ms
462ms Image
image/png 202.147.193.156
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.visionplus.id/besportse/photose/img/app_logo.png
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.147.193.156 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS: ip-193-156.mncplaymedia.com
Software: nginx /
Resource Hash: ed797406a0a387cdf28c0b60343cbb038f10c6cf541a74d2b7ffa59bb5bff088

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:49 GMT
last-modified: Saturday, 22-Oct-2022 01:05:49 GMT
server: nginx
etag: "631e9507-1e63"
content-type: image/png
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
content-length: 7779
expires: Sat, 22 Oct 2022 01:05:48 GMT

GET
H2 200 ph_3-2.jpg
www.visionplus.id/besportse/photose/img/ Frame 3235 4 KB
4 KB 238ms
236ms Image
image/jpeg 202.147.193.156
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.visionplus.id/besportse/photose/img/ph_3-2.jpg
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.147.193.156 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS: ip-193-156.mncplaymedia.com
Software: nginx /
Resource Hash: bda9dc16b5482b4ad25f206ae9aeab09459c376c37bd0c968757138c25fbbd03

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:49 GMT
last-modified: Saturday, 22-Oct-2022 01:05:49 GMT
server: nginx
etag: "631e9507-10a0"
content-type: image/jpeg
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
content-length: 4256
expires: Sat, 22 Oct 2022 01:05:48 GMT

GET
H2 200 Ellipse-Play.svg
www.visionplus.id/watch/video/img/group1283/ Frame 3235 2 KB
2 KB 474ms
472ms Image
image/svg+xml 202.147.193.156
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.visionplus.id/watch/video/img/group1283/Ellipse-Play.svg
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.147.193.156 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),
Reverse DNS: ip-193-156.mncplaymedia.com
Software: nginx /
Resource Hash: 3dd875ddc79324ff1da3eb380db55c5388f27d278d342adc1f5c14ba9b7f99d1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:49 GMT
last-modified: Saturday, 22-Oct-2022 01:05:49 GMT
server: nginx
etag: "60e6e573-659"
content-type: image/svg+xml
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
content-length: 1625
expires: Sat, 22 Oct 2022 01:05:48 GMT

GET ph_2-3.jpg
www.visionplus.id/besportse/photose/img/ Frame 3235 0
0

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 3235 4 KB
2 KB 33ms
32ms Script
application/javascript 13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 05:13:02 GMT
content-encoding: gzip
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 71568
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: azB9_cGelrwaWjb2hUwrk0E15bq9stG-Mw4CvRvGxzMKG0br7PvEdQ==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 3235 116 KB
44 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TRZJRWG

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

582278a6972aa6cdf00383f943d12c04d75d94a2033b696d761a77a3a5045209

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45351
x-xss-protection: 0
last-modified: Sat, 22 Oct 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Oct 2022 01:05:49 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ Frame 3235 4 KB
5 KB 34ms
33ms Script
application/javascript 108.138.17.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 28 May 2022 01:59:52 GMT
Via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 12697558
ETag: "d89453438fbf10dcf4c13265c40d5160"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=26920000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4255
X-Amz-Cf-Id: ygw96EGmBsAb-Leqq-Dt4flq42WtEuFdiWU61VEpiVg3xSzt0WHSog==

GET
H2 200 motogp_assen.jpg
cluster-images.visionplus.id/static/website/ Frame 3235 51 KB
51 KB 550ms
541ms Image
image/jpeg 202.147.193.156
MNCKABELMEDIACOM-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cluster-images.visionplus.id/static/website/motogp_assen.jpg

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

202.147.193.156 Jakarta, Indonesia, ASN17670 (MNCKABELMEDIACOM-ID PT. MNC Kabel Mediacom, ID),

Reverse DNS

ip-193-156.mncplaymedia.com

Software

nginx /

Resource Hash

0b51d2a4419d2eba7f4deaceded280f509d0b203fcbbe02b39e25d0b1ac7ae1e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .mncnow.id .google.com *.okezone.com ;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:49 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors *.mncnow.id *.google.com *.okezone.com ;
last-modified: Wed, 12 Oct 2022 06:40:09 GMT
server: nginx
content-encoding: gzip
etag: W/"63466149-ca97"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=604800
link: <https://cluster-images.visionplus.id/static/website/motogp_assen.jpg>; rel="canonical"
x-xss-protection: 1; mode=block
expires: Sat, 29 Oct 2022 01:05:49 GMT

GET
H2 200 5ce1.jpg
static.mncnow.id/images/series/32173cac/ Frame 3235 34 KB
34 KB 224ms
34ms Image
image/jpeg 79.133.177.229
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mncnow.id/images/series/32173cac/5ce1.jpg

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.229 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

86a17f8e86eafb9cf4d15f8d4e9896b5ccb1a8e12fc277c3420d5abc873ea097

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=5184000
date: Sat, 15 Oct 2022 01:28:12 GMT
via: cache17.l2de2[0,0,304-0,H], cache26.l2de2[0,0], cache4.de3[0,0,200-0,H], cache14.de3[2,0]
age: 603457
x-swift-cachetime: 604794
x-cache: HIT TCP_MEM_HIT dirn:13:532495690
x-swift-savetime: Sat, 15 Oct 2022 01:28:18 GMT
content-length: 34352
last-modified: Fri, 11 Mar 2022 08:03:17 GMT
server: Tengine
etag: "622b0245-8630"
ali-swift-global-savetime: 1665797292
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b1a216664007498177879e
expires: Sat, 22 Oct 2022 01:28:12 GMT

GET
H2 200 6274.jpg
static.mncnow.id/images/series/a0318f17/ Frame 3235 27 KB
27 KB 278ms
88ms Image
image/jpeg 79.133.177.229
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mncnow.id/images/series/a0318f17/6274.jpg

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.229 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

446f3b6702bbe73262f0e7e25f8960baf0f686bcc19150b38410e672231af808

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=5184000
date: Sat, 15 Oct 2022 04:01:57 GMT
via: cache8.l2de2[0,0,304-0,H], cache1.l2de2[1,0], cache11.de3[0,0,200-0,H], cache14.de3[3,0]
age: 594232
x-swift-cachetime: 604768
x-cache: HIT TCP_MEM_HIT dirn:12:437778877
x-swift-savetime: Sat, 15 Oct 2022 04:02:29 GMT
content-length: 27687
last-modified: Mon, 07 Mar 2022 10:41:44 GMT
server: Tengine
etag: "6225e168-6c27"
ali-swift-global-savetime: 1665806517
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b1a216664007498277889e
expires: Sat, 22 Oct 2022 04:01:57 GMT

GET
H2 200 7a0a.jpg
static.mncnow.id/images/series/446a6208/ Frame 3235 43 KB
43 KB 282ms
92ms Image
image/jpeg 79.133.177.229
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mncnow.id/images/series/446a6208/7a0a.jpg

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.229 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

47a90770f6bacfe6e02ac3001addf4a4464ba5231259de0980ae9e6730cea88a

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=5184000
date: Sat, 15 Oct 2022 04:01:57 GMT
via: cache5.l2de2[0,0,304-0,H], cache17.l2de2[1,0], cache8.de3[0,0,200-0,H], cache14.de3[2,0]
age: 594232
x-swift-cachetime: 604768
x-cache: HIT TCP_MEM_HIT dirn:12:516103214
x-swift-savetime: Sat, 15 Oct 2022 04:02:29 GMT
content-length: 43640
last-modified: Fri, 11 Mar 2022 10:18:29 GMT
server: Tengine
etag: "622b21f5-aa78"
ali-swift-global-savetime: 1665806517
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b1a216664007498287890e
expires: Sat, 22 Oct 2022 04:01:57 GMT

GET
H2 200 489b.jpg
static.mncnow.id/images/vod/863f579e/ Frame 3235 36 KB
37 KB 310ms
120ms Image
image/jpeg 79.133.177.229
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mncnow.id/images/vod/863f579e/489b.jpg

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.229 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

4bae17d7ab2ac4e552c988b4e3ef75bbe30149d0f4f66b18ad5bc987dde3325b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=5184000
date: Sat, 15 Oct 2022 04:02:19 GMT
via: cache16.l2de2[0,0,304-0,H], cache1.l2de2[1,0], cache9.de3[0,0,200-0,H], cache14.de3[1,0]
age: 594210
x-swift-cachetime: 604790
x-cache: HIT TCP_MEM_HIT dirn:12:560863235
x-swift-savetime: Sat, 15 Oct 2022 04:02:29 GMT
content-length: 37076
last-modified: Tue, 28 Dec 2021 04:52:28 GMT
server: Tengine
etag: "61ca980c-90d4"
ali-swift-global-savetime: 1665806539
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b1a216664007498297891e
expires: Sat, 22 Oct 2022 04:02:19 GMT

GET
H2 200 949d.jpg
static.mncnow.id/images/vod/7847cc87/ Frame 3235 51 KB
51 KB 311ms
121ms Image
image/jpeg 79.133.177.229
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mncnow.id/images/vod/7847cc87/949d.jpg

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.229 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

6009aa2e362761afb69012b2fba1e259ea1a812fb28c6c4ec8c5b41e23853733

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=5184000
date: Sat, 15 Oct 2022 04:02:19 GMT
via: cache3.l2de2[0,0,304-0,H], cache17.l2de2[1,0], cache14.de3[0,0,200-0,H], cache14.de3[1,0]
age: 594210
x-swift-cachetime: 604790
x-cache: HIT TCP_MEM_HIT dirn:12:347981855
x-swift-savetime: Sat, 15 Oct 2022 04:02:29 GMT
content-length: 51712
last-modified: Fri, 11 Mar 2022 10:34:55 GMT
server: Tengine
etag: "622b25cf-ca00"
ali-swift-global-savetime: 1665806539
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b1a216664007498297893e
expires: Sat, 22 Oct 2022 04:02:19 GMT

GET
H2 200 f924.jpg
static.mncnow.id/images/vod/058df7c5/ Frame 3235 36 KB
36 KB 336ms
146ms Image
image/jpeg 79.133.177.229
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mncnow.id/images/vod/058df7c5/f924.jpg

Requested by

Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.229 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

c2c44e1cea627bdc38161379c94f0e20cf9df2d08fc8fe108b57a4a31ca5e01c

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=5184000
date: Sat, 15 Oct 2022 04:01:57 GMT
via: cache2.l2de2[0,0,304-0,H], cache26.l2de2[1,0], cache3.de3[0,0,200-0,H], cache14.de3[1,0]
age: 594232
x-swift-cachetime: 604768
x-cache: HIT TCP_MEM_HIT dirn:12:222618938
x-swift-savetime: Sat, 15 Oct 2022 04:02:29 GMT
content-length: 36795
last-modified: Fri, 11 Mar 2022 05:04:16 GMT
server: Tengine
etag: "622ad850-8fbb"
ali-swift-global-savetime: 1665806517
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b1a216664007498297894e
expires: Sat, 22 Oct 2022 04:01:57 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 3235 49 KB
20 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111351533-7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Oct 2022 23:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6592
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 22 Oct 2022 01:15:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3235 109 KB
43 KB 44ms
44ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-154114411-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111351533-7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

173db1855e61e64ef4a8a4fd3a5707d718bbca8066fef951816b92da1a5cce83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43600
x-xss-protection: 0
last-modified: Sat, 22 Oct 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Oct 2022 01:05:49 GMT

GET
H2 204 b
sb.scorecardresearch.com/ Frame 3235 0
284 B 33ms
33ms Image
text/plain 13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=9013027&cs_it=b3&cv=3.8.0.210223&ns__t=1666400749640&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1666400745619&c8=Vision%2B&c9=
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:49 GMT
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: VDCU7aV2gFtP2zIR5dz8aOryftWX0xS0TxYn6lM8bg-boTkLzjF5Ng==
x-cache: Miss from cloudfront

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ Frame 3235 0
47 B 173ms
172ms Image
text/plain 35.83.35.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.83.35.236 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-83-35-236.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:49 GMT
server: Server

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ Frame 3235 43 B
552 B 32ms
32ms Image
image/gif 18.66.122.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=590&frame_width=284&iframe=1&title=Vision%2B&time=1666400749641&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1666400745619&random_number=10011554403&sess_cookie=09c67217183fd398849517245c9&sess_cookie_flag=1&user_cookie=09c67217183fd398849517245c9&user_cookie_flag=1&dynamic=true&domain=visionplus.id&account=s+Whw1O7kI20L7&jsv=20130128&user_lang=en-US
Requested by: Host: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/bpe.html?fr=in&v=1666400745619
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Fri, 21 Oct 2022 02:09:37 GMT
Via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 82573
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
x-amz-meta-alexa-last-modified: 20110117123941
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: kOdrbdj7priSc2hqcdRgHZiyFahu6JTZDrWkOmAOOaB5RxLv9J_Pgg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 3235 2 B
22 B 38ms
38ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1698361108&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1666400745619&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=284x590&je=0&_u=YEBAAUABAAAAACAAIC~&jid=1596148899&gjid=1304170223&cid=147411731.1666400750&tid=UA-111351533-7&_gid=1742685897.1666400750&_r=1&gtm=2ouaj0&z=1633778453

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 01:05:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 3235 1 B
21 B 38ms
38ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1698361108&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1666400745619&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=284x590&je=0&_u=YEDAAUABAAAAACAAIC~&jid=1658254209&gjid=39331480&cid=147411731.1666400750&tid=UA-154114411-1&_gid=1742685897.1666400750&_r=1&gtm=2ouaj0&z=1705520113

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 01:05:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 3235 1 B
21 B 38ms
37ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1698361108&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1666400745619&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=284x590&je=0&_u=YEDAAUABAAAAACAAIC~&jid=947947125&gjid=564524152&cid=147411731.1666400750&tid=UA-111351533-1&_gid=1742685897.1666400750&_r=1&gtm=2wgaj0TRZJRWG&z=1020309632

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 01:05:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 3235 2 B
22 B 38ms
38ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1698361108&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1666400745619&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=284x590&je=0&_u=YEDAAUABAAAAACAAIC~&jid=1569248671&gjid=1282477306&cid=147411731.1666400750&tid=UA-111351533-7&_gid=1742685897.1666400750&_r=1&gtm=2wgaj0TRZJRWG&z=874262822

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 01:05:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 3235 1 B
21 B 38ms
38ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1698361108&t=pageview&_s=1&dl=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1666400745619&ul=en-us&de=UTF-8&dt=Vision%2B&sd=24-bit&sr=1600x1200&vp=284x590&je=0&_u=YEDAAUABAAAAACAAIC~&jid=1477942385&gjid=1098881789&cid=147411731.1666400750&tid=UA-154114411-1&_gid=1742685897.1666400750&_r=1&gtm=2wgaj0TRZJRWG&z=172214455

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 01:05:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022101801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 3235 379 KB
128 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1decf50a161fc7830e2f819b3ddf4657f8e95b1a931bbb8758b245e5771136d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13977
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130840
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 08:35:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 21 Oct 2023 21:12:52 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ Frame 3235 1 B
22 B 95ms
31ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-111351533-7&cid=147411731.1666400750&jid=1596148899&gjid=1304170223&_gid=1742685897.1666400750&_u=YEBAAUAAAAAAACAAIC~&z=152076599

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 22 Oct 2022 01:05:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ Frame 3235 1 B
22 B 84ms
32ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-111351533-7&cid=147411731.1666400750&jid=1569248671&gjid=1282477306&_gid=1742685897.1666400750&_u=YEDAAUABAAAAACAAIC~&z=124958253

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.visionplus.id/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 22 Oct 2022 01:05:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ Frame 3235 107 B
122 B 111ms
40ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.visionplus.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3235 107 B
122 B 109ms
40ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.visionplus.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3235 37 KB
15 KB 102ms
102ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4136237663162242&correlator=4500141570692103&output=ldjh&gdfp_req=1&vrg=2022101801&ptt=17&impl=fifs&iu_parts=7108725%2CVplus-Widget-Banner-iNews&enc_prev_ius=%2F0%2F1&prev_iu_szs=243x110%7C300x250%7C243x100&ifi=1&adks=4109564508&sfv=1-0-38&sc=1&cdm=www.visionplus.id&abxe=1&dt=1666400749926&lmt=1666400749&dlt=1666400749332&idt=571&adxs=21&adys=369&biw=-12245933&bih=-12245933&isw=284&ish=590&scr_x=-12245933&scr_y=-12245933&ucis=7guuhns9n1q5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.visionplus.id%2Fbesportse%2Fphotose%2Fbpe.html%3Ffr%3Din%26v%3D1666400745619&top=https%3A%2F%2Fntt.inews.id&frm=8&vis=1&psz=268x-1&msz=243x-1&fws=256&ohw=0&ea=0&ga_vid=147411731.1666400750&ga_sid=1666400750&ga_hid=1698361108&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b32ee58a1d6b3e34b6a16eec6a5dc3835396677c1a7d94b16e2efc0319da7866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15419
x-xss-protection: 0
google-lineitem-id: 6136770363
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138409513375
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.visionplus.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3aac9ca2367975ff7a2046697ca2f490.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9F45 6 KB
3 KB 78ms
39ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3aac9ca2367975ff7a2046697ca2f490.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 01:05:49 GMT
expires: Sun, 22 Oct 2023 01:05:49 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9505 0
0 94ms
93ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssK1ryozD4xi5TCJ6HFzIBkvd2OvGIiD3XTLuR1BpZLfSYydBtxBqZfi82a4AlK0nK7OMU9S1TYR9a4812HJsglKSyNgqInjArNkHsAcED-dezepzINw_jZMJufkVAadEFRkGlLvaqS7DltLVBTPAIoIkji6zJ-_eEWulzjGt1n3-YcvzTqafNUaYg1KVff6VaFtuSbWM2EVBw2AmW-zsJAmeuYUndq7IUfV2MAVq8k_HiNENwRh-5oMeLWtywzbsw50w1B90Qh6ZcJabsbujq4r8yQlIgseeaADfK-py7wMyz1y8tcqwb1tC7MllXPBt5zXc14LWx4k-ZZI0v6Ng&sai=AMfl-YQVDFHYkmyFwp1kz5LGAbQNdxZ85tvBF3WNYa1W_WE3KHw_-8CWjU17QXSCsJMa6V8u7SzQH7bZIl5LTuhE4ZjqhCZPk0FonUjCPxeP&sig=Cg0ArKJSzC96SG7jRq-oEAE&uach_m=[UACH]&adurl=

Requested by

Host: ntt.inews.id
URL: https://ntt.inews.id/?utm_source=inewsntt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/ Frame 9505 23 KB
9 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 11:14:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49860
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Nov 2022 11:14:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 9505 3 KB
1 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 12:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Nov 2022 12:32:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9505 0
0 39ms
39ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0vJ-hQXmOesgsqAxTBzZcZB9ok8XNtPjw_nZbGK1BMY2-MoCe-JiPzuCDzh4VxNkHJ0zp1Ol8hA_V5sFC785nv-SBsg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9505 152 KB
46 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47476
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666179788250400"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Oct 2022 01:05:50 GMT

GET
H3 200 4729967900352923802
tpc.googlesyndication.com/simgad/ Frame 9505 52 KB
52 KB 31ms
31ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4729967900352923802

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6afea708204fa3e2ae89d6a9dc173523398d0242b8de6bf8ca3f1f5aed247f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 03:11:01 GMT
x-content-type-options: nosniff
age: 251689
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53343
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 02:58:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 19 Oct 2023 03:11:01 GMT

GET
DATA 200
OK truncated
/ Frame 9505 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04329c40040104c66529307c81f4669d3d4bd79c3c9ad62466146a08dca800a0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9505 0
0 129ms
67ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshWzdSHYGZCWKlZZG2-XWsbQkuffram_NsIAbyxnNzhriOqh1ZB4u5_txvPlrn-Lbp9aupGbjx15YR3_IzF7buF_gd16w1rvnHAdn4i5pfmKoflgjupU-LIu3rH5fAqAD9et_jrZvmJ-F5TdzyLFcNnRUds_Eg5GtNlyO-lt1xzRhJg-U8SgkleNfDLfNyYmTWM0PCw6Iog6BYggM9--0GkYR76OzXtiDJniBHpe2uIsQ2sRVrs5-jZVLZhdtWQ3uec2JFdW6M0ES5rRi-IIhEvTcnpv9o-tLUdZRWoLFHGBXo0D3l6HRzJzqr3z4tpaLp33-KJ8lUooVsnkv77wtc&sai=AMfl-YRRCu69G4-vs9-m-W374xzpIOKiuBfTEv1mfFjyVuIT9-tfInt1tuRpOEUcdyXjZJOWTDN1DCTkrMuVy5yb29SWNsmUXaEyXa8QXOCh&sig=Cg0ArKJSzCRW4mmL68oXEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 22 Oct 2022 01:05:50 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3235 15 KB
11 KB 55ms
55ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21c9326422cb7a2a25c01335572e54649a12ec7a5f95eed44100976bdcf60297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11341
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3235 17 KB
6 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Oct 2022 01:05:50 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 49F4 13 KB
5 KB 31ms
30ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.visionplus.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 38687
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Oct 2022 14:21:03 GMT
expires: Sat, 21 Oct 2023 14:21:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AD66 783 B
535 B 42ms
41ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8685094b8f276a9b049f7bec4da52270ec32329d1948efd462f14b845bf6ca4c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-B5N5GLzDYer4RvWeq-odsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.visionplus.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-B5N5GLzDYer4RvWeq-odsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 01:05:50 GMT
expires: Sat, 22 Oct 2022 01:05:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 zmeOo8ONk1YqWYD8DpPjl7c0n4Y1CeYWRiKSJrvfmvk.js Show response
pagead2.googlesyndication.com/bg/ Frame 49F4 36 KB
16 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zmeOo8ONk1YqWYD8DpPjl7c0n4Y1CeYWRiKSJrvfmvk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce678ea3c38d93562a5980fc0e93e397b7349f863509e61646229226bbdf9af9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 21:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16035
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Oct 2023 21:40:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AD66 0
0 67ms
67ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101801&jk=4136237663162242&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 49F4 0
10 B 34ms
34ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AIPOyw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 01:05:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3235 0
0 67ms
66ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101801&jk=4136237663162242&bg=!JSalJmLNAAaaxvStusY7ACkAdvg8WkzFj2T8MMi9VMePuGF_4t8ASivwz2rKNr9wuTsuZ_kTnSTW7wIAAABTUgAAAAJoAQeZAscnxYncDT9bAUOFcyLBSOdSrZmcvLA9J5uxUXUUMIn7W2coJuzN9IdrX-6FpKhwyZRFIh1tWTGmSkOim_zjGnBhmCfOf7ElDtBFLnAmSvMycSAyFXi6S02eA-bn-4Mc2u5yT6bOyRinaHIgIULHJF0brlkKT0QKPIiODEhRhu6Uc8uG-FkJ4Usfs6oSJCmY8ELmoXlygkqo5BS4vIqFzSl7gusis4gtYhHuYuAvVLw2VF7P2AbtZmBq6ij50l643YSb-qvyd3ylYLeEcgnqruV6nQfHcS-4XOM1LSPh5BFUfXQE_zVgu5OhLeqbqmYZTRADey4sLalW5pv6EAhP_35YyMMEkfClA6mPqxS0k34q0NfqDi18YUcHrcEE3gblYO1I0FGlDR2SXWB6jDxEQSfQrxS_vHag5oISvd7ViUs-Ol4qEnTDTpabiE-TYnRbKP1UJ3mHZhgDQlg2wJ6-b4XT7gDVGL_JhERargrmSKx2tZVjZIBKxU_sIKKb_xqS5T_qhoYRJLYjKNcpQsSp-iHCUkGBHdlvlAC4LwO_x0ZSHxP5EeTa3ji8m5A5qaGbFkBumm7z1Ymt30Fk4GkDxYoeqPf4vbYmlbfLaH7p_PA2LGCynPe1UuYXcfW7EZh9IBPI_cDZrI0N2wAl7aINFzIVKU8p1ikelW0FtUp1tIa39LE1mcdiLYbBmWPG0dtW8TFdp45s9UON5aKUjkuDIUf7rkDA8NbzgJ99x42rtYF0Jjmdv3D_L8N-oCmRJIyhvPgjG0wG3Kb_OjeWxVE06Ws7jm4LYBXu45qfTOzhJNNKTGu7Lk2VhNcBlyVdmqcTCoe49QL_spSOUjTFlFP5msLS2zXaXvypD2euSDd-NuOuV2X33dKPL-k_bxbhjKujD2yXOkgkJn_rXaPcJ1oNkXxQPP4Iw5TdLU8gInbGqRsUzAbYbFACarA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.visionplus.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame 4DBE 0
127 B 34ms
34ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 22 Oct 2022 01:05:51 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame D773 0
127 B 45ms
45ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 22 Oct 2022 01:05:51 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Domain: static.rctiplus.id
URL: https://static.rctiplus.id/fta_rcti/logo/placeholder.jpeg

Domain: www.visionplus.id
URL: https://www.visionplus.id/besportse/photose/img/ph_2-3.jpg

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.scorecardresearch.com/	1970-01-20 16:29:20	Name: UID Value: 1C28bf1ddf561a7ba32e38a1666400744
.inews.id/	1970-01-20 16:14:56	Name: __gads Value: ID=835100ec0570e267-2279c1c452ce0033:T=1666400744:S=ALNI_MZfthYDbKAcl2oweQHGptwfvHEp5A
.inews.id/	1970-01-20 16:14:56	Name: __gpi Value: UID=00000b768b28e153:T=1666400744:RT=1666400744:S=ALNI_MaDabf8br5Nr8tEmbLJNSwY8_ro4w
.inews.id/	1970-01-20 06:54:47	Name: _gid Value: GA1.2.1382991204.1666400745
.inews.id/	1970-01-20 06:53:20	Name: _gat_UA-109056487-1 Value: 1
.ntt.inews.id/	1970-01-20 16:29:20	Name: _ga Value: GA1.3.1709644260.1666400744
.ntt.inews.id/	1970-01-20 06:54:47	Name: _gid Value: GA1.3.1382991204.1666400745
.ntt.inews.id/	1970-01-20 06:53:20	Name: _gat_UA-109056487-4 Value: 1
.inews.id/	1970-01-20 16:29:20	Name: _ga_10CQL436CK Value: GS1.1.1666400744.1.0.1666400744.0.0.0
.inews.id/	1970-01-20 16:29:20	Name: _ga Value: GA1.1.1709644260.1666400744
ntt.inews.id/	1970-01-20 07:36:32	Name: _pbjs_userid_consent_data Value: 3524755945110770
.inews.id/	1970-01-20 07:36:32	Name: pbjs-pubCommonId Value: 9dc6dd1c-f6c4-4175-98fe-2dc9b9280a34
ntt.inews.id/	1969-12-31 23:59:59	Name: pbjs_debug Value: 0
.doubleclick.net/	1970-01-20 16:14:56	Name: IDE Value: AHWqTUnach0IHisReQGdgvgCw8bdYQ3pl9iO4ZjQeSgFusHewKvAFCDo95stiBfUonw
ntt.inews.id/	1970-01-20 16:14:56	Name: cto_bidid Value: -xB2FF9nWDFDTlExOHAlMkJuYWVKdSUyQmVnRDQlMkJpYVU4WEdJU0lZVExzd2tvWXIxaGV1eHRiYyUyQlVwYmZzSEwwWmcycnFmM0ZNbXlwJTJCOUFPcVRLRmxWQTFUdzE0MUElM0QlM0Q
ntt.inews.id/	1970-01-20 16:14:56	Name: cto_bundle Value: K3VgO18lMkYlMkZnNWN4ZzZiJTJCT2slMkJONzglMkZTZVJzODNmaUUxUlRzbzg5UCUyRk9hWk9hTHN2T1Z3JTJCYlJlSThGUDlHaTFVR1BBOWsxV0pINmp4UnF6VTJZU1lpSWNMbzJJRGNQaSUyRmltcEFDQW5sM2xqenhlaEJlTEJ2VTl3RklkM25HUExKc09FbCUyQg
.inews.id/	1970-01-20 09:02:56	Name: ssidInews Value: U2FsdGVkX19V/yuMNYcoHA1VSJjWh5U0ufZ0TrlB86RV7UX3PeXdromtmOI0QRO4biXEVhhm4GCZu4ag4aXRlg==
ntt.inews.id/	1970-01-20 06:53:27	Name: XSRF-TOKEN Value: eyJpdiI6IlJzSXhOZE1hZk9nWVlvT2g5c3p6Nmc9PSIsInZhbHVlIjoiNFkrN3doTEd2Y3BDZU5SQkZJUE1XWCtzc0RyblVHTE8yMHVrYlFZWU9MRnlUZU9JekUzODhFaXlsZFhkVG9teGZOczdcL0FMWXdaZnNRUkVyOXp5OTZRRVJ4QXhkQWVoalpjNVQ2QUVBcDN6ZHBWT3RcL1lIOXZSUkVFRVwvSnlcL3BIIiwibWFjIjoiZmNhY2E0OGQ2M2I0OGRkNmVmOWIyZTFkNDJkMGRlNzk1ZGYzYjU2Mjg0Y2YzZTRiNzAyMjE2Nzk1ZmYwOTZlOSJ9
ntt.inews.id/	1970-01-20 06:53:27	Name: inewsportal_session Value: eyJpdiI6IlR4T2kxYXNUVExFYUZLREVJUE9ObGc9PSIsInZhbHVlIjoieDBkUGNqSENFSjlyeDB1STVuVEZGbE0yeklaUEFaZDZ0VWRQQ0FuMG9IRVBpSlptNWJNOFNIM1NSYnpBY0Q2WER0OURtaVhXN2VoVU9uajExbVp2TTlFMHNWSmFxUEZ5M2Y4Vk51OVFiTUVHcDBLYjRTSFp0NlBlcDNJSU1PMGIiLCJtYWMiOiJjM2QxZTczOTZmZDU4ZDIwNjg4ODlhMmE2ZTIyNmUwN2EzZDBiYTFmOTI3ZDRhNTJhNjA3MzExNzI0MzVjMjRiIn0%3D
ntt.inews.id/	1970-01-20 06:53:24	Name: _lr_retry_request Value: true
ntt.inews.id/	1970-01-20 07:36:32	Name: _lr_env_src_ats Value: false
ntt.inews.id/	1970-01-20 07:36:32	Name: id5_storage Value: %7B%22created_at%22%3A%222022-10-22T01%3A05%3A46.750901132Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D
ntt.inews.id/	1970-01-20 08:19:44	Name: pubmatic-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-10-22T01%3A05%3A46%22%7D
.inews.id/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1666487146792
.visionplus.id/	1970-01-20 16:29:20	Name: _ga Value: GA1.2.147411731.1666400750
.visionplus.id/	1970-01-20 06:54:47	Name: _gid Value: GA1.2.1742685897.1666400750
.visionplus.id/	1970-01-20 06:53:20	Name: _gat_gtag_UA_111351533_7 Value: 1
.visionplus.id/	1970-01-20 06:53:20	Name: _gat_gtag_UA_154114411_1 Value: 1
.visionplus.id/	1970-01-20 06:53:20	Name: _gat_UA-111351533-7 Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://img.inews.co.id/media/600/files/img/ntt.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	error	URL: https://ntt.inews.id/?utm_source=inewsntt Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://ntt.inews.id' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3aac9ca2367975ff7a2046697ca2f490.safeframe.googlesyndication.com
7389e89805f3d48ba2541bf65f85cc1e.safeframe.googlesyndication.com
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
adservice.google.nl
ajax.googleapis.com
analytics.rctiplus.com
api.rlcdn.com
cat.nl.eu.criteo.com
cdn.jsdelivr.net
cdn.okezone.com
cdn4-hbs.affinitymatrix.com
cdnjs.cloudflare.com
certify-js.alexametrics.com
certify.alexametrics.com
cluster-images.visionplus.id
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hbs.ph.affinity.com
i.buddyku.id
id.crwdcntrl.net
id5-sync.com
img.celebrities.id
img.idxchannel.com
img.inews.co.id
img.okezone.com
img.sportstars.id
inewsntt.id
match.adsrvr.org
mug.criteo.com
ntt.inews.id
pagead2.googlesyndication.com
pict.sindonews.net
pix.eu.criteo.net
platform.twitter.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
region1.google-analytics.com
rm.id
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sindikasi.inews.id
sindikasi.okezone.com
static.criteo.net
static.inews.co.id
static.mncnow.id
static.rctiplus.id
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
unpkg.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www.mnctrijaya.com
www.rctiplus.com
www.visionplus.id
api.rlcdn.com
static.rctiplus.id
www.visionplus.id
104.244.42.136
108.138.17.30
116.204.249.112
13.32.121.72
141.95.98.65
178.250.0.139
178.250.0.162
178.250.2.146
178.250.2.148
18.66.122.101
2001:4860:4802:34::36
202.147.193.156
216.139.248.131
2600:9000:206f:c800:1f:824e:58c0:93a1
2600:9000:2156:5200:1c:7874:a680:93a1
2600:9000:218f:7600:1:b1a4:2f40:93a1
2600:9000:223e:3e00:e:c3de:61c0:93a1
2600:9000:223e:8600:1f:4c6b:cc00:93a1
2600:9000:223f:a000:11:320f:7780:93a1
2600:9000:2250:4200:c:4bf0:5680:93a1
2600:9000:225e:8e00:c:5e3e:d280:93a1
2600:9000:2394:4a00:9:965a:8240:93a1
2600:9000:2491:5200:f:e29d:1c40:93a1
2600:9000:2491:7400:15:c3e:78c0:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6810:5614
2606:4700::6810:7daf
2606:4700::6811:190e
2606:4700::6812:1d64
2606:4700::6812:a80
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9a
2a02:2638:1::13
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::2
2a02:2638::3
2a03:2880:f21c:81e5:face:b00c:0:4420
2a06:98c1:3120::3
2a06:98c1:3121::3
35.83.35.236
52.223.40.198
54.76.69.59
64.185.181.185
79.133.177.229
79.133.177.230
88.221.168.201
013dba738c2ef768c6a2339406a490ace9f450cab1a7d5e3142ba2a2074dcbf8
01473cfcbee7a16017e14a60249ad7fda667b2811c0a51b3207bf8d9707f9a3d
0188a714186d85517d2dbbe16fd3722c92c84d05af90f94a2b348aface0d1b23
0278e05948f95ba94656b45a5547d33f57ed6e54e6a0f24bb731d51b24ba05c5
04329c40040104c66529307c81f4669d3d4bd79c3c9ad62466146a08dca800a0
06e5a6c54dead4b0a6bf969005f9e0be1347f1b5e265c50619fa29538c3e2c91
090a17ab307902519fdfb7747fcc2ea435c47d8c97433648ccea300759ce4b40
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0affaf9e68cb104b016ac6a37fbe87f22bfef68099bcae04f277889bf5ecbcc0
0b51d2a4419d2eba7f4deaceded280f509d0b203fcbbe02b39e25d0b1ac7ae1e
0bb9c46e2afd92a2737caed5c84895c475c7891eb42e9fd0301794dc9df79f5d
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d96d17e0808e153cc1bea4b5608862917b322df6d84d75abe13373596a1d646
0e7f143ab01a31627abf8eb65cf4312a01420129535b8dc843f43ef93638162b
104bb3f6901464dd1baffcb3b07eb508224ca309fd94569e68895e9e17362c3d
107cd8b4fd2286d6891309790c30e191fcf7955a9d24af52c76b288b2e6a6ff3
108824c867822978dc2b2a8f8cc4c3780a0be22a6441fc6b241f448327e1f44c
10980d61a054f279e0d593a30d004e37a24bfa1ae1130b766fc7138e84c5905d
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
12eb096a7e01e8496f2a796e0d22e8f4555c695dc307290f6dab408e8d7ee01c
1521e234e96ef5150b56b60c5288e85ab18efbad583aeb6125739caf92d1001f
173db1855e61e64ef4a8a4fd3a5707d718bbca8066fef951816b92da1a5cce83
196eb4e1c32206100f0e8ad4ec1d25770d5dc9d91acd7b7972ec369440323aaf
1a4d0de3d4c5c46bdfe137e53ed5ce780f331969ce905a38b914ba407cb91103
1aaa0852e64e0974d0d684ddf2c2023969430bab106fdcca0bd09c1274f257fc
1add158a89a2fb6ede9ce43694df19a39cf258b14549ab0a83d510ce62bc4f3e
1bcc94e40f42e94375694b00d4f60d5eb609cfda21f7c64d58cb4a270823200f
1dd559e191ad2988517dcdd3001d5c3d4c9df406ff10b59172685d12212d8138
1decf50a161fc7830e2f819b3ddf4657f8e95b1a931bbb8758b245e5771136d2
21c9326422cb7a2a25c01335572e54649a12ec7a5f95eed44100976bdcf60297
22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4
24758169dd6ea3dca49bbacb4076ffc3b2448b50ed0c98cc7a10a167be0431be
255fb384fd4c7d30b572bf2553bf338e8535144f1e52ebe332267928c6238e1e
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
26f08a503e5ae3e0b71454740be5a1646b971c387d35660f6f0914159cd17724
287b6f06439e45d18c49c89c821c656e74d20bc42d4ebf2f3cffd4078c3446dc
28c97ead5adc3c0fef50ff7aa0f1ebc0005be9af587ad25b945d2e4420f3cdda
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2afd80dd7d92497bacd3831ed176ace1538b0e5512c8519754610d6f1ab197f6
2ba526a508ff52afa5358c83c97eff0206984c608c0ca75d5b422dfb9c22e879
33488fdc6d4984eb17255d2cfbe8700c4ee626a9bc4e834b52cbddac06fb2528
338e84586decc51ac996395ee4039d88040a863dd2775c2f7c22ff161c1c896f
36852a6f8fe58b46478b6c4eb9a6e725392fe4ec2dd3352a6a93941663bd657e
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
3b571f3642807f973bcaeba0dfb25d873313fb66fa894fa01de708e734f0cc47
3dd875ddc79324ff1da3eb380db55c5388f27d278d342adc1f5c14ba9b7f99d1
40cb368f045d5452437d16c14a82ceeec9b37204f16b657be49d086106ae4700
446f3b6702bbe73262f0e7e25f8960baf0f686bcc19150b38410e672231af808
44af12a38e94a85d1147dc4f771905165b71c5d391a80db23cc20411b11f05ec
45ad770b839452a1f5a64e57052d2b7ea4f41e8d9bfe95507d085c3439f73609
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
47a90770f6bacfe6e02ac3001addf4a4464ba5231259de0980ae9e6730cea88a
482f89ec31e57302372b11a3d7392ce139d9fa7e9b1148a0cadc0096d0547a2a
4baad1cfa65428f1dc07ce2a2783fa7572394665f2a85a1721a972ea4814ac2d
4bae17d7ab2ac4e552c988b4e3ef75bbe30149d0f4f66b18ad5bc987dde3325b
4bc293beff345fafa59f04bdc380ef8d03bb5b58f10aaf344122d5798dc60a24
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ecadbc29a7ba5c12fde2b9651274b277c0e3e1404133d4eddbfa84c677b6bbf
4f42878772b8f0da147cd8218966b6369dabaef673af964077745ade9303a4a4
55a0bf1642d1bd7a234f600647e44646e616fee58bb74db6a7796555e36124bb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c76feb47fcf244ff18d7e708bdc5a3e1a146a41456a1949890c6714f3aea1f
582278a6972aa6cdf00383f943d12c04d75d94a2033b696d761a77a3a5045209
58406bdb89d442965b8ee73be2adfe68135734ce95ff80839130c0db7e93d186
58829310446141245c0d42db51e4ae4956161a6908ece19e3dad56bc139d56c2
5894a3649b213cf5b2d673b6e7a871815fd1d120fa68a463592f27db14eae323
5bbffa7322a01459d23bac2cfca73edab07ccf4071858026533384ff4415797d
5e5558cb88e11a5f18ea8eb9bcee840434eb4c20a5a0d2d3b6937b33ed900df7
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
6009aa2e362761afb69012b2fba1e259ea1a812fb28c6c4ec8c5b41e23853733
604531a3d1929b4f0103f311b4a194ecee5f52ab81b289ce5792f6dbf3a5a593
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
625ffa977b5dd03b4d406e0a633325a3a9265042bc16c9238f046d6669a3623e
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
657a91f8fb81963b23b45732abbd8712eede2d140681eb3754eba862ec1ca075
65f75b3fb7e299ad87fa7bd72657ed7da5ddcf1e8690768c30629a4575ba3e7e
662ac00075123b7f5d3762d2b99737218a4699a7e930071535649b0c03d992b2
6639c89c562db38912bcc62216b60dffd7ad9c7b74b0a39636a531dc86704c4c
665820ac1bd1cc62b68f8cc6b54485c4721681f161fb9871ba318fca8e1620a1
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
672cad7677095651c6240ced97dfd1fcdd9e727b29c07215e5f84e2bb5507f16
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c01f8b138e3f7110a33606de5e2758d5fecb58e114be771b96fffa3bbd48bbe
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73539907a0136f79953669a4cf5e69b93c67d3bf4c8ee059d16773743b6b4e93
7405346c27ac86dfa9c7f8ae8e48de433573f951990ab34f80026d033c79c446
74f2bc40f6244cb2a2c7fbe997ee4eccea7d0947b06ca80096b952dc03e85880
74fd74d010b59678e8cdd1d6702978a5a5585c5bee01efa016dfa0fbb069711e
76694185e6cb27d3a75efad2bc8ee3a5af8ed11286e5c3465bdd9bfddcb08747
783192d3d88a72abee589a03a3adfeac587f7626882a4cce02a2aba07f230827
79adf9e5964c0c296744a2b06115685671557209f81382520499c7e62c8bc9d7
79e4cb833a7960f3d8c453e4f675bb2ca02c12c1bfadf0bb1c4b7f58aaf11427
7a70b3626d95924416fae501e1977ebd0029fdd4d74ae0fafb9bc84e02391014
7b619d37297cc78043688c9e695a6a0762adfcd63cc834f0736fbcc94ff6bc44
7bb4cac10236d97d976d9c18e8c7e8e2f38cc177f5a857eed4c269b372a7a321
7edc0cb931e1b025ba217ba5484c5717c952e55ba0c62d5f8eff4a31f9d29f38
81a2193f4efc051682bf3138fb4a3dde46aeb1cf5a0e2c87f287bf9e357260f6
823df4d4f681a392ef918e106005063d7567466259efc12b0687117b4526d7a8
8273e4392917c12d573def2d0b3db4e2d34f5d712e008cfa6fd36430e25978aa
8374e43ee6f7512f5d01e7fdf1b0110d754afffdcce407c5f6f78c287b88afef
8685094b8f276a9b049f7bec4da52270ec32329d1948efd462f14b845bf6ca4c
86a17f8e86eafb9cf4d15f8d4e9896b5ccb1a8e12fc277c3420d5abc873ea097
88968ee29b6ae40aa82d4a5fc20e3a7b3ac853c51044ac3d5ef1cfc90af7761a
88bab1c8012f83138804d6002ba7f04dcb18a69ba922637e6ccf547654813a98
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b28b11c55732748a3cdb27bf098f990a52631b2d6295a2f3511c871e95a1e13
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d47b4c2593df99176a3f38c179227f8d717f8809b6fa72af241871aee2cf88a
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f1a7a629c9f040b7ab9a191f139c563c8591d95e1b84222dac76a7bf962809e
8f60ca67e9c5c8d69de099e1c7c18d47e4766c4ddbd45a22cd92cde859686520
90faf4a27491583e8a4490274fbb7a898bfb4fbf40e188d95598fa2c80f8a0f4
91224a2be7a33f3e5c162dcffd319a9d4a804446efdc095cfd9d9c7130fe2cd6
937aaa154deed9b1e222398561218f8fac221943d4c0e7790e5014d4e67288fd
9474333d7aa7245993d7b1e587cbaa03f01caf631c11e356cd18694e93ee1242
94bb11eff3e63d6310b47c471ded236a1f64e1ecd532f2e8ddcf266b6464d032
95f36d2c3212d5e41caa894cddd8aa4d4904f70b27fde249382cd641b2e483cd
967b13c657d05d28926c464daa81fea65e885b115c26b68e144034398e41f5ba
99414a4adab183b81675a3047de21a9d07078e76b151aa264c6e0432996e5cc6
9af02dc140425ce2947dc03ebfd19271127747d2578ba8aaab72e500a3f53f13
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
9be05e75a8010e27cff48cd1d42f39661764c4ec06a46c21fe0dff5df09e2155
9f63073f8d2d0342d31fd4074be34f73595862c5ae2041466056171e12d69938
a053164365385c569e3fa4d968fb9c16675c88d3bf4bd9a402fd0a05e48fc1c8
a179ff3fe8c70e211932b694602858d21c9a0562058639eccd6eaaaba6306b80
a23d8a1e2ce9010b3f371ffee8afb4ea8b915054ff9f0341a61da5926b49924d
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a48720f34b8333900287903d50275de90ae3d9929e6d35ec3948089badb7258d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67d561154f280b75f36748087da31dae11310f7bc4d2a45587d5bbf0aedf8b4
a6ba4db3da98fc64d9def424dd8489edbaafc56a3e7dc8db4718b7837949ee03
a6ce02617a10530cf0538138cd4c0540a8f917aee304338f42d38bedc1e2e8af
a71aa2d8f421ec24850a82fa01a62b5f95d3b4ea98fdf9278366865083cde5ed
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a93822df32bb4e9bcf552797ffca7e1af92bc5c663ab086fec978a8fc1d4f69c
abecc8df83a51a762faaacfd465ef9069eceb1ac0c1dc8fa44ae56f219897c72
adb7832ac189f82a3a012eb3d1624195068432a1cada70167247da82cb8e5656
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af4b954cf45e99d5eccbea113dc2b66799cf8db96c3e8dfc33d145398743727b
afc6db7a549a92fc1296855f5414e33c5d02d97d938e5f8865a2ffa31bde1643
b05beb5a9a40307eb0228cca06a6426d2501485abcf448e8a31fedfb70e87e49
b05e1785e2dc74687cf2aa6351d949daa10e4c1e67385fc33dd450ade3f279ad
b105220d8c044084da36f099681f5558fde5163076a4e994e05fda234187839d
b32ee58a1d6b3e34b6a16eec6a5dc3835396677c1a7d94b16e2efc0319da7866
b3f015deb2a341a339024a15a640b0cd3f2151856f495eb9dc9c815a80bcc54a
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b573aeae6c5504229688d1ff3d72b734f1f5e146ec18414d055efe267f99c0bb
b82cbdaa2cc09331a02e98cc02272b4c6e338ca4098abeed6cbc65e655d69618
bbcfed2a93dcef85f23e4618f1f53b979531ad7e256ba63dd0b4fe5fa4328033
bda9dc16b5482b4ad25f206ae9aeab09459c376c37bd0c968757138c25fbbd03
bec56237a23452a7f35a7d752c45e6c97bd6c17ea717ea32dd1c7b47e9e89f3a
bfc9928792050fbde5a1a1786a7d389c946a4f1ad23f69175fdb9171e0836006
c009c5a8e84bb752e33508b3f54ece0fef823555100cbae70210abef24ea1b65
c02945ec1830ffe8b505b7a284e52664439d29600b783fed6e7b0e14c50004da
c0fc112f62a5e22811ad8af18fd933517f4132414bdd4aca7fe7d344e7e6e9a2
c0ff0c11cdeaff05a49fca0881be9b9417acb5f208994c8fc512dc84552a8e96
c1ea18d11886b00baca4d0974e5d4b057eb7a068f6c04c81aa6a0205894c5215
c289874df4757fcc9027ccbd38b7d7f7805ce67a37a048b86069089b02942f4f
c29349db5a9fd48170b7bbc29a98b63d609e5a81ad5d9219061c4d8f826a374c
c2c44e1cea627bdc38161379c94f0e20cf9df2d08fc8fe108b57a4a31ca5e01c
c4b2eb3e7b2d3f5d7ecb2e62185f2acc9a8043b76a59554537970a03b4ccf15b
c8cdc80bcc7e8f046889f36c7a6fb85939969429b33937f122eb8db920e768c2
cb8e5ca3f590885848c95d7493525ecdfeb4271f60c79274334177a32db12ff0
cc7029afe33654ed250644d8dfa2daa4ab0549731816980ab4733d92b86b1fca
cd12c8f0f4e8a4d5f1903239c3be91906dff284068edd49c1a7f728ccb5dd264
ce678ea3c38d93562a5980fc0e93e397b7349f863509e61646229226bbdf9af9
d0fea9c53e716be3a1533132706858c49afa9386dce14c34e602634de7e5fb13
d5722dd6b464726069fab1c1821c6681abe2a5a143fcd58fc109aecebdb44460
d59749aa9443b8d0e58bcb6e3c23efb08177e738f9a7cb8bc77e9266abd79c04
d6afea708204fa3e2ae89d6a9dc173523398d0242b8de6bf8ca3f1f5aed247f1
d7c0ce8ff67ff51c00843aaede30ab687a7f8aa58efb12f6b711fa56287ebc16
d7c772fb9baf80dd21c56afe929a81bfceeed6a1b33c51a9f6062cade47bae21
d887163975d331ecb96feb1f8470dd4d943de0f2e0303627182a7111702be2bb
d9bf54acfc2f866510bdb2ad1677da3086c72aeb69c979fca880d0fa07b24e1d
d9d3f9a535c897d07a1daab90df4be8438fbae05a972650723e8c0b2d1c030f6
dbfdc38f5f89b3ba3b06024d23c576ece8f5d05ed3fbb7537099ecc206283bc4
dcd189b3bb4c3ea32c3613315081a69074fc0964337f04f3e5d783a23e0183c7
dce5283ca6d723890e74d9a6889450f33095eb892262d4bd4c46f9a476a1d5f6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1cb0961cc3ad7eaa0740b49dc2e286cf4cf386bd86d523eae4bf4d954965217
e3429744f6e4166afaf9ca7a925540bdaa869e65ed4b15000300e971e1675092
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4495efeacd58f428b4d48983980d71779f815671571af299f50b82f3a85871f
e59c79c198476d8b48b3292805b2c97f96b737328d956158e52109766f64ad3d
e6d1c29dc9d38f999ae4c2cda3884effa8e17b0bb80054fb30cdc1e50908671f
e75f63b4b75f9c117a8e8d562532e65ba574d9c3a1a0732945c41b18b83ad08d
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
eca0dcbdaed5985a680233abe61ac188e947b85f2b48165cce08a8887db495db
ecdbf9b9d351f5f5fadd54fc1713931a02fab5dbe76698b5fedc240a0d727ca4
ed797406a0a387cdf28c0b60343cbb038f10c6cf541a74d2b7ffa59bb5bff088
edddaf0e134d150369adebdc563c702a7ffef371aa60f25af68931453fee16e4
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f089ee5ec465c07bbae50fd32ad44489d511bb66f27d1c166bca2a091ea4f740
f0a086c3cb3b3d4d09ae9ba96af6506ebebec54a7181ec8bdb23f2ee2aa31d0a
f0cfb0f9c31550d88260508ec92ba1e62e5724234a19187c219f3352efb5f8b9
f0e0f85d2239bedc9d11a77ca7b647cca281ea1be72731f5239ea482c828f01a
f12c075e062e645162c407ef8e9288be9b757bfc466eaaf83d67520d6646a64f
f1a1582bbe8c17b03cddc3dbf54f4ad7132fc56f171cad76a33004da623a09b9
f1c31a63c5d089392ee3b79c6622f4e7642d4cd964e940b0c850ee25fe80abc8
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f31219ecb01defc9ebb8aa29a6d0ce82e0f23a6eb146d79b470cc83906a23f76
f3a1d9b56ca3fe9f2986f33516b17b42565d93548760107c2940ad38cfa53827
f3e4b0b9cb7e4899eb18daa7e4d1217500ddeb9e12d1279b93c1ac7e4bf8c790
f5a9f6010307729a4ff2ea25ef1e832fd1f524c3a4d74febfc3a1f65333e75b8
f69b89737fd40509b450eb354bf0e4778f281372d6504d30465a97cb338df8d2
f9d374ef87ca2b8179870daa8739f8b060fc77446a4109ec87dc523bd8059ea4
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
feb1cf7d72afdeb62e3a3973f203c731647a570163df294ce1be39443e8ccb7a
ff0e175b37ff5c67ebfe82a9a016bef10216dde257b6cd5b1fde6a80cedd47d4
ffb71469816e7541203d7fc634d6f98a77e5ce2709d8abe7e468a87f6d35e86a
ffeaca6b0115d6e87b953c56dcf21601b48c1887ed1f4a07e5aee5392be607b3

ntt.inews.id Open in urlscan Pro 2600:9000:218f:7600:1:b1a4:2f40:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

306 Requests

98 %HTTPS

68 %IPv6

41 Domains

64 Subdomains

60 IPs

7 Countries

5290 kBTransfer

9410 kBSize

29 Cookies

204 Outgoing links

Page URL History

Redirected requests

306 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ntt.inews.id Open in urlscan Pro
2600:9000:218f:7600:1:b1a4:2f40:93a1 Public Scan

Screenshot
Live screenshot

Full Image

306
Requests

98 %
HTTPS

68 %
IPv6

41
Domains

64
Subdomains

60
IPs

7
Countries

5290 kB
Transfer

9410 kB
Size

29
Cookies

306 HTTP transactions
4 data transactions