money.frifayer.id Open in urlscan Pro
203.175.9.30 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.money.frifayer.id/
Effective URL:
https://money.frifayer.id/
Submission: On April 30 via automatic, source certstream-suspicious (April 30th 2022, 4:10:37 pm UTC) — Scanned from DE

Summary HTTP 95 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 19 domains to perform 95 HTTP transactions. The main IP is 203.175.9.30, located in Indonesia and belongs to RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID. The main domain is money.frifayer.id.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 30th 2022. Valid for: 3 months.

This is the only time money.frifayer.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	203.175.9.30 203.175.9.30	58487 (RUMAHWEB-...) (RUMAHWEB-AS-ID Rumahweb Indonesia CV.)
9	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.99.22 13.32.99.22	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:5600:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.156.233.6 35.156.233.6	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
6	2600:9000:225... 2600:9000:2251:2600:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
9	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
7	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
95	28

23 203.175.9.30 (Indonesia) 1 redirects

ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID)
PTR: sabang.satu.rumahweb.net

www.money.frifayer.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
money.frifayer.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-22.fra60.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:5600:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.233.6 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-233-6.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2251:2600:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	frifayer.id 1 redirects www.money.frifayer.id money.frifayer.id	4 MB
18	criteo.net static.criteo.net — Cisco Umbrella Rank: 634 pix.eu.criteo.net — Cisco Umbrella Rank: 8363 csm.eu.criteo.net — Cisco Umbrella Rank: 8397	203 KB
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	260 KB
6	consensu.org c.sharethis.mgr.consensu.org — Cisco Umbrella Rank: 54427	573 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	22 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	21 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11867 ads.eu.criteo.com — Cisco Umbrella Rank: 8360 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10468	47 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 63 www.google.com — Cisco Umbrella Rank: 5	2 KB
3	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4626 buttons-config.sharethis.com — Cisco Umbrella Rank: 5441 l.sharethis.com — Cisco Umbrella Rank: 4205	43 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 55	114 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8752	914 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 103	315 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 133	113 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 209	12 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 642	83 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 158	37 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 744	644 B
95	19

	Domain	Requested by
22	money.frifayer.id	money.frifayer.id
9	static.criteo.net	ads.eu.criteo.com
9	pagead2.googlesyndication.com	money.frifayer.id pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
7	pix.eu.criteo.net	ads.eu.criteo.com
6	c.sharethis.mgr.consensu.org	platform-api.sharethis.com c.sharethis.mgr.consensu.org money.frifayer.id
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com money.frifayer.id
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	money.frifayer.id www.googletagmanager.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	fonts.googleapis.com	client
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.facebook.com	money.frifayer.id
2	connect.facebook.net	money.frifayer.id connect.facebook.net
2	cdnjs.cloudflare.com	money.frifayer.id ads.eu.criteo.com
2	maxcdn.bootstrapcdn.com	money.frifayer.id maxcdn.bootstrapcdn.com
1	www.google.com	tpc.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	money.frifayer.id
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	platform-api.sharethis.com	money.frifayer.id
1	www.money.frifayer.id	1 redirects
95	28

This site contains links to these domains. Also see Links.

Domain
facebook.com
www.youtube.com
jejakdosen.com

Subject Issuer	Validity	Valid
money.frifayer.id cPanel, Inc. Certification Authority	`2022-04-30` - `2022-07-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-07` - `2022-05-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2022-03-08` - `2023-04-06`	a year	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://money.frifayer.id/
Frame ID: FFF8C5350FFC305C1C26667A23B03B2E
Requests: 58 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/zrt_lookup.html
Frame ID: 3103E8020CAA168309815CFD814E3B43
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3355609318760577&output=html&adk=1812271804&adf=3025194257&lmt=1651335031&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmoney.frifayer.id%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651335030877&bpp=406&bdt=275&idt=629&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=655499051122&frm=20&pv=2&ga_vid=1493299113.1651335031&ga_sid=1651335032&ga_hid=941801855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=2216964143424506&pem=813&tmod=632085327&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=642
Frame ID: FA72094AF36FCF56E330A84FC0C4CCC6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 20779297CDFB236A29059C2C03079B8C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Frame ID: 69D9AD0F4946D43C3DBC1CDCBB138BBC
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym1fdwAJlrMIFUAtAAL301xDrDtbQPJck4XtwQ&u=%7COvL6QEhKVgjMHrED5nnMKy2B9OKthdGsazCdzy%2F4wI8%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdZlgCa1hERbv7MCIf5na5Oh6SkI0q7vdN2hcmpUyCqwqn7V_GhJMolq0gceTJWKr7GONrNMa9Xi0txPyttnqeL_-TaT5HPOuAupi-cr1eOhkp4D3O6ipf6sHRtgWghzkceK5Joiy82gxAyKUV5p_wKbBDdHy5lqP6pCue122FPY_EsCJ74K7mpX_1CBpWgPXHO5_Yji5W3oCYLbRDmajPbC4jPiniWKNMrReo_XFx_RonCD5-8aod1mVOpajaVUx0v8g45qS1gWzYD1O9yvcmtUIN7PJUTcsWQRsf6Xs3WUelDxvbVgLkyGI9lGdn1OfKvqqRvDWS4C2QkX9p56d9Orh2kDA2AxjGQt7KTeLDjuHhri8j4funNUjQWOtr9CBQqTIH7aU09wAuJ-wnUE4V&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs2f_d19tYrOtJq2A1fAP0--LqAPJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNTU2MDkzMTg3NjA1NzegAdW20uoDyAEJqQJ0rdIaaLCxPqgDAaoExwFP0B-oHCu4UMLN5F18WyBU8eP7wz-lmr_c4xn-VzXccX8IUbOSuwCN1cSXmK4RroMa5a_Qf0pLLcg6gqtwlRow9pSAirqLRAsVzT-TvTXauHYIE892_MdbqB7JrhfzHzy14lto8yM93OhcJphHiUd5uvgzEja5Jai_SxvyuxPJnylObcMgadaw8NTxkUsOmB6MFG3pe5q5ERFJ-kMAW0fFaWItva47YfjkasTOspx2-uDxxHMih-GvMtM4V_PRvgD3ibDkVIwmgAbcioG9gIPG97YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2vriCxyY3Np5offAabYHHs3PQ7fw%26client%3Dca-pub-3355609318760577%26adurl%3D
Frame ID: 42285FE41655101A9AD36C765250A0F4
Requests: 21 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 96D678353F0F412B0A755FB0495CF807
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CF2A46E17D66A5792DE6DAE27708FED3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 70FCA8AF40A76021125A039978A5E6BE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

money - Memahami seputar keuangan

Page URL History Show full URLs

https://www.money.frifayer.id/ HTTP 301
https://money.frifayer.id/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

95
Requests

100 %
HTTPS

74 %
IPv6

19
Domains

28
Subdomains

28
IPs

4
Countries

6186 kB
Transfer

9635 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/wowthemesnet/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/

Search URL Search Domain Scan URL

URL: https://jejakdosen.com/disclaimer/%E2%80%9D
Title: Disclaimer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.money.frifayer.id/ HTTP 301
https://money.frifayer.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

95 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
money.frifayer.id/
Redirect Chain

https://www.money.frifayer.id/
https://money.frifayer.id/

51 KB
12 KB

407ms
398ms

Document
text/html

203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to

Full URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: 4359e7a13f431d0eb886b11569a6e3646496f7b35893f5100dbbacad18b9a7af

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-length: 12568
content-type: text/html; charset=UTF-8
date: Sat, 30 Apr 2022 16:10:28 GMT
expires: Sat, 30 Apr 2022 16:10:28 GMT
link: <https://money.frifayer.id/wp-json/>; rel="https://api.w.org/"
server: Apache
vary: Accept,Accept-Encoding

Redirect headers

cache-control: max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 30 Apr 2022 16:10:28 GMT
expires: Sat, 30 Apr 2022 16:10:28 GMT
location: https://money.frifayer.id/
server: Apache
vary: Accept,Accept-Encoding
x-redirect-by: WordPress

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
55 KB 155ms
56ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3355609318760577

Requested by

Host: money.frifayer.id
URL: https://money.frifayer.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d51e01bb005f7a1e3ed0397974d22778e8a4f7d2657ece0e65eb0be20ed6770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://money.frifayer.id/
Origin: https://money.frifayer.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56120
x-xss-protection: 0
server: cafe
etag: 3642826250949815012
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 16:10:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 152ms
53ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-205955290-7

Requested by

Host: money.frifayer.id
URL: https://money.frifayer.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1fc0b70f1ba9252988090e75d503f341ccd8a1d23f828bde91ced5ca6b9928cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
last-modified: Sat, 30 Apr 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 30 Apr 2022 16:10:30 GMT

GET
H2 200 style.min.css
money.frifayer.id/wp-includes/css/dist/block-library/ 81 KB
11 KB 203ms
201ms Stylesheet
text/css 203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to

Full URL: https://money.frifayer.id/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by: Host: money.frifayer.id
URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:29 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 04:26:12 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public, public
accept-ranges: bytes
content-length: 11206
expires: Sun, 30 Apr 2023 16:10:29 GMT

GET
H2 200 styles.css
money.frifayer.id/wp-content/plugins/related-posts-by-taxonomy/includes/assets/css/ 416 B
446 B 198ms
196ms Stylesheet
text/css 203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to

Full URL: https://money.frifayer.id/wp-content/plugins/related-posts-by-taxonomy/includes/assets/css/styles.css?ver=5.9.3
Requested by: Host: money.frifayer.id
URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: 715d95401a0252ab3f290b8d318f8f6bfd0bf1163f025767fa065200c5e6f883

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:29 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 04:26:11 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public, public
accept-ranges: bytes
content-length: 283
expires: Sun, 30 Apr 2023 16:10:29 GMT

GET
H2 200 screen.min.css
money.frifayer.id/wp-content/plugins/table-of-contents-plus/ 1 KB
490 B 199ms
198ms Stylesheet
text/css 203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to

Full URL: https://money.frifayer.id/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106
Requested by: Host: money.frifayer.id
URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: 2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:29 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 04:26:11 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public, public
accept-ranges: bytes
content-length: 456
expires: Sun, 30 Apr 2023 16:10:29 GMT

GET
H2 200 bootstrap.min.css
money.frifayer.id/wp-content/themes/mediumish/assets/css/ 147 KB
20 KB 387ms
385ms Stylesheet
text/css 203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to

Full URL: https://money.frifayer.id/wp-content/themes/mediumish/assets/css/bootstrap.min.css
Requested by: Host: money.frifayer.id
URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:29 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 04:26:12 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public, public
accept-ranges: bytes
content-length: 20030
expires: Sun, 30 Apr 2023 16:10:29 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 44ms
15ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: money.frifayer.id
URL: https://money.frifayer.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
age: 8560703
cdn-cachedat: 11/15/2021 21:49:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 8b677d48aa464c28c0815c97adbbe174
cf-ray: 70418c45bf685b2c-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 style.css
money.frifayer.id/wp-content/themes/mediumish/ 30 KB
7 KB 201ms
199ms Stylesheet
text/css 203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to

Full URL: https://money.frifayer.id/wp-content/themes/mediumish/style.css?ver=5.9.3
Requested by: Host: money.frifayer.id
URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: b91d0579b285654d238ee242496f3cd7eff57b455982f255ad7d68ff08e9ddac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:29 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 04:26:12 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public, public
accept-ranges: bytes
content-length: 7375
expires: Sun, 30 Apr 2023 16:10:29 GMT

GET
H2 200 public.css
money.frifayer.id/wp-content/plugins/recent-posts-widget-with-thumbnails/ 1 KB
552 B 198ms
197ms Stylesheet
text/css 203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to

Full URL: https://money.frifayer.id/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1
Requested by: Host: money.frifayer.id
URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: da470b3fa9846fcb2282224f927b46de191b750c7457882078ec0bc7966bb83e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:29 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 04:26:11 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public, public
accept-ranges: bytes
content-length: 518
expires: Sun, 30 Apr 2023 16:10:29 GMT

GET
H2 200 frontend-gtag.min.js Show response
money.frifayer.id/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 12 KB
3 KB 198ms
197ms Script
application/javascript 203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to

Full URL: https://money.frifayer.id/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.3.0
Requested by: Host: money.frifayer.id
URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: e69d17966c87ced93f60016674f0e6b10786838cfc6973e34e195649166b225e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:29 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 04:26:10 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public, public
accept-ranges: bytes
content-length: 3221
expires: Sun, 30 Apr 2023 16:10:29 GMT

GET
H2 200 jquery.min.js Show response
money.frifayer.id/wp-includes/js/jquery/ 87 KB
30 KB 572ms
571ms Script
application/javascript 203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to

Full URL: https://money.frifayer.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: money.frifayer.id
URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:29 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 04:26:12 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public, public
accept-ranges: bytes
content-length: 30908
expires: Sun, 30 Apr 2023 16:10:29 GMT

GET
H2 200 jquery-migrate.min.js Show response
money.frifayer.id/wp-includes/js/jquery/ 11 KB
4 KB 386ms
385ms Script
application/javascript 203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to

Full URL: https://money.frifayer.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: money.frifayer.id
URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:29 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 04:26:12 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public, public
accept-ranges: bytes
content-length: 4169
expires: Sun, 30 Apr 2023 16:10:29 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 187 KB
42 KB 322ms
111ms Script
text/javascript 13.32.99.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: money.frifayer.id
URL: https://money.frifayer.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-22.fra60.r.cloudfront.net

Software

Resource Hash

0cf72ecd5c93398efc9866c99c06bbdcbd021f3ac7592728d970be2a587afe88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:01:55 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 515
etag: W/"2ecb3-EnNWPFoUPbSrc7pcI0FHroXDv+c"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: FRA60-P3
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: 8Iw2HsyA8Ob56c65yWCr8sTj1FgGUQkEm0ht3lQXKLQbTI-HYUM2AQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 70ms
66ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-218062778-6

Requested by

Host: money.frifayer.id
URL: https://money.frifayer.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aaab901f4bb829961d86814f9b9c132ded2e3514b5ce5ca480275867666a6fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38751
x-xss-protection: 0
last-modified: Sat, 30 Apr 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 30 Apr 2022 16:10:31 GMT

GET
H2 200 Untitled-2-1.png
money.frifayer.id/wp-content/uploads/2022/01/ 99 KB
100 KB 201ms
198ms Image
image/png 203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://money.frifayer.id/wp-content/uploads/2022/01/Untitled-2-1.png
Requested by: Host: money.frifayer.id
URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: 2d0d97b12d62889803f4272294868c6222e9e9f06de58cba85fe0a5d8e8454aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:29 GMT
last-modified: Sat, 30 Apr 2022 04:26:12 GMT
server: Apache
vary: Accept,Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public, public
accept-ranges: bytes
content-length: 101308
expires: Sun, 28 Aug 2022 16:10:29 GMT

GET
H2 200 avatar_user_1_1626320667-40x40.jpg
money.frifayer.id/wp-content/uploads/2021/07/ 1 KB
2 KB 376ms
375ms Image
image/jpeg 203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://money.frifayer.id/wp-content/uploads/2021/07/avatar_user_1_1626320667-40x40.jpg
Requested by: Host: money.frifayer.id
URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: 0f447dbc55fc7e00f9f4cd8bd810f36f5f708deb019c3cb5ce52e5ca36ee9b96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:29 GMT
last-modified: Sat, 30 Apr 2022 04:26:12 GMT
server: Apache
vary: Accept,Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public, public
accept-ranges: bytes
content-length: 1507
expires: Sun, 28 Aug 2022 16:10:29 GMT

GET
H2 200 entrymetastyle.css
money.frifayer.id/wp-content/plugins/wp-author-date-and-meta-remover/css/ 727 B
281 B 199ms
198ms Stylesheet
text/css 203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to

Full URL: https://money.frifayer.id/wp-content/plugins/wp-author-date-and-meta-remover/css/entrymetastyle.css?ver=1.0
Requested by: Host: money.frifayer.id
URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: 187724d0ba4b62560e86a5d1210ce948d313285437f16924aa4e31b34cfea56c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:29 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 04:26:11 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public, public
accept-ranges: bytes
content-length: 247
expires: Sun, 30 Apr 2023 16:10:29 GMT

GET
H2 200 front.min.js Show response
money.frifayer.id/wp-content/plugins/table-of-contents-plus/ 6 KB
2 KB 200ms
199ms Script
application/javascript 203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to

Full URL: https://money.frifayer.id/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106
Requested by: Host: money.frifayer.id
URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:29 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 04:26:11 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public, public
accept-ranges: bytes
content-length: 2349
expires: Sun, 30 Apr 2023 16:10:29 GMT

GET
H2 200 tether.min.js Show response
cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/ 24 KB
7 KB 70ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js

Requested by

Host: money.frifayer.id
URL: https://money.frifayer.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1679592
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6714
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffc-619d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7UafuJZ15KUpxr1ByFpIPzX5wS%2F60uUdePmb7NLsleMWKAFAebCUez0AB%2FDezxFRzQblmbYkEyRhCdNg9B%2FRx15aym6nGBxDq0x61Ov7%2BJGP8sjzVNtj3FcL6sSSm12eP35E%2B8nCejNzlIIiGnlEOz8Q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70418c49addf9055-FRA
expires: Thu, 20 Apr 2023 16:10:31 GMT

GET
H2 200 bootstrap.min.js Show response
money.frifayer.id/wp-content/themes/mediumish/assets/js/ 46 KB
12 KB 390ms
386ms Script
application/javascript 203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to

Full URL: https://money.frifayer.id/wp-content/themes/mediumish/assets/js/bootstrap.min.js
Requested by: Host: money.frifayer.id
URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:29 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 04:26:12 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public, public
accept-ranges: bytes
content-length: 12031
expires: Sun, 30 Apr 2023 16:10:29 GMT

GET
H2 200 ie10-viewport-bug-workaround.js Show response
money.frifayer.id/wp-content/themes/mediumish/assets/js/ 668 B
455 B 202ms
199ms Script
application/javascript 203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to

Full URL: https://money.frifayer.id/wp-content/themes/mediumish/assets/js/ie10-viewport-bug-workaround.js
Requested by: Host: money.frifayer.id
URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: 98ea99e45ff5cfd752359c2e005a8d62483e9454550e150fa0e1636b6909a16a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:29 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 04:26:12 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public, public
accept-ranges: bytes
content-length: 422
expires: Sun, 30 Apr 2023 16:10:29 GMT

GET
H2 200 masonry.pkgd.min.js Show response
money.frifayer.id/wp-content/themes/mediumish/assets/js/ 29 KB
9 KB 390ms
387ms Script
application/javascript 203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to

Full URL: https://money.frifayer.id/wp-content/themes/mediumish/assets/js/masonry.pkgd.min.js
Requested by: Host: money.frifayer.id
URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: a1c3e3eda469b9527dec74be3979f715197d7b5bea27c036e4d0a3220d109961

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:29 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 04:26:12 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public, public
accept-ranges: bytes
content-length: 8661
expires: Sun, 30 Apr 2023 16:10:29 GMT

GET
H2 200 mediumish.js Show response
money.frifayer.id/wp-content/themes/mediumish/assets/js/ 5 KB
2 KB 203ms
199ms Script
application/javascript 203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to

Full URL: https://money.frifayer.id/wp-content/themes/mediumish/assets/js/mediumish.js
Requested by: Host: money.frifayer.id
URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: cc818d589973034712a010fad5f22d98085332636510fd6709c03e278e70867c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:29 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 04:26:12 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public, public
accept-ranges: bytes
content-length: 1634
expires: Sun, 30 Apr 2023 16:10:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 126ms
38ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205955290-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2141
date: Sat, 30 Apr 2022 15:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 30 Apr 2022 17:34:50 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/ 308 KB
110 KB 141ms
66ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3355609318760577&plah=money.frifayer.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3355609318760577

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b1561b99b8fd52fada048d453ed90f8efdcde805d41c5420c23812def24dcfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112581
x-xss-protection: 0
server: cafe
etag: 12130719123994294188
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 16:10:31 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/ Frame 3103 10 KB
5 KB 125ms
39ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3355609318760577

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://money.frifayer.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 22:33:00 GMT
etag: 3347421328414474149
expires: Fri, 13 May 2022 22:33:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 60f3d7ca97b2a50019e8ec88.js Show response
buttons-config.sharethis.com/js/ 198 B
621 B 429ms
401ms Script
text/javascript 2600:9000:223c:5600:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/60f3d7ca97b2a50019e8ec88.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:5600:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

20207fdfcfa63de300c1908f24423bbc3d17d05bd8f9afc948ef034d9f2f3d37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 30 Apr 2022 16:10:32 GMT
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
last-modified: Sun, 18 Jul 2021 07:35:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
etag: "ae3ddd416abc4c95617760ff995124dc"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 198
x-amz-cf-id: JbjL_UEEgzBcZv7StJ_MJ5yzGDzb2pr_7UAuL6tokm6fMaiDTqbylw==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
404 B 42ms
8ms XHR
text/plain 35.156.233.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=money.frifayer.id&location=%2F&product=ga&url=https%3A%2F%2Fmoney.frifayer.id%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=money%20-%20Memahami%20seputar%20keuangan&cms=unknown&publisher=60f3d7ca97b2a50019e8ec88&sop=true&version=st_sop.js&lang=en&description=FriFayer.id%20Adalah%20Situs%20yang%20Membahas%20Segala%20Hal%20Seputar%20Game%20Free%20Fire%20(FF).

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.233.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-233-6.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 16:10:31 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: https://money.frifayer.id
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 55ms
53ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-218062778-6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205955290-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c4d97c075b1d7d555a824df4cb23066cf5c194c5108e86c7c57a5e661c5b9ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38812
x-xss-protection: 0
last-modified: Sat, 30 Apr 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 30 Apr 2022 16:10:31 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: money.frifayer.id
URL: https://money.frifayer.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: 8Xju8owmIfKqrY5CVWsGPZMvmbuTF9uBDd2lqBexvK1ntWssxEY67YKkMe7QSUWqqVq0gkBTYgIcleLRQKoTyA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sat, 30 Apr 2022 16:10:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Untitled-1.png
money.frifayer.id/wp-content/uploads/2022/02/ 4 MB
4 MB 377ms
376ms Image
image/png 203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://money.frifayer.id/wp-content/uploads/2022/02/Untitled-1.png
Requested by: Host: money.frifayer.id
URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: a1f76301389d307cd9fad91707c05f55c6f8069db59a5ebb064b744208ef6116

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:29 GMT
last-modified: Sat, 30 Apr 2022 04:26:12 GMT
server: Apache
vary: Accept,Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public, public
accept-ranges: bytes
content-length: 4177336
expires: Sun, 28 Aug 2022 16:10:29 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 54ms
34ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://money.frifayer.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:31 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 601
access-control-allow-origin: *
cdn-proxyver: 1.02
cdn-cachedat: 04/09/2022 08:19:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "af7ae505a9eed503f8b8e6982036873e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e520aa727f233b0d50523f3d6158b76e
accept-ranges: bytes
cf-ray: 70418c49ad2d9b8f-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdo3cOWxw.woff
money.frifayer.id/wp-content/fonts/source-sans-pro/ 16 KB
16 KB 197ms
196ms Font
font/woff 203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to

Full URL: https://money.frifayer.id/wp-content/fonts/source-sans-pro/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdo3cOWxw.woff
Requested by: Host: money.frifayer.id
URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: bf2407a363c64ac9143d0b0c4c84557c6d2bbd322c9bc47f7880357762b25829

Request headers

Referer: https://money.frifayer.id/
Origin: https://money.frifayer.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:29 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 04:26:10 GMT
server: Apache
vary: Accept-Encoding
content-type: font/woff
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 16092
expires: Sun, 28 Aug 2022 16:10:29 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7jujVj9w.woff
money.frifayer.id/wp-content/fonts/source-sans-pro/ 16 KB
16 KB 196ms
196ms Font
font/woff 203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to

Full URL: https://money.frifayer.id/wp-content/fonts/source-sans-pro/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7jujVj9w.woff
Requested by: Host: money.frifayer.id
URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: fc2c94460cb68669b9b642beb119e70b23fb99f967cc8b753916eab530156128

Request headers

Referer: https://money.frifayer.id/
Origin: https://money.frifayer.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:29 GMT
content-encoding: gzip
last-modified: Sat, 30 Apr 2022 04:26:10 GMT
server: Apache
vary: Accept-Encoding
content-type: font/woff
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 16132
expires: Sun, 28 Aug 2022 16:10:29 GMT

GET
H3 200 492294802237398 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 78ms
70ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/492294802237398?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e031f1d5f391dd26b445ee8c15c450386fb136bef95ea1727a25c7c4b68ad4d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: mo6H+Y97561hyKPFi6GZTUosICL/DBW8jZpqAGSeml1/pnRPw+5mHE27PpwEzu5g/u7jHUjN9lc5r0Mez49bCg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 30 Apr 2022 16:10:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651335031390
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gambar_2022-01-27_155400.png
money.frifayer.id/wp-content/uploads/2022/01/ 272 KB
273 KB 542ms
542ms Image
image/png 203.175.9.30
RUMAHWEB-AS-ID Ru...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://money.frifayer.id/wp-content/uploads/2022/01/gambar_2022-01-27_155400.png
Requested by: Host: money.frifayer.id
URL: https://money.frifayer.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.175.9.30 , Indonesia, ASN58487 (RUMAHWEB-AS-ID Rumahweb Indonesia CV., ID),
Reverse DNS: sabang.satu.rumahweb.net
Software: Apache /
Resource Hash: 2379a0394a5a0313c8d2fd8142c3ad2c952101919e16a39085e91ac31121126d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:30 GMT
last-modified: Sat, 30 Apr 2022 04:26:12 GMT
server: Apache
vary: Accept,Accept-Encoding
content-type: image/png
cache-control: max-age=10368000, public, public
accept-ranges: bytes
content-length: 278911
expires: Sun, 28 Aug 2022 16:10:30 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 117ms
39ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 30 Apr 2022 17:06:38 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 24ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=492294802237398&ev=PageView&dl=https%3A%2F%2Fmoney.frifayer.id%2F&rl=&if=false&ts=1651335031435&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1651335031433.1762577591&it=1651335031315&coo=false&rqm=GET

Requested by

Host: money.frifayer.id
URL: https://money.frifayer.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sat, 30 Apr 2022 16:10:31 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
644 B 124ms
41ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=money.frifayer.id&callback=_gfp_s_&client=ca-pub-3355609318760577

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3355609318760577&plah=money.frifayer.id

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

541c81198ced93a02ba26b1ca2782726170ae0b75c206ae070000f8fd601d953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 183ms
48ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=money.frifayer.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Apr 2022 16:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 132ms
48ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=money.frifayer.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Apr 2022 16:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 69ms
69ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fmoney.frifayer.id%2F&tn=HEADER&cls=navbar-light%20bg-white%20fixed-top%20mediumnavigation&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: money.frifayer.id
URL: https://money.frifayer.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 16:10:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FA72 37 KB
13 KB 262ms
188ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3355609318760577&output=html&adk=1812271804&adf=3025194257&lmt=1651335031&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmoney.frifayer.id%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651335030877&bpp=406&bdt=275&idt=629&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=655499051122&frm=20&pv=2&ga_vid=1493299113.1651335031&ga_sid=1651335032&ga_hid=941801855&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=2216964143424506&pem=813&tmod=632085327&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=642

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31de50b1d8242e065acee91641d84cc24f09f80a3cbc79a418c93f8c66c92514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://money.frifayer.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 13236
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 16:10:31 GMT
expires: Sat, 30 Apr 2022 16:10:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 45ms
45ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=941801855&t=pageview&_s=1&dl=https%3A%2F%2Fmoney.frifayer.id%2F&ul=en-us&de=UTF-8&dt=money%20-%20Memahami%20seputar%20keuangan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=1974405665&gjid=207309383&cid=1493299113.1651335031&tid=UA-205955290-7&_gid=1585947985.1651335031&_r=1&gtm=2ou4r0&did=dZGIzZG&gdid=dZGIzZG&z=178351749

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://money.frifayer.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 16:10:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://money.frifayer.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 46ms
45ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=941801855&t=pageview&_s=1&dl=https%3A%2F%2Fmoney.frifayer.id%2F&ul=en-us&de=UTF-8&dt=money%20-%20Memahami%20seputar%20keuangan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUIhBAAAAC~&jid=982452309&gjid=1701290182&cid=1493299113.1651335031&tid=UA-218062778-6&_gid=1585947985.1651335031&_r=1&gtm=2ou4r0&did=dZGIzZG%2CdZTNiMT&gdid=dZGIzZG.dZTNiMT&z=1694866799

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://money.frifayer.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 16:10:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://money.frifayer.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 is_eu Show response
c.sharethis.mgr.consensu.org/ 14 B
397 B 49ms
13ms XHR
application/json 2600:9000:2251:2600:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sharethis.mgr.consensu.org/is_eu

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:2600:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7a9029645ca045423baf70eb0ef119d0640061fbb4813631607dc9b44771bec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:31 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"e-y/fjTepD2HNpTnKC8rRrbahwByo"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 14
x-amz-cf-id: gat5P8CTuY0HNZf-pVZnrQypHKQcooTd7lTXvzEOohjQcC0b-mJa2w==

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/ 146 KB
52 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

027bebdc66e1b93137d273034437d1e31f409abc678f455a233d50d8e8386a41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52957
x-xss-protection: 0
server: cafe
etag: 7133624110957967853
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 16:10:31 GMT

GET
H2 200 cmp-v2.js Show response
c.sharethis.mgr.consensu.org/ 2 MB
526 KB 24ms
9ms Script
text/javascript 2600:9000:2251:2600:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sharethis.mgr.consensu.org/cmp-v2.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:2600:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

de1254db705dfdbaf8729128a1542f529bfb652e18f641b4bc95913291aed189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:09:59 GMT
content-encoding: gzip
age: 41
etag: W/"1e520e-xmVeAvgEKipiBnOijNf/GYBaahQ"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: fLjHE3S1OktQX50Y0cMJkVC0qN1ebGzOj8VDIH7K3Ol0nwmzIANQKA==

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 2077 0
18 B 17ms
8ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: money.frifayer.id
URL: https://money.frifayer.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://money.frifayer.id
Referer: https://money.frifayer.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://money.frifayer.id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 16:10:31 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 120ms
45ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=money.frifayer.id

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Apr 2022 16:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 126ms
47ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=money.frifayer.id

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Apr 2022 16:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/ Frame 69D9 10 KB
4 KB 36ms
36ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://money.frifayer.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62384
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 22:50:47 GMT
etag: 3347421328414474149
expires: Fri, 13 May 2022 22:50:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 69D9 0
0 77ms
77ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cyj1pd19tYrOtJq2A1fAP0--LqAPJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNTU2MDkzMTg3NjA1NzegAdW20uoDyAEJqQJ0rdIaaLCxPqgDAaoExAFP0B-oHCu4UMLN5F18WyBU8eP7wz-lmr_c4xn-VzXccX8IUbOSuwCN1cSXmK4RroMa5a_Qf0pLLcg6gqtwlRow9pSAirqLRAsVzT-TvTXauHYIE892_MdbqB7JrhfzHzy14lto8yM93OhcJphHiUd5uvgzEja5Jai_SxvyuxPJnylObcMgadaw8NTxkUsOmB6MFG3pe5q5ERFJ-kMAWwXHSPCqMjIo3mTwyRTzFGR_7upHzl06BVVnD3XK6O39poVdDaNbgAbcioG9gIPG97YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzM1NTYwOTMxODc2MDU3NxgA&sigh=sIFnWIzomEY&uach_m=[UACH]&cid=CAQSGwCNIrLM25knlC66EsccAxruAzGwXfapEvKjQxgB

Requested by

Host: money.frifayer.id
URL: https://money.frifayer.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 30 Apr 2022 16:10:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 30 Apr 2022 16:10:32 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 69D9 0
0 59ms
16ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMz6RO0HfJ2DYgICAAAAULPxvXBnsnMQd19tYstEHurQepFb7-yVABIAAA&wp=Ym1fdwAJlrMIFUAtAAL301xDrDtbQPJck4XtwQ

Requested by

Host: money.frifayer.id
URL: https://money.frifayer.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:31 GMT
server: Kestrel
server-processing-duration-in-ticks: 211739
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 4228 139 KB
46 KB 143ms
103ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym1fdwAJlrMIFUAtAAL301xDrDtbQPJck4XtwQ&u=%7COvL6QEhKVgjMHrED5nnMKy2B9OKthdGsazCdzy%2F4wI8%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdZlgCa1hERbv7MCIf5na5Oh6SkI0q7vdN2hcmpUyCqwqn7V_GhJMolq0gceTJWKr7GONrNMa9Xi0txPyttnqeL_-TaT5HPOuAupi-cr1eOhkp4D3O6ipf6sHRtgWghzkceK5Joiy82gxAyKUV5p_wKbBDdHy5lqP6pCue122FPY_EsCJ74K7mpX_1CBpWgPXHO5_Yji5W3oCYLbRDmajPbC4jPiniWKNMrReo_XFx_RonCD5-8aod1mVOpajaVUx0v8g45qS1gWzYD1O9yvcmtUIN7PJUTcsWQRsf6Xs3WUelDxvbVgLkyGI9lGdn1OfKvqqRvDWS4C2QkX9p56d9Orh2kDA2AxjGQt7KTeLDjuHhri8j4funNUjQWOtr9CBQqTIH7aU09wAuJ-wnUE4V&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs2f_d19tYrOtJq2A1fAP0--LqAPJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNTU2MDkzMTg3NjA1NzegAdW20uoDyAEJqQJ0rdIaaLCxPqgDAaoExwFP0B-oHCu4UMLN5F18WyBU8eP7wz-lmr_c4xn-VzXccX8IUbOSuwCN1cSXmK4RroMa5a_Qf0pLLcg6gqtwlRow9pSAirqLRAsVzT-TvTXauHYIE892_MdbqB7JrhfzHzy14lto8yM93OhcJphHiUd5uvgzEja5Jai_SxvyuxPJnylObcMgadaw8NTxkUsOmB6MFG3pe5q5ERFJ-kMAW0fFaWItva47YfjkasTOspx2-uDxxHMih-GvMtM4V_PRvgD3ibDkVIwmgAbcioG9gIPG97YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2vriCxyY3Np5offAabYHHs3PQ7fw%26client%3Dca-pub-3355609318760577%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

382d3a68638b09de054318341aa727616aeb62939e3650d332f25cea607967dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 16:10:31 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=CzkjY7SYR7koD7fWlrdOtZ_gCtGqLXb_3JpwBX3grA0w0f2z5Ef9VAdzJpzKtmyLEzIySFGjKfyvCk_iMfrogkpUJTqk9VEuGhZtT2Dg49R5H5pbwMGESmktvQDjXR0BKipvqFxXo-SI-sassqdtcNw-rZuCwmj34closHihH9IQzBTOLKn87z3E5Zav4WE4Om2ksVc1J3__Y4X7V0Lq90I5MGWEqFnoixtO1pvSPCLaUWs-2Wj7qSyxpXiJ69DP4D-u8A"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 84567185
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 69D9 3 KB
1 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 May 2022 16:08:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 69D9 120 KB
37 KB 141ms
54ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Apr 2022 16:10:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 69D9 15 KB
7 KB 122ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 May 2022 16:10:22 GMT

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame 96D6 2 KB
1 KB 7ms
7ms Document
text/html 2600:9000:2251:2600:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sharethis.mgr.consensu.org/portal-v2.html

Requested by

Host: c.sharethis.mgr.consensu.org
URL: https://c.sharethis.mgr.consensu.org/cmp-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:2600:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://money.frifayer.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 195
cache-control: max-age=3600, public
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 30 Apr 2022 16:07:17 GMT
etag: W/"865-g9QqzjbIJI1xmvSY3DM2A/8Cpl8"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-id: sKx7LOKLGtwVQ3LLMylVIPX6LruubZAZxfONN-3veVx89EcX_hi7Qw==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

GET
H2 200 css
fonts.googleapis.com/ 8 KB
782 B 132ms
49ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b63f1d1ecf7ffbcd8030947ec3184aed0b770bbf8627bd2a586524321fa1c342

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 30 Apr 2022 16:02:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 30 Apr 2022 16:10:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 30 Apr 2022 16:10:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 124ms
48ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

074aac6835a1ff9484df943f763b1ddec44324450f4723ca7b525535e365d655

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 30 Apr 2022 14:52:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 30 Apr 2022 16:10:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 30 Apr 2022 16:10:32 GMT

GET
H2 200 vendor-list.json Show response
c.sharethis.mgr.consensu.org/v2/ 318 KB
40 KB 7ms
7ms XHR
application/json 2600:9000:2251:2600:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sharethis.mgr.consensu.org/v2/vendor-list.json

Requested by

Host: c.sharethis.mgr.consensu.org
URL: https://c.sharethis.mgr.consensu.org/cmp-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:2600:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6191ced7f31344ef4c947bae4e6b466138b04922cb92f2410f760b74b666aa63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 15:50:23 GMT
content-encoding: gzip
age: 1223
etag: W/"4f68f-VWXlfjLCpaurPd6k+ZHOupdQPiU"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amz-cf-pop: FRA60-P3
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: U4izJRuEA7kifrvq1H7p_A9hx5-_RpS5jTD_mxhg0TYpVWor81mnZA==
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)

GET
H2 200 cmp-list.json Show response
c.sharethis.mgr.consensu.org/v2/ 9 KB
3 KB 7ms
7ms Fetch
application/json 2600:9000:2251:2600:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sharethis.mgr.consensu.org/v2/cmp-list.json

Requested by

Host: c.sharethis.mgr.consensu.org
URL: https://c.sharethis.mgr.consensu.org/cmp-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:2600:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

820601bb589f733bc79796c667c27c803c424c2bae79ed561ddbcfbc5cc0e5d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept: application/json
Referer: https://money.frifayer.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 13:40:26 GMT
content-encoding: gzip
age: 9026
etag: W/"24f4-Ehx6PFYHbqLCNxRwamQUb3RhjTA"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amz-cf-pop: FRA60-P3
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: fhyfBeLdctW-zMu2D0pXPRvHGcreSCKkX1o_zAhMNklks3wjvvqHww==
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 4228 2 KB
1 KB 63ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym1fdwAJlrMIFUAtAAL301xDrDtbQPJck4XtwQ&u=%7COvL6QEhKVgjMHrED5nnMKy2B9OKthdGsazCdzy%2F4wI8%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wfdZlgCa1hERbv7MCIf5na5Oh6SkI0q7vdN2hcmpUyCqwqn7V_GhJMolq0gceTJWKr7GONrNMa9Xi0txPyttnqeL_-TaT5HPOuAupi-cr1eOhkp4D3O6ipf6sHRtgWghzkceK5Joiy82gxAyKUV5p_wKbBDdHy5lqP6pCue122FPY_EsCJ74K7mpX_1CBpWgPXHO5_Yji5W3oCYLbRDmajPbC4jPiniWKNMrReo_XFx_RonCD5-8aod1mVOpajaVUx0v8g45qS1gWzYD1O9yvcmtUIN7PJUTcsWQRsf6Xs3WUelDxvbVgLkyGI9lGdn1OfKvqqRvDWS4C2QkX9p56d9Orh2kDA2AxjGQt7KTeLDjuHhri8j4funNUjQWOtr9CBQqTIH7aU09wAuJ-wnUE4V&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs2f_d19tYrOtJq2A1fAP0--LqAPJntKxXIX-l_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTMzNTU2MDkzMTg3NjA1NzegAdW20uoDyAEJqQJ0rdIaaLCxPqgDAaoExwFP0B-oHCu4UMLN5F18WyBU8eP7wz-lmr_c4xn-VzXccX8IUbOSuwCN1cSXmK4RroMa5a_Qf0pLLcg6gqtwlRow9pSAirqLRAsVzT-TvTXauHYIE892_MdbqB7JrhfzHzy14lto8yM93OhcJphHiUd5uvgzEja5Jai_SxvyuxPJnylObcMgadaw8NTxkUsOmB6MFG3pe5q5ERFJ-kMAW0fFaWItva47YfjkasTOspx2-uDxxHMih-GvMtM4V_PRvgD3ibDkVIwmgAbcioG9gIPG97YBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2vriCxyY3Np5offAabYHHs3PQ7fw%26client%3Dca-pub-3355609318760577%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:32 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 25 Apr 2023 16:10:32 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4228 2 KB
1 KB 63ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:32 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 25 Apr 2023 16:10:32 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 4228 308 B
636 B 36ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:32 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 25 Apr 2023 16:10:32 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 4228 507 B
835 B 36ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:32 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Tue, 25 Apr 2023 16:10:32 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 4228 43 B
348 B 60ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=4BS1vnsnO68UYrYiDu2RaQt1qcxIO8b4dTOH3ZC_goDw4qd41u3QS1R46O8RjE1-QxdtqTWYgReOieD9TnNE3sEgdRkd2qeZu0nevULynNp63M16FHE0y1QG-H-rT6tQW5yPjggYV9NigE_-BdMKF_yfcXdmnbRa-a00v3wtfU3EmclHkaEYV5QsXB_pTuJroE9-sts5SfygOcrFM91GTEokz0BQ44RQPb-IJzbagDJyHO6OQtlBMvq_VTijdcDLM9Q6U8rRz5bChubk4BBx3tAbxfOL1n32aq4S9-N3WXQYVp2cF-hWEMiNWjWhDI4x5RwVk_4g96q8V8UjcMl0uVkk03IUnzXZZNckL6z4PPi3_UCkKN8As5HRdZoNgaR5a2cuCxphGtiSd3xpM0U3fdlaMc04jCb8DL0Yxwkvk-prP1PzOJ3ffSAICGHr1jlSzwP8Qg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 16:10:31 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3298381
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gear.png
c.sharethis.mgr.consensu.org/static/media/ 1 KB
1 KB 7ms
7ms Image
image/png 2600:9000:2251:2600:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.sharethis.mgr.consensu.org/static/media/gear.png

Requested by

Host: money.frifayer.id
URL: https://money.frifayer.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:2600:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9a8d6fec895b72510a781f8c72643450f7cdac47e65136de8c132526e9bccc30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:29 GMT
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
age: 34935
etag: W/"418-mq8l6jU/x/aM4wjuAx3Ipuodoz0"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400, public
x-amz-cf-pop: FRA60-P3
content-length: 1048
x-amz-cf-id: ZnpecrJKM6HcqZpNIO5vPnyFD1C4eFxeNQ0GKXa4G1-kyBniMfKUlg==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 122ms
40ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://money.frifayer.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 321925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 22:45:07 GMT

GET
DATA 200
OK truncated
/ Frame 69D9 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42e6e00a9bba91f6d1a6c97aeb425a7bc962397693879e0a66e8ad3508f6b96f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4228 12 KB
5 KB 48ms
22ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 623309
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zc5vDL0le%2Bb0aqQYm40sRl3ipdO7ICuom6uSQ4s4dQS2VmiqJAqe6LXRclnMCPfBeNvqLFauzVGucS%2Fd2cfU2cTe%2BoOsH5RkpXZxmrjarvSoWNJ01WQeNGNMq%2FCrKmDG30tYc%2FKF%2FghsGv2tFUtZl68p"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70418c501e149150-FRA
expires: Thu, 20 Apr 2023 16:10:32 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 4228 12 KB
6 KB 17ms
17ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:32 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 25 Apr 2023 16:10:32 GMT

GET
H2 200 481598564da646f69bf741ec80763656_museocyrl-500.woff
static.criteo.net/design/dt/ Frame 4228 45 KB
46 KB 70ms
42ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/481598564da646f69bf741ec80763656_museocyrl-500.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f987b7beba9c09d83e550788b3dc5190d20c705f744fcedb14a541211b5db0ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:32 GMT
content-encoding: gzip
last-modified: Thu, 28 Jun 2018 08:44:38 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b349ff6-b5a0"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 25 Apr 2023 16:10:32 GMT

GET
H2 200 bc5d9888511b477f8bb2e25a5b427f52_museocyrl-300.woff
static.criteo.net/design/dt/ Frame 4228 45 KB
45 KB 44ms
16ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/bc5d9888511b477f8bb2e25a5b427f52_museocyrl-300.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2fe96ef95f0ef87759dd5ee2cee663219fa46363e2fbe34aacf66cb0ff6e575a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:32 GMT
content-encoding: gzip
last-modified: Thu, 28 Jun 2018 08:44:38 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5b349ff6-b498"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 25 Apr 2023 16:10:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4228 29 KB
29 KB 93ms
46ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2F8ee840d4a3ed46b29e29bc1b9545348c_stardardcon.png&v=3&w=464&s=JNY-W3BlZXtwqIHsOQyRFfTG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c4e1d6dac257b1f10f34c13ef8ec41e9e0cd8133c8e947aef4d756e19213649c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:31 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30360918
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 29187
expires: Mon, 17 Apr 2023 01:45:51 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4228 6 KB
7 KB 62ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F16254118-oVlR6H9F.jpg&v=3&w=400&s=LZCxEcxEY_Zdks46BLXolNu0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

72fd3ea94036f037c24fd7e3dba265f5897ca3963ac7924089b1010b6daf44a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:32 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=455540
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6506
expires: Thu, 05 May 2022 22:42:52 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4228 23 KB
23 KB 62ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1617111096%2F21075623-gvoQ94t0.jpg&v=3&w=400&s=obfXZp4x_8uYlLdtE4umLOuA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c8e98770f818ed207dfb07d683d2e7a94708f44a38a6dd61ea9b9d3b5e7e2220

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:32 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=485185
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 23192
expires: Fri, 06 May 2022 06:56:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4228 3 KB
3 KB 76ms
30ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1527095102%2F16103813-VAL4nu2W.jpg&v=3&w=400&s=3WSwhQjKAjWrYdGdCaJDG6kc&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bf460502dccf3558b6f4486cf292930956db6f4fa9d23bf101d626afeb909b35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:31 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=584146
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 3160
expires: Sat, 07 May 2022 10:26:19 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4228 25 KB
25 KB 100ms
54ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1643186434%2F22015667-3kmZ6suo.jpg&v=3&w=400&s=HpBs172q6Yfacp-R5rCmOKwS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3f29e6501d56bb7a37dd1b8a9f0707a06b8c7f78f48cb68599cfea96f2f1f647

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:31 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=407375
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 25446
expires: Thu, 05 May 2022 09:20:07 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4228 3 KB
3 KB 106ms
60ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F16103830-aXtMpx4U.jpg&v=3&w=400&s=LqoP9n0Zz5cqxlYOQKJF634i&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3da03ee621d5aeb1ec24b098b77f9770478b19c1f8ac1c44e273b689f1cd5a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:32 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=4622
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 3188
expires: Sat, 30 Apr 2022 17:27:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4228 9 KB
9 KB 46ms
46ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1648849713%2F22077531-fyLqiarW.jpg&v=3&w=400&s=jPNehiPqGSqXApGOVjMcv9uP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a64bb319648bcf69e3794ab27530ad29b7ea009668d608b19301818aa7c5db63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:31 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=431111
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 8966
expires: Thu, 05 May 2022 15:55:43 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4228 0
128 B 60ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=CzkjY7SYR7koD7fWlrdOtZ_gCtGqLXb_3JpwBX3grA0w0f2z5Ef9VAdzJpzKtmyLEzIySFGjKfyvCk_iMfrogkpUJTqk9VEuGhZtT2Dg49R5H5pbwMGESmktvQDjXR0BKipvqFxXo-SI-sassqdtcNw-rZuCwmj34closHihH9IQzBTOLKn87z3E5Zav4WE4Om2ksVc1J3__Y4X7V0Lq90I5MGWEqFnoixtO1pvSPCLaUWs-2Wj7qSyxpXiJ69DP4D-u8A&sds=2&rev=81333&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 30 Apr 2022 16:10:32 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4228 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:32 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 25 Apr 2023 16:10:32 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 4228 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:32 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 25 Apr 2023 16:10:32 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 133ms
54ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220427&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68a99cd5a44e026f7633b2fa16209390830b1dfb722d87d3be5d3e0efcdec278

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Apr 2022 16:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10629
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 142ms
61ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Apr 2022 16:10:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CF2A 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://money.frifayer.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 16:08:16 GMT
expires: Sun, 30 Apr 2023 16:08:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 70FC 783 B
1 KB 132ms
49ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f0d561bfd9cc27c7c4e648e095b4449ce8edfb6317184646c917d582c4610522

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1ziDRF+jiqyfy1U+f5ttJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://money.frifayer.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-1ziDRF+jiqyfy1U+f5ttJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 16:10:33 GMT
expires: Sat, 30 Apr 2022 16:10:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js Show response
pagead2.googlesyndication.com/bg/ Frame CF2A 35 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 17:31:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13654
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Apr 2023 17:31:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 70FC 0
0 87ms
87ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220427&jk=2216964143424506&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CF2A 0
9 B 39ms
39ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?YFVNKw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 16:10:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 69D9 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHUCfrt7Ux_H2gUeB1s8-xkIbI0qHzlraEtnRbI8mR1ZJiZpCxFGn9yaxDm_JhxksqOinle_W3PH_RkSXUuxLL&sig=Cg0ArKJSzG8BoQY3W0T8EAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=84,767,1001,1054,1080&tos=84,683,234,53,26&v=20220427&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651335031953&rpt=280&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 16:10:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4228 0
127 B 16ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 30 Apr 2022 16:10:32 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 89ms
88ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220427&jk=2216964143424506&bg=!Q0ClQATNAAZNIUvJbSE7ACkAdvg8WhhTjBiwxv5VpqHXReVXZhGgbeigpQ-JmIltYk5O3Yx7UB6qVAIAAABmUgAAAAhoAQcKAIfSRaNWG8VE1m5TyEbMibmarzHNUzn8bB3CLs-CqtgaZ4L2YYQrSGocAQh9XgbLZWk-uQi5OhSMiI1DN27kODFzZoGvX7v2FcDjYp7GhyIyhfSEnu5U36qE-zMtOacrbyXlqETY66AUYV-yTRFth_j5dA7nAP277yJCiG9q2ZjChVZTaOD22xmZAt0qySmPUhYWRXWHGYvlI9CxzgC-4P_6Wmhg2FXq_uochkXoyGoBIrKlRWSymmFKxK2tG5FNoyNdRA7kQPEF84SoGj6bCtVGBA9SK8BACb5DDaM6BBM-KTzB6wmVzq1YQfdTS60hMR6EN-myYuRRbNTEJ9PV0v5uAfjssNrMVU9k4g9hVky5AoZtEO3-ZfBPVEpfUjS3u78bzdhfVkLV07sRGfLTJlAC8050WHSj7InFynmUToHnsLKiYgrvwMtE2kww1qPJ3LqPIuShcEwzYKYvGWUmRTFjGeQ0hid0tKkv-dBMW-QAEQmlEZMW4eqoPnWT1mW9hQs005-o30IKloB3BfPTCG0jykQgloNnl-KZKRlC37J2M9wmVyXUwesTVN9gCiAJ2FH1lnoJIBzY0pfkMXmLK8RgPSrqPQ-mErPrVr93tengAuDbDvpn8gF1e2yY-ps3noAQNAPIK70CVg_ollcjLJealBMr8A95onfl4qq_WuMuZvzlmIDqxAe9oqHHI4yEPSh8im2cmxtHreYMTzpSdlmPwQ9LnTK5sR0ML0zJT67B2vgqhiRHBow5PUL4mS7hlFg8gqmkk0JCZ-QKxqawt_AxDdnpg1oBe4D08CVStv0jlzusw7WRDmYHS_dWG7v2RB1NAeS1_RYWh0oAXCHomVkaWRcr7oOalURy5XXtn_y74UDicptudca9Iw5f0a-ja_-heRps59RJ0Nmku2ZATpLKfpWhR0n2M0rMDI5azIEgIhO_4kEXC6AuFhTDNl6sPxYbfZlRtwSRHL06tKDDfJjJBCnT5oSzE5JPFOEL8D_VPAY2DGNqC8RNmzmc6w35WvEofWsdDVHCMvET5FgTHt4o4A-hDk-zAPCf2I1B1CyQrQsXq2OhKmNgsdotzUQ3VPVGpjY56WlLBl5ejDCX3jquM2uqbkTiQGVhUtc35du45zFzqPxGlWlXUHBC9PrK5vC2jxsmrSwk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://money.frifayer.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.frifayer.id/	1970-01-20 20:13:27	Name: _ga Value: GA1.2.1493299113.1651335031
.frifayer.id/	1970-01-20 02:43:41	Name: _gid Value: GA1.2.1585947985.1651335031
.frifayer.id/	1970-01-20 04:51:51	Name: _fbp Value: fb.1.1651335031433.1762577591
.frifayer.id/	1970-01-20 02:42:15	Name: _gat_gtag_UA_205955290_7 Value: 1
.frifayer.id/	1970-01-20 02:42:15	Name: _gat_gtag_UA_218062778_6 Value: 1
.frifayer.id/	1970-01-20 12:03:51	Name: __gads Value: ID=680e502fcbe084e0-227d51ed87cd0030:T=1651335031:RT=1651335031:S=ALNI_MZzE7ib0409AsSDvkJ0nHvAVPIO8A
.doubleclick.net/	1970-01-20 12:03:51	Name: IDE Value: AHWqTUmgOHsmFJAWN48rmdBzPatE_Ch86hU09hiYuRZV1-VMKoMAXP87B7JOfl4_CVo

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cat.nl.eu.criteo.com
cdnjs.cloudflare.com
connect.facebook.net
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
l.sharethis.com
maxcdn.bootstrapcdn.com
money.frifayer.id
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
platform-api.sharethis.com
rtb.nl.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.money.frifayer.id
13.32.99.22
142.250.185.194
178.250.0.139
178.250.0.162
178.250.2.148
203.175.9.30
2600:9000:223c:5600:c:abe:f440:93a1
2600:9000:2251:2600:c:a9b7:ddc0:93a1
2606:4700::6811:190e
2606:4700::6812:bcf
2a00:1450:4001:802::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2004
2a00:1450:4001:811::2008
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2002
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::3
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
35.156.233.6
027bebdc66e1b93137d273034437d1e31f409abc678f455a233d50d8e8386a41
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
074aac6835a1ff9484df943f763b1ddec44324450f4723ca7b525535e365d655
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0cf72ecd5c93398efc9866c99c06bbdcbd021f3ac7592728d970be2a587afe88
0f447dbc55fc7e00f9f4cd8bd810f36f5f708deb019c3cb5ce52e5ca36ee9b96
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
187724d0ba4b62560e86a5d1210ce948d313285437f16924aa4e31b34cfea56c
1fc0b70f1ba9252988090e75d503f341ccd8a1d23f828bde91ced5ca6b9928cf
20207fdfcfa63de300c1908f24423bbc3d17d05bd8f9afc948ef034d9f2f3d37
2379a0394a5a0313c8d2fd8142c3ad2c952101919e16a39085e91ac31121126d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0d97b12d62889803f4272294868c6222e9e9f06de58cba85fe0a5d8e8454aa
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
2fe96ef95f0ef87759dd5ee2cee663219fa46363e2fbe34aacf66cb0ff6e575a
31de50b1d8242e065acee91641d84cc24f09f80a3cbc79a418c93f8c66c92514
382d3a68638b09de054318341aa727616aeb62939e3650d332f25cea607967dc
3da03ee621d5aeb1ec24b098b77f9770478b19c1f8ac1c44e273b689f1cd5a9f
3f29e6501d56bb7a37dd1b8a9f0707a06b8c7f78f48cb68599cfea96f2f1f647
42e6e00a9bba91f6d1a6c97aeb425a7bc962397693879e0a66e8ad3508f6b96f
4359e7a13f431d0eb886b11569a6e3646496f7b35893f5100dbbacad18b9a7af
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
4e031f1d5f391dd26b445ee8c15c450386fb136bef95ea1727a25c7c4b68ad4d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
541c81198ced93a02ba26b1ca2782726170ae0b75c206ae070000f8fd601d953
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
6191ced7f31344ef4c947bae4e6b466138b04922cb92f2410f760b74b666aa63
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68a99cd5a44e026f7633b2fa16209390830b1dfb722d87d3be5d3e0efcdec278
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
715d95401a0252ab3f290b8d318f8f6bfd0bf1163f025767fa065200c5e6f883
72fd3ea94036f037c24fd7e3dba265f5897ca3963ac7924089b1010b6daf44a0
7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a9029645ca045423baf70eb0ef119d0640061fbb4813631607dc9b44771bec1
7b1561b99b8fd52fada048d453ed90f8efdcde805d41c5420c23812def24dcfe
7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
820601bb589f733bc79796c667c27c803c424c2bae79ed561ddbcfbc5cc0e5d7
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6
8d51e01bb005f7a1e3ed0397974d22778e8a4f7d2657ece0e65eb0be20ed6770
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98ea99e45ff5cfd752359c2e005a8d62483e9454550e150fa0e1636b6909a16a
9a8d6fec895b72510a781f8c72643450f7cdac47e65136de8c132526e9bccc30
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1c3e3eda469b9527dec74be3979f715197d7b5bea27c036e4d0a3220d109961
a1f76301389d307cd9fad91707c05f55c6f8069db59a5ebb064b744208ef6116
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a64bb319648bcf69e3794ab27530ad29b7ea009668d608b19301818aa7c5db63
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aaab901f4bb829961d86814f9b9c132ded2e3514b5ce5ca480275867666a6fb7
aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e
b63f1d1ecf7ffbcd8030947ec3184aed0b770bbf8627bd2a586524321fa1c342
b91d0579b285654d238ee242496f3cd7eff57b455982f255ad7d68ff08e9ddac
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
bf2407a363c64ac9143d0b0c4c84557c6d2bbd322c9bc47f7880357762b25829
bf460502dccf3558b6f4486cf292930956db6f4fa9d23bf101d626afeb909b35
c4d97c075b1d7d555a824df4cb23066cf5c194c5108e86c7c57a5e661c5b9ab6
c4e1d6dac257b1f10f34c13ef8ec41e9e0cd8133c8e947aef4d756e19213649c
c8e98770f818ed207dfb07d683d2e7a94708f44a38a6dd61ea9b9d3b5e7e2220
cc818d589973034712a010fad5f22d98085332636510fd6709c03e278e70867c
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
da470b3fa9846fcb2282224f927b46de191b750c7457882078ec0bc7966bb83e
de1254db705dfdbaf8729128a1542f529bfb652e18f641b4bc95913291aed189
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69d17966c87ced93f60016674f0e6b10786838cfc6973e34e195649166b225e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d561bfd9cc27c7c4e648e095b4449ce8edfb6317184646c917d582c4610522
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f987b7beba9c09d83e550788b3dc5190d20c705f744fcedb14a541211b5db0ec
fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9
fc2c94460cb68669b9b642beb119e70b23fb99f967cc8b753916eab530156128

money.frifayer.id Open in urlscan Pro 203.175.9.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

95 Requests

100 %HTTPS

74 %IPv6

19 Domains

28 Subdomains

28 IPs

4 Countries

6186 kBTransfer

9635 kBSize

7 Cookies

3 Outgoing links

Page URL History

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

money.frifayer.id Open in urlscan Pro
203.175.9.30 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

100 %
HTTPS

74 %
IPv6

19
Domains

28
Subdomains

28
IPs

4
Countries

6186 kB
Transfer

9635 kB
Size

7
Cookies

95 HTTP transactions
1 data transactions