urlscan.io logo urlscan.io
SecurityTrails logo

www.suarasurabaya.net Open in urlscan Pro
2606:4700:3034::6815:358c  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.suarasurabaya.net/
Submission: On September 01 via manual from ID
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 50 IPs in 8 countries across 46 domains to perform 285 HTTP transactions. The main IP is 2606:4700:3034::6815:358c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.suarasurabaya.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 2nd 2021. Valid for: a year.
This is the only time www.suarasurabaya.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
60 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 142.250.185.226 15169 (GOOGLE)
35 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
23 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
12 43 142.250.181.226 15169 (GOOGLE)
3 7 2.18.234.21 16625 (AKAMAI-AS)
3 5 37.252.172.45 29990 (ASN-APPNEX)
4 142.251.34.195 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 64.233.167.156 15169 (GOOGLE)
10 138.201.84.245 24940 (HETZNER-AS)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 3.123.143.157 16509 (AMAZON-02)
2 5 2606:4700::68... 13335 (CLOUDFLAR...)
2 76.223.111.131 16509 (AMAZON-02)
19 2a00:1450:400... 15169 (GOOGLE)
3 3 69.173.144.139 26667 (RUBICONPR...)
4 4 3.126.56.137 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 3 34.98.64.218 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
1 4 176.9.26.250 24940 (HETZNER-AS)
1 195.201.152.90 24940 (HETZNER-AS)
2 3 185.94.180.125 35220 (SPOTX-AMS)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
3 138.201.63.157 24940 (HETZNER-AS)
4 8 104.111.239.217 16625 (AKAMAI-AS)
4 8 108.128.25.216 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
2 46.236.13.147 24931 (DEDIPOWER)
1 4 144.76.91.199 24940 (HETZNER-AS)
2 2 66.155.71.25 13768 (COGECO-PEER1)
2 2 35.190.0.66 15169 (GOOGLE)
2 2 37.157.4.39 198622 (ADFORM)
3 3 185.64.189.115 62713 (AS-PUBMATIC)
1 1 13.32.121.100 16509 (AMAZON-02)
2 2 213.19.147.44 26120 (RHYTHMONE)
4 2600:9000:224... 16509 (AMAZON-02)
1 2 193.0.160.128 54312 (ROCKETFUEL)
2 2 72.251.244.140 29791 (VOXEL-DOT...)
5 5 3.124.93.74 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.9 16509 (AMAZON-02)
2 2 54.171.74.241 16509 (AMAZON-02)
1 1 2a00:1288:110... 34010 (YAHOO-IRD)
1 2 2001:678:cb4:... 56396 (TURN)
1 1 35.186.193.173 15169 (GOOGLE)
1 34.96.105.8 15169 (GOOGLE)
2 2 35.186.253.211 15169 (GOOGLE)
2 54.77.236.168 16509 (AMAZON-02)
1 216.58.212.162 15169 (GOOGLE)
285 50
60    2606:4700:3034::6815:358c (United States)

ASN13335 (CLOUDFLARENET, US)
www.suarasurabaya.net
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
6    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
35    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
9    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
6    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
23    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
5    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
43    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
7    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
5    37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    142.251.34.195 (United States)

ASN15169 (GOOGLE, US)
PTR: qro02s27-in-f3.1e100.net
csi.gstatic.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    64.233.167.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f156.1e100.net
bid.g.doubleclick.net
10    138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de
hal9000.redintelligence.net
2    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    3.123.143.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-143-157.eu-central-1.compute.amazonaws.com
pm.w55c.net
5    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
19    2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:4001:5e::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r3---sn-4g5e6nss.c.2mdn.net
3    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
4    176.9.26.250 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de
hal900014.redintelligence.net
1    195.201.152.90 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.90.152.201.195.clients.your-server.de
opt.objectiveportal.com
3    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
3    138.201.63.157 (Hockenheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de
hal90007.redintelligence.net
8    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
www.zenaps.com
8    108.128.25.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-25-216.eu-west-1.compute.amazonaws.com
ti.tradetracker.net
1    2600:9000:223f:800:b:a286:7800:93a1 (United States)

ASN16509 (AMAZON-02, US)
htlp.large.nl
2    46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
4    144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de
hal900018.redintelligence.net
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    13.32.121.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-100.fra60.r.cloudfront.net
s.ad.smaato.net
2    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
4    2600:9000:2240:5800:1a:7c92:efc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.tradetracker.net
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
a.rfihub.com
2    72.251.244.140 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
PTR: tracking-failover-01.ams2.m6r.eu
tracking.m6r.eu
5    3.124.93.74 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-93-74.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    18.66.97.9 (United States)

ASN16509 (AMAZON-02, US)
analytics.webgains.io
2    54.171.74.241 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-74-241.eu-west-1.compute.amazonaws.com
r.scoota.co
1    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
r.turn.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    54.77.236.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-236-168.eu-west-1.compute.amazonaws.com
api.webgains.io
1    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
65 googlesyndication.com
pagead2.googlesyndication.com
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
617 KB
61 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
bid.g.doubleclick.net
googleads4.g.doubleclick.net
293 KB
60 suarasurabaya.net
www.suarasurabaya.net
2 MB
22 2mdn.net
s0.2mdn.net
gcdn.2mdn.net
r3---sn-4g5e6nss.c.2mdn.net
266 KB
21 redintelligence.net
hal9000.redintelligence.net
hal900014.redintelligence.net
hal90007.redintelligence.net
hal900018.redintelligence.net
125 KB
12 tradetracker.net
ti.tradetracker.net
static.tradetracker.net
34 KB
7 casalemedia.com
dsum-sec.casalemedia.com
6 KB
7 google.com
adservice.google.com
www.google.com
1 KB
6 yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
pr-bh.ybp.yahoo.com
5 KB
6 gstatic.com
csi.gstatic.com
fonts.gstatic.com
31 KB
6 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
129 KB
5 bidswitch.net
x.bidswitch.net
3 KB
5 openx.net
us-u.openx.net
rtb.openx.net
1 KB
5 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
3 KB
5 adnxs.com
ib.adnxs.com
5 KB
5 googletagservices.com
www.googletagservices.com
175 KB
4 zenaps.com
www.zenaps.com
3 KB
4 awin1.com
www.awin1.com
3 KB
3 webgains.io
analytics.webgains.io
api.webgains.io
61 KB
3 pubmatic.com
image6.pubmatic.com
1 KB
3 spotxchange.com
sync.search.spotxchange.com
2 KB
3 rubiconproject.com
pixel.rubiconproject.com
1 KB
2 turn.com
ad.turn.com
r.turn.com
857 B
2 scoota.co
r.scoota.co
1 KB
2 m6r.eu
tracking.m6r.eu
1 KB
2 rfihub.com
p.rfihub.com
a.rfihub.com
2 KB
2 adform.net
c1.adform.net
1 KB
2 travelaudience.com
ads.travelaudience.com
721 B
2 sitescout.com
pixel-sync.sitescout.com
977 B
2 webgains.com
track.webgains.com
5 KB
2 teads.tv
sync.teads.tv
344 B
2 adsrvr.org
match.adsrvr.org
529 B
2 w55c.net
pm.w55c.net
2 KB
2 dotomi.com
dclk-match.dotomi.com
207 B
2 google-analytics.com
ssl.google-analytics.com
17 KB
1 blismedia.com
tr.blismedia.com
136 B
1 ctnsnet.com
gcm.ctnsnet.com
625 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
582 B
1 1rx.io
sync.1rx.io
697 B
1 smaato.net
s.ad.smaato.net
428 B
1 large.nl
htlp.large.nl
3 KB
1 objectiveportal.com
opt.objectiveportal.com
528 B
1 google.nl
adservice.google.nl
853 B
1 google.de
adservice.google.de
853 B
1 googleadservices.com
partner.googleadservices.com
662 B
0 netmng.com Failed
google2waycm.netmng.com Failed
285 46
Domain Requested by
60 www.suarasurabaya.net www.suarasurabaya.net
41 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
www.suarasurabaya.net
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
35 pagead2.googlesyndication.com www.suarasurabaya.net
pagead2.googlesyndication.com
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
s0.2mdn.net
23 tpc.googlesyndication.com de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
s0.2mdn.net
pagead2.googlesyndication.com
19 s0.2mdn.net de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
www.suarasurabaya.net
s0.2mdn.net
10 hal9000.redintelligence.net de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
hal900014.redintelligence.net
hal90007.redintelligence.net
hal900018.redintelligence.net
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
www.suarasurabaya.net
8 ti.tradetracker.net 4 redirects www.suarasurabaya.net
hal900014.redintelligence.net
hal900018.redintelligence.net
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
6 de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 securepubads.g.doubleclick.net www.suarasurabaya.net
securepubads.g.doubleclick.net
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
5 x.bidswitch.net 5 redirects
5 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
5 www.google.com de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 www.googletagservices.com pagead2.googlesyndication.com
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
4 static.tradetracker.net de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
hal900014.redintelligence.net
hal900018.redintelligence.net
4 hal900018.redintelligence.net 1 redirects de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
hal900018.redintelligence.net
4 www.zenaps.com hal900014.redintelligence.net
hal90007.redintelligence.net
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
hal900018.redintelligence.net
4 www.awin1.com 4 redirects
4 hal900014.redintelligence.net 1 redirects de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
hal900014.redintelligence.net
4 ups.analytics.yahoo.com 4 redirects
4 csi.gstatic.com imasdk.googleapis.com
4 fonts.googleapis.com de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
hal900014.redintelligence.net
hal90007.redintelligence.net
hal900018.redintelligence.net
3 image6.pubmatic.com 3 redirects
3 hal90007.redintelligence.net hal9000.redintelligence.net
hal90007.redintelligence.net
3 sync.search.spotxchange.com 2 redirects googleads.g.doubleclick.net
3 us-u.openx.net 2 redirects googleads.g.doubleclick.net
3 pixel.rubiconproject.com 3 redirects
3 a.tribalfusion.com 2 redirects de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
2 api.webgains.io analytics.webgains.io
2 rtb.openx.net 2 redirects
2 r.scoota.co 2 redirects
2 tracking.m6r.eu 2 redirects
2 c1.adform.net 2 redirects
2 ads.travelaudience.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 track.webgains.com www.suarasurabaya.net
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
2 googleads4.g.doubleclick.net www.suarasurabaya.net
2 sync.teads.tv googleads.g.doubleclick.net
2 r3---sn-4g5e6nss.c.2mdn.net www.suarasurabaya.net
2 match.adsrvr.org de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
2 s.tribalfusion.com www.suarasurabaya.net
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
2 pm.w55c.net 2 redirects
2 dclk-match.dotomi.com de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 imasdk.googleapis.com de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 ssl.google-analytics.com 1 redirects www.suarasurabaya.net
1 ade.googlesyndication.com
1 tr.blismedia.com de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
1 gcm.ctnsnet.com 1 redirects
1 r.turn.com de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 analytics.webgains.io track.webgains.com
1 a.rfihub.com de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
1 p.rfihub.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.1rx.io 1 redirects
1 s.ad.smaato.net 1 redirects
1 htlp.large.nl hal90007.redintelligence.net
1 ads.yahoo.com googleads.g.doubleclick.net
1 opt.objectiveportal.com de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 adservice.google.nl securepubads.g.doubleclick.net
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net www.suarasurabaya.net
0 google2waycm.netmng.com Failed de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
285 70
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-02 -
2022-07-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-16 -
2021-11-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
redintelligence.net
R3		 2021-08-20 -
2021-11-18		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-08-17 -
2021-10-26		 2 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
my.objectiveplatform.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-23 -
2022-08-23		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-16 -
2021-10-06		 2 months crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
*.tradetracker.net
Amazon		 2020-12-20 -
2022-01-18		 a year crt.sh
htlp.large.nl
Amazon		 2021-03-03 -
2022-04-01		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2022-06-18		 2 years crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-31 -
2022-03-31		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2021-08-26 -
2021-11-24		 3 months crt.sh

This page contains 34 frames:

Primary Page: https://www.suarasurabaya.net/
Frame ID: A98AE2D9C0516157E8A34368B3DDE27B
Requests: 81 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210830/r20190131/zrt_lookup.html
Frame ID: 271822DC2CCCD7B347182B10F3A3301C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1876807398903530&output=html&adk=1812271804&adf=3025194257&lmt=1630484101&plat=2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.suarasurabaya.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630484101255&bpp=4&bdt=110&idt=105&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6755872357681&frm=20&pv=2&ga_vid=538317931.1630484101&ga_sid=1630484101&ga_hid=1635986981&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062314%2C44749371%2C31062297&oid=3&pvsid=3880600926224204&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=123
Frame ID: FFD5AB7907D965EEEC4065EE6E545063
Requests: 1 HTTP requests in this frame

Frame: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5E3113713FDE3CE77D0155C07DE4FDB0
Requests: 1 HTTP requests in this frame

Frame: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5D2074687ACD1A2C476FE4B570208FC4
Requests: 20 HTTP requests in this frame

Frame: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3EB5A7FF2F534C4436B7ED0F2BC33887
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1Z21PTAB&v=APEucNXYQauMow2IvKBL5AUS7nHOiHn7onRWwNJgiJXRMFb-fosmMFkvWICvVb1lQRq7AkP8uXm7UZZgSQpwP7rhpkYiyhpXcH1XeI50lRg3D78fR0aWK16Awg9PgDC6_aLPV3H1nE2j0DC8XszmBq0RgAqJ2ZS_SzSonXWHAqZPLpWc6ZtQYX0
Frame ID: B409405F3D96F82B0FDC5891262D75EC
Requests: 5 HTTP requests in this frame

Frame: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CDACF7EA64D87A940F2AB0C88CA89A86
Requests: 17 HTTP requests in this frame

Frame: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E4C6AE79F42B7AFEDC71E1615EB85365
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3F3AF5AAF4FE93E830EF090EEB59CF2B
Requests: 9 HTTP requests in this frame

Frame: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DA931D669DC59FBE588B1E7F840C200E
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-hNBDg0zcYn_SknQEwAQ&v=APEucNWCrojH3ldRpPSKzzO7crHhWZq9i-QX_zvKUqx8CyzteBeGo2ADSgopYh7niHvsnEa9Tg1s4Qaf3HDRhuFFJElBWcTO31lRYILOQcUDExheuSjxQf9eBNPLuzpJWcU7VKovUlcxFc1KfhvKZxJ80c0CMIK2gI4dJ00JGeunNQAJGh6w_Mk
Frame ID: 81CA2318BD9831B6DDB30EF1B97B36AE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYhdbZlQEwAQ&v=APEucNWzJMqpC58rDsRtPLvEtNdeNGY04kOFxaoTJmoAe6HqwJFeRo09CsKN8ZpuMszKFb-9MjF9WnDjhxywOnEoCY2pPVNugnw29mjhp2Vytc11Qx2RRZvaMdYu3Asq1ZTdAT1003xDs_Z8T3VIFp03u_Wl3M690XUwo_xqLKHfYs3wNBKS4eI
Frame ID: 5479454A1CE4B44FD5311A4958BE44C4
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 057ECF5B237172E77629D2A888CE4CE1
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1Z21PTAB&v=APEucNWfFUKTJGSWth97065uQDVLIgJxO6HZM2H9pteLxQQc6bSDqVXayvXRnpj9MxAIdzJWp58u4oXaaUCPFHhMvY6M6KWdfud-sn-kFBiltqt5lb80tNQDztfppHFgPqmjmN3RETOrLMC74jY-YVWZixC9lapp_LuU94jCpEISMbC8SXrKH7s
Frame ID: 65C31E484FA1C74CEE8F969251B3A315
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 6728ECABABF72E9487A33FBF51DE04D0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 72388BC7F4114ABEF0CA5574E0767286
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=bILBucNUMn&t=1&renderingType=2
Frame ID: 5E0D7C9954A1BAFF115ED334D281976E
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FB5395E86A9397EDFDC88A4E35041013
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5958E30AFD93434F54C9C1B7A5A5304D
Requests: 3 HTTP requests in this frame

Frame: https://www.zenaps.com/cshow.php?pvr=b5b13a50-0afc-11ec-bfe3-692d0dec5663&v=8508&r=235229&q=413151&s=2882174&viewref=93811400051604900719590011704014&pv=1
Frame ID: 7160BBC519ECB53062DD39A55D9199B2
Requests: 1 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=93811400051604900719590011704014&a=ab56e73f
Frame ID: E5C52AF31989EA19884E163D48818F5F
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 50F67E30497B49EA50BA8EEA345C6D33
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 96D6CD01B3A6E5AA7F525D1FD8D620AD
Requests: 3 HTTP requests in this frame

Frame: https://www.zenaps.com/cshow.php?pvr=b5dd2c50-0afc-11ec-bfe3-692d0dec5663&v=9247&r=235229&q=407742&s=2824569&viewref=84891000051578800719590011704007&pv=1
Frame ID: B7E986ED78ABE7F171A0D707BF6E81DA
Requests: 1 HTTP requests in this frame

Frame: https://htlp.large.nl/
Frame ID: 4B8E3F04C3F99F5F1DE1DF7D66BB0FF3
Requests: 1 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=84891000051578800719590011704007&a=074726b9
Frame ID: 1992EC050045EFFA276233D799669D35
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B8D5EB6114682CBF40121AA8775C2950
Requests: 9 HTTP requests in this frame

Frame: https://www.zenaps.com/cshow.php?pvr=b66c25e0-0afc-11ec-9723-692d00a25ac2&v=8508&r=235229&q=413151&s=2882174&viewref=82942300047741800719590011704018&pv=1
Frame ID: BE36E4AFE74C3C4A9BD23EEC75E154B2
Requests: 1 HTTP requests in this frame

Frame: https://hal900018.redintelligence.net/request_content.php?s=82942300047741800719590011704018&a=17f6cadf
Frame ID: 854F2CE03ECFC057BC775703FAA95714
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 45F7D1022E7C0F52441027A36BD25855
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
Frame ID: 0992C1AE0800FFAABDBC928F5ACC54E0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: BF0379C2C50B60794E0543D477B9201C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 04E9D64C2C8B8D61A0FD2DD28B4D2A63
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Suara Surabaya – suarasurabaya.net

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

285
Requests

99 %
HTTPS

42 %
IPv6

46
Domains

70
Subdomains

50
IPs

8
Countries

3510 kB
Transfer

5814 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1246333267&utmhn=www.suarasurabaya.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Suara%20Surabaya%20%E2%80%93%20suarasurabaya.net&utmhid=1635986981&utmr=-&utmp=%2F&utmht=1630484101169&utmac=UA-6744551-1&utmcc=__utma%3D137142706.538317931.1630484101.1630484101.1630484101.1%3B%2B__utmz%3D137142706.1630484101.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=36258203&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6744551-1&cid=538317931.1630484101&jid=36258203&_v=5.7.2&z=1246333267
Request Chain 58
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGT_vHq9YLjQbZR0OFHNQI8&google_cver=1
Request Chain 59
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YS82hseYsp-kANP0R9S4YgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOCLbC0XQDUQUbbTsHWBjd0&google_cver=1
Request Chain 60
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPmtbQbcSVK5G7VC7DWErDg&google_cver=1
Request Chain 61
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyNzkwNzUxOTE0NjQyMjQyOQ%3D%3D
Request Chain 95
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKMCIyyIy755EmaQg1AyMOc&google_cver=1&google_push=AYg5qPLVcVTvHRe8mU6ZcMPG4LECz4MqsbIzX5bM-ZTuudBTYRhJaOn6qVnemAZG7qaJc8LI0qDIAZ5dPcxOaxa7kvKcLVFaHWkO HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKMCIyyIy755EmaQg1AyMOc&google_cver=1&google_push=AYg5qPLVcVTvHRe8mU6ZcMPG4LECz4MqsbIzX5bM-ZTuudBTYRhJaOn6qVnemAZG7qaJc8LI0qDIAZ5dPcxOaxa7kvKcLVFaHWkO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OGpscVh5YzQxTWxsb0c1&google_gid=CAESEKMCIyyIy755EmaQg1AyMOc&google_cver=1&google_push=AYg5qPLVcVTvHRe8mU6ZcMPG4LECz4MqsbIzX5bM-ZTuudBTYRhJaOn6qVnemAZG7qaJc8LI0qDIAZ5dPcxOaxa7kvKcLVFaHWkO
Request Chain 96
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESECf74Q4mtHCJVYb2QzQTX38&google_cver=1&google_push=AYg5qPIM671SOICJlfyh52dq5koZnApbfEd10eXAkocLdxgRFPkWnjEzuOjck2VTIRLbRzzaKhFRqilZZ6qb1L9d6l2V4PGd-QcG&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIM671SOICJlfyh52dq5koZnApbfEd10eXAkocLdxgRFPkWnjEzuOjck2VTIRLbRzzaKhFRqilZZ6qb1L9d6l2V4PGd-QcG%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECf74Q4mtHCJVYb2QzQTX38&google_cver=1&google_push=AYg5qPIM671SOICJlfyh52dq5koZnApbfEd10eXAkocLdxgRFPkWnjEzuOjck2VTIRLbRzzaKhFRqilZZ6qb1L9d6l2V4PGd-QcG&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIM671SOICJlfyh52dq5koZnApbfEd10eXAkocLdxgRFPkWnjEzuOjck2VTIRLbRzzaKhFRqilZZ6qb1L9d6l2V4PGd-QcG%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 99
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMqoZ42JwnJb6THwnMzVkxY&google_cver=1&google_push=AYg5qPK1q_7TRMxESM3WPYobhHvswEbswTTHcroX7dr54gPAJMK0H6Uqnxl9et7AnEtLlpBP2IxtdHwInW2X-iuMaNDlgw85c_oY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxODRYRVEtUC1DUk5W&google_push=AYg5qPK1q_7TRMxESM3WPYobhHvswEbswTTHcroX7dr54gPAJMK0H6Uqnxl9et7AnEtLlpBP2IxtdHwInW2X-iuMaNDlgw85c_oY
Request Chain 100
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMofy6TOawF51kMFPm2Fi0g&google_cver=1&google_push=AYg5qPLTpo-U9kly5QxZdyCkhupXANnYvz1QZjmHjpf__k4qvLh__czGfy7ymAXPHbsKSY4zWjxL1T70C9nPZS0pS9WX2T9mfiXB HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMofy6TOawF51kMFPm2Fi0g&google_cver=1&google_push=AYg5qPLTpo-U9kly5QxZdyCkhupXANnYvz1QZjmHjpf__k4qvLh__czGfy7ymAXPHbsKSY4zWjxL1T70C9nPZS0pS9WX2T9mfiXB&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1YVC42Z0l0RTJ1R09RTU15azc5ZXFGNTkwUzhjLl9Rcn5B&google_push=AYg5qPLTpo-U9kly5QxZdyCkhupXANnYvz1QZjmHjpf__k4qvLh__czGfy7ymAXPHbsKSY4zWjxL1T70C9nPZS0pS9WX2T9mfiXB
Request Chain 103
  • https://gcdn.2mdn.net/videoplayback/id/e1977ab951bd825d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765940201/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/2A5A16EEB4094322B4A44D17CF8179B4AEBA3B34.468641EE7E3D1BBA4C66B4FEF18ED68F3F200FB8/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-4g5e6nss.c.2mdn.net/videoplayback/id/e1977ab951bd825d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765940201/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5C11A5915CAC7AB933B1373BE0886429998F2B20.1C9ADB9E6F486BAA8058E18E0073C17E122B4FAD/key/cms1/cms_redirect/yes/mh/Ov/mip/2a01:4f8:121:131a::2/mm/42/mn/sn-4g5e6nss/ms/onc/mt/1630483027/mv/u/mvi/3/pl/52/file/file.mp4
Request Chain 116
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOCLbC0XQDUQUbbTsHWBjd0&google_cver=1
Request Chain 117
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YS82hseYsp-kANP0R9S4YgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOCLbC0XQDUQUbbTsHWBjd0&google_cver=1
Request Chain 118
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJgBPrYaajVHWXnJbxYu_mo&google_cver=1
Request Chain 119
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyNzkwNzUxOTE0NjQyMjQyOQ%3D%3D
Request Chain 121
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKsjXIBLXH-GfFt6F-KSVwk&google_cver=1
Request Chain 122
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWM1NWRkZTEtY2UxMi0yZTI4LWYwZjktMGE0MTYxMjQzNWU3
Request Chain 123
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEOCI9EpZlncjQtiRlzy1M-I&google_cver=1
Request Chain 126
  • https://hal900014.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=1c02290ea9&subid=&uid=bb613eb8c8606447&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCa0IBhTYvYcbRIqjR7_UPzvOaiAPisNzwX56J1vuJC_AuEAEg9Ov2K2CRhICA_BfIAQmpAjlSz2UbzLM-qAMBqgTYAU_QL_GwRcqK1bW33DcwbP9DRZa-lwf1EJfD1Ns9tz_ES_SGYl4Ne_GSE7xI7Dn4m8o7VgeOWbyoPrBcVkYIvJD7V_LBQMyZcE2jpQetmIybU5aX3Qt4Jq5lgEf0o6QHR6ZIexJI96xjxeXkX6QxewxvJEGyNNxnpELS50SWIdOjomNHO_KmUR4dRGNWbW0Q8q1IHhzOx138h7nkJZeP9rGgk2AYQ-6gqESzOy7krIW-6E-wapOIBKXM4rUqHYPeV5vgPzTgcgYopl-GOwC7G9hHXHtSIYnjcsAE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE7XWuQzQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRo0Nz4afzYy2R0kOJdJtGJTQ%26sig%3DAOD64_0oa9KkbfhOk818PHkTcvvF49SV0w%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-AERrIVMyOy-vcRN8HN_N7cCpGBCFpxJhSR3Vlkl4yuR-mo_5ePZ1BGzGg02veTYkP8gp5dYLgo680Ry2iXHaVu-vlhlBkI9OAaz_kKQpSUFwqAakk4EQ55rfR9kA9IW03YvGwtfETK-owPTm_3u86TGYqa_Q%26cry%3D1%26dbm_d%3DAKAmf-Aw-EptmaOE7mKYRoVJcOaKNesLeKoJFgK2hFcEaGRiPIgMVaeG-Qb0keX_yMgYQaP3p6RbGtEB_o0O-glb6cTKRjVjSzkTJ89w1O33y4dlOoykXZ5eUnIUWsoLj5AVc1uQhM6bIa7GgJWWe2B3g9AkHLlzD3Fmd3aSzTfBXSDR2RtCyQqUDyo0O4ZvN5LSCVhqmq8sd1ckfBRVzUi-ECC7mT0dCx645Far739snSnf4vWjYjVVXnnYdq_I8qlItC4kyOT21wko_MXcn0qwBOSuG_AztPEETLQMY_4uRUl2AGyqTZ4niDy0DH35eJtAdRpf43YJYs6b4XNYYbQNhQktShgZ0iYoT_kivDSRo_xAyAYJVzpQuE3idpu_7xPg_E511Um0bsYFda0wfs25fzO85_syEhJB5GiH036j2msxoG1PN5l87dMPx5wSjnQ--kiEkZKz%26adurl%3D&documentReferer=https%3A%2F%2Fwww.suarasurabaya.net%2F&ancestorOrigins=https%3A%2F%2Fwww.suarasurabaya.net&random=54030650472&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900014.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=1c02290ea9&subid=&uid=bb613eb8c8606447&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCa0IBhTYvYcbRIqjR7_UPzvOaiAPisNzwX56J1vuJC_AuEAEg9Ov2K2CRhICA_BfIAQmpAjlSz2UbzLM-qAMBqgTYAU_QL_GwRcqK1bW33DcwbP9DRZa-lwf1EJfD1Ns9tz_ES_SGYl4Ne_GSE7xI7Dn4m8o7VgeOWbyoPrBcVkYIvJD7V_LBQMyZcE2jpQetmIybU5aX3Qt4Jq5lgEf0o6QHR6ZIexJI96xjxeXkX6QxewxvJEGyNNxnpELS50SWIdOjomNHO_KmUR4dRGNWbW0Q8q1IHhzOx138h7nkJZeP9rGgk2AYQ-6gqESzOy7krIW-6E-wapOIBKXM4rUqHYPeV5vgPzTgcgYopl-GOwC7G9hHXHtSIYnjcsAE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE7XWuQzQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRo0Nz4afzYy2R0kOJdJtGJTQ%26sig%3DAOD64_0oa9KkbfhOk818PHkTcvvF49SV0w%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-AERrIVMyOy-vcRN8HN_N7cCpGBCFpxJhSR3Vlkl4yuR-mo_5ePZ1BGzGg02veTYkP8gp5dYLgo680Ry2iXHaVu-vlhlBkI9OAaz_kKQpSUFwqAakk4EQ55rfR9kA9IW03YvGwtfETK-owPTm_3u86TGYqa_Q%26cry%3D1%26dbm_d%3DAKAmf-Aw-EptmaOE7mKYRoVJcOaKNesLeKoJFgK2hFcEaGRiPIgMVaeG-Qb0keX_yMgYQaP3p6RbGtEB_o0O-glb6cTKRjVjSzkTJ89w1O33y4dlOoykXZ5eUnIUWsoLj5AVc1uQhM6bIa7GgJWWe2B3g9AkHLlzD3Fmd3aSzTfBXSDR2RtCyQqUDyo0O4ZvN5LSCVhqmq8sd1ckfBRVzUi-ECC7mT0dCx645Far739snSnf4vWjYjVVXnnYdq_I8qlItC4kyOT21wko_MXcn0qwBOSuG_AztPEETLQMY_4uRUl2AGyqTZ4niDy0DH35eJtAdRpf43YJYs6b4XNYYbQNhQktShgZ0iYoT_kivDSRo_xAyAYJVzpQuE3idpu_7xPg_E511Um0bsYFda0wfs25fzO85_syEhJB5GiH036j2msxoG1PN5l87dMPx5wSjnQ--kiEkZKz%26adurl%3D&documentReferer=https%3A%2F%2Fwww.suarasurabaya.net%2F&ancestorOrigins=https%3A%2F%2Fwww.suarasurabaya.net&random=54030650472&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 137
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOTEFbW8rJfNwZx6-2SlRS0&google_cver=1
Request Chain 138
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=b5709b37-0afc-11ec-8826-11372f1a0306 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YjU3MDlhZDYtMGFmYy0xMWVjLTg4MjYtMTEzNzJmMWEwMzA2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YjU3MDlhZDYtMGFmYy0xMWVjLTg4MjYtMTEzNzJmMWEwMzA2&google_tc=
Request Chain 178
  • https://www.awin1.com/cshow.php?s=2882174&v=8508&q=413151&r=235229&pref1=93811400051604900719590011704014&pv=1 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=b5b13a50-0afc-11ec-bfe3-692d0dec5663&v=8508&r=235229&q=413151&s=2882174&viewref=93811400051604900719590011704014&pv=1
Request Chain 195
  • https://www.awin1.com/cshow.php?s=2824569&v=9247&q=407742&r=235229&pref1=84891000051578800719590011704007&pv=1 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=b5dd2c50-0afc-11ec-bfe3-692d0dec5663&v=9247&r=235229&q=407742&s=2824569&viewref=84891000051578800719590011704007&pv=1
Request Chain 199
  • https://www.awin1.com/cshow.php?s=2898042&v=8361&q=383360&r=235229&pref1=84891000051578800719590011704007&pv=1 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=b5ec95a0-0afc-11ec-a5ea-692d04ef6a29&v=8361&r=235229&q=383360&s=2898042&viewref=84891000051578800719590011704007&pv=1
Request Chain 202
  • https://hal900018.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=7b3818b768&subid=&uid=0a87c20b07faca32&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCj6TqhTYvYbSCJJrF7_UPjayOgAbisNzwX56J1vuJC_AuEAEg9Ov2K2CRhICA_BfIAQmpAjlSz2UbzLM-qAMBqgTYAU_QFXxCVMimOvqHe9nrVYcjhgaUtF4dtUdHWeFuNfHklrr_Up73hBsuYpQ8SINhNGOFG1-YgziYe6hnh5L7-hLp3B-jkU6ngJjSD3W-KcmOuTohPbj1WmLDadcZTI5X9-MkUmxDoFsHN7W9U0gx_YnRoXRzJYB8umpCOIpdhLsKTu4w6EXRR8EpJf35kMnu1Ll34qS1hnOcSzPxiloaQIca9-DWusb8Tq5cedyCd_Ut48GerL-bYc89vbMo2rEJ7m-qOWNqHB5y4ESaVlYeH3hAajT8eVRSOsAE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE7XWuQzQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo-rUev7yOOt93k1ZD4KnbERc4dQ%26sig%3DAOD64_0j7cTRIxJbVO0doF68HEsLQIXr7w%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-BITPoeUGtDPTNDqaygYwRQ1chOrlWh6ptTYGavVXwpy73jaL4H4RlV3SKd6xruOmECs4kHUOtzyLcUP5dhK0r40NmX-54Qo1N3qFN-r1zSY3qI7V_9AS2cRjQDkdHFES7jUwt7jXU4fG4VueF1ve3NRageQg%26cry%3D1%26dbm_d%3DAKAmf-CfD7Bonteuy6jIz_EyZYJ-SlnR9a7sdCPgm59BiSLAknnTk6lZCI98OE6MO0BfB3tMsj0zaziaf10kdJ9SbqYXGG5YrVgIpL9nwASrGbJvrxYTVPWfpaa9MMy_p7LL2Lkt82TKMZVUoygOq3dnxMGwXlK7znieRpqTs7EucLU18iC7l6ncmPrWD8JdKqC_TZ3VvM47hLck0oKPp11-s6bb7yKT2ZM2oZf_4OsgZJFyU6cGix6PMqRUoXlkjBD850-BGZA_PYcIiPp9olFYf9mGXjOMPtFEIM4yj-q6vEqgvaJVZBBQMRBEL9Zjm5l6TrLupPxjQ529gnNV7oFea8huafoCkDFx5WoP5az1hyFwffmHYnrqfXHt52srRbASc4XYidN_fpeiarJjbtrFTHYoT0FqfAcCEjOxoVlyJ5WeWOk_ggl-F9LXxCBFtTAqu8s0SG0i%26adurl%3D&documentReferer=https%3A%2F%2Fwww.suarasurabaya.net%2F&ancestorOrigins=https%3A%2F%2Fwww.suarasurabaya.net&random=317385306518&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900018.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=7b3818b768&subid=&uid=0a87c20b07faca32&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCj6TqhTYvYbSCJJrF7_UPjayOgAbisNzwX56J1vuJC_AuEAEg9Ov2K2CRhICA_BfIAQmpAjlSz2UbzLM-qAMBqgTYAU_QFXxCVMimOvqHe9nrVYcjhgaUtF4dtUdHWeFuNfHklrr_Up73hBsuYpQ8SINhNGOFG1-YgziYe6hnh5L7-hLp3B-jkU6ngJjSD3W-KcmOuTohPbj1WmLDadcZTI5X9-MkUmxDoFsHN7W9U0gx_YnRoXRzJYB8umpCOIpdhLsKTu4w6EXRR8EpJf35kMnu1Ll34qS1hnOcSzPxiloaQIca9-DWusb8Tq5cedyCd_Ut48GerL-bYc89vbMo2rEJ7m-qOWNqHB5y4ESaVlYeH3hAajT8eVRSOsAE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE7XWuQzQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo-rUev7yOOt93k1ZD4KnbERc4dQ%26sig%3DAOD64_0j7cTRIxJbVO0doF68HEsLQIXr7w%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-BITPoeUGtDPTNDqaygYwRQ1chOrlWh6ptTYGavVXwpy73jaL4H4RlV3SKd6xruOmECs4kHUOtzyLcUP5dhK0r40NmX-54Qo1N3qFN-r1zSY3qI7V_9AS2cRjQDkdHFES7jUwt7jXU4fG4VueF1ve3NRageQg%26cry%3D1%26dbm_d%3DAKAmf-CfD7Bonteuy6jIz_EyZYJ-SlnR9a7sdCPgm59BiSLAknnTk6lZCI98OE6MO0BfB3tMsj0zaziaf10kdJ9SbqYXGG5YrVgIpL9nwASrGbJvrxYTVPWfpaa9MMy_p7LL2Lkt82TKMZVUoygOq3dnxMGwXlK7znieRpqTs7EucLU18iC7l6ncmPrWD8JdKqC_TZ3VvM47hLck0oKPp11-s6bb7yKT2ZM2oZf_4OsgZJFyU6cGix6PMqRUoXlkjBD850-BGZA_PYcIiPp9olFYf9mGXjOMPtFEIM4yj-q6vEqgvaJVZBBQMRBEL9Zjm5l6TrLupPxjQ529gnNV7oFea8huafoCkDFx5WoP5az1hyFwffmHYnrqfXHt52srRbASc4XYidN_fpeiarJjbtrFTHYoT0FqfAcCEjOxoVlyJ5WeWOk_ggl-F9LXxCBFtTAqu8s0SG0i%26adurl%3D&documentReferer=https%3A%2F%2Fwww.suarasurabaya.net%2F&ancestorOrigins=https%3A%2F%2Fwww.suarasurabaya.net&random=317385306518&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 204
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEIksSeMRb71OaQ8trHVGC2Q&google_cver=1&google_push=AYg5qPKcDcIiwb9Y3HA2_lju2ZwQIwVl8IoH5_GBJ-wqhyjZfwCoeQw8zw03tWfr19WCl-FecjOT-o2ZcWjJK0mG3uKQ-RsBmrQ HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEIksSeMRb71OaQ8trHVGC2Q&google_cver=1&google_push=AYg5qPKcDcIiwb9Y3HA2_lju2ZwQIwVl8IoH5_GBJ-wqhyjZfwCoeQw8zw03tWfr19WCl-FecjOT-o2ZcWjJK0mG3uKQ-RsBmrQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=ETmPzUYxQXSRpnda4HydzGEvNog
Request Chain 205
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEKpVi-a8bIs1xwl-_dW-tNQ&google_cver=1&google_push=AYg5qPIU757CbNtIDi3iceaE-4gGEaEljV23GLt6BMZ3qgJjiopl2VkSZgbLOBjeiAR8vlIaKWKYH1gV6n1JUStReHh2nYaS8NqD HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OlfoORF5RQyGYE5vwGJ3FQ2&google_push=AYg5qPIU757CbNtIDi3iceaE-4gGEaEljV23GLt6BMZ3qgJjiopl2VkSZgbLOBjeiAR8vlIaKWKYH1gV6n1JUStReHh2nYaS8NqD
Request Chain 206
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPYMY2yR1uz9ykUjuyaBCJY&google_cver=1&google_push=AYg5qPL1SviqI3UFfbibDF9pcxD8f1zYJgHmqVmv6H6xIYzL0bWBlsS3ISwmchJVniRm1Q0vpt7xqDGkenzt659BlGQZKRTkN1hw HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPYMY2yR1uz9ykUjuyaBCJY&google_cver=1&google_push=AYg5qPL1SviqI3UFfbibDF9pcxD8f1zYJgHmqVmv6H6xIYzL0bWBlsS3ISwmchJVniRm1Q0vpt7xqDGkenzt659BlGQZKRTkN1hw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc0MzUyNDcyNDk4MjA5NTk2&google_push=AYg5qPL1SviqI3UFfbibDF9pcxD8f1zYJgHmqVmv6H6xIYzL0bWBlsS3ISwmchJVniRm1Q0vpt7xqDGkenzt659BlGQZKRTkN1hw
Request Chain 207
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIx9FEtd8oyWEtqt-Q-MsJY&google_cver=1&google_push=AYg5qPIv5gKhnTiDMuLai-AvpTTkMrtXbIG-WjKqWBifC7_eEEwyN3_LlfY2wFHyunJYZtdzfcq2uq5IAO7AwmpPTb8CJPjh8m3f HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIx9FEtd8oyWEtqt-Q-MsJY&google_cver=1&google_push=AYg5qPIv5gKhnTiDMuLai-AvpTTkMrtXbIG-WjKqWBifC7_eEEwyN3_LlfY2wFHyunJYZtdzfcq2uq5IAO7AwmpPTb8CJPjh8m3f&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7MOhdbefRZi-LIZbnsglDw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIv5gKhnTiDMuLai-AvpTTkMrtXbIG-WjKqWBifC7_eEEwyN3_LlfY2wFHyunJYZtdzfcq2uq5IAO7AwmpPTb8CJPjh8m3f
Request Chain 208
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESED-4fVyRKXj8vKyvJdfs5s0&google_cver=1&google_push=AYg5qPIFg8jebvYG5J8NHJgI-8d-leYKtX2lqjpP1TN7-uVrHty8uP0XdcqN7JdsOkiB0yPw2N5BYD43lUcJd1nCuTc_TEeLV5_1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIFg8jebvYG5J8NHJgI-8d-leYKtX2lqjpP1TN7-uVrHty8uP0XdcqN7JdsOkiB0yPw2N5BYD43lUcJd1nCuTc_TEeLV5_1
Request Chain 209
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK--Q5PlsZlfeOhMu1OnHqA&google_cver=1&google_push=AYg5qPJM7wm2H89ASzLL8MrQwsoaA7iJVkaD0QF50smINX8YhdnSeCsxiSC7tMdRZF9JOtkN7yUXPNcTWJ9V1UH8O6QNcpaFic4l HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d0cc4b7f-b93d-4e9b-a0d5-8191f99d8101-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPJM7wm2H89ASzLL8MrQwsoaA7iJVkaD0QF50smINX8YhdnSeCsxiSC7tMdRZF9JOtkN7yUXPNcTWJ9V1UH8O6QNcpaFic4l%26google_hm%3DA9DMS3-5PU6boNWBkfmdgQE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJM7wm2H89ASzLL8MrQwsoaA7iJVkaD0QF50smINX8YhdnSeCsxiSC7tMdRZF9JOtkN7yUXPNcTWJ9V1UH8O6QNcpaFic4l&google_hm=A9DMS3-5PU6boNWBkfmdgQE
Request Chain 213
  • https://ti.tradetracker.net/?c=34211&m=1888189&a=70002&r=93811400051604900719590011704014&t=html HTTP 302
  • https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png
Request Chain 219
  • https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEBCDVgXEos5PKMUy2QTWGZc&google_cver=1&google_push=AYg5qPLlXVhDNozkQFjLgpxtuRK_PpZ_g-OFoDMDfVIJcWHx4EWie9XaOOWU5I83E50JIJY2NlEcm6NJItT8C4jHwo8XZ_dN6ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLlXVhDNozkQFjLgpxtuRK_PpZ_g-OFoDMDfVIJcWHx4EWie9XaOOWU5I83E50JIJY2NlEcm6NJItT8C4jHwo8XZ_dN6ag&google_hm=OTA5NjAwNTQ4OTQ1OTU4Nzk5 HTTP 302
  • https://a.rfihub.com/cm?pub=445&google_error=5
Request Chain 220
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESECf74Q4mtHCJVYb2QzQTX38&google_cver=1&google_push=AYg5qPLQWcuikuqnyOiEGOBQbeVUhLu-zBNJK42ICfCJzs9He69OAFcckiQXjuiW2pml9ariM--tMRVTOkwX7gZMJQAWRa18CxM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLQWcuikuqnyOiEGOBQbeVUhLu-zBNJK42ICfCJzs9He69OAFcckiQXjuiW2pml9ariM--tMRVTOkwX7gZMJQAWRa18CxM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECf74Q4mtHCJVYb2QzQTX38&google_cver=1&google_push=AYg5qPLQWcuikuqnyOiEGOBQbeVUhLu-zBNJK42ICfCJzs9He69OAFcckiQXjuiW2pml9ariM--tMRVTOkwX7gZMJQAWRa18CxM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLQWcuikuqnyOiEGOBQbeVUhLu-zBNJK42ICfCJzs9He69OAFcckiQXjuiW2pml9ariM--tMRVTOkwX7gZMJQAWRa18CxM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 221
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFyGup5YZlgQKYBKOIagxhA&google_cver=1&google_push=AYg5qPK1ZF6XzYHDfB5GU2MxdHDMaDmEwNXAHN2tzhKNOAIoayb6Z1R9KBylr7qNx9ccMCiQEebz0MbBlxCpNDZVy1LEntJoRw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OlfoORF5RQyGYE5vwGJ3FQ2&google_push=AYg5qPK1ZF6XzYHDfB5GU2MxdHDMaDmEwNXAHN2tzhKNOAIoayb6Z1R9KBylr7qNx9ccMCiQEebz0MbBlxCpNDZVy1LEntJoRw
Request Chain 222
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESED1L2UzCNnSYNxJOlzCCsO8&google_cver=1&google_push=AYg5qPIRYZQ42yalkhfVdF8Cy_UkMbRao6S6R69987rPWk3ZxfJFGXpSmsQs9XkB0sCRyDech-zz6QGpkSgiNTain9Vjq62_Yxs HTTP 302
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESED1L2UzCNnSYNxJOlzCCsO8&google_cver=1&google_push=AYg5qPIRYZQ42yalkhfVdF8Cy_UkMbRao6S6R69987rPWk3ZxfJFGXpSmsQs9XkB0sCRyDech-zz6QGpkSgiNTain9Vjq62_Yxs&checkcookies=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=exV04nzJ7D7_N063voyDrQ&google_push=AYg5qPIRYZQ42yalkhfVdF8Cy_UkMbRao6S6R69987rPWk3ZxfJFGXpSmsQs9XkB0sCRyDech-zz6QGpkSgiNTain9Vjq62_Yxs
Request Chain 223
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEC0A_-keiDnZfDvscQcTdmY&google_cver=1&google_push=AYg5qPKbYKlRYfKWIF5tOIcHSyfejT7kiAv7rXMDDDOEQ2ZkhGMF84btNDCLgoGh2oh7e2Vee0dy1p5VjlL_TrhZUCLpCUAb2Q HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEC0A_-keiDnZfDvscQcTdmY&google_cver=1&google_push=AYg5qPKbYKlRYfKWIF5tOIcHSyfejT7kiAv7rXMDDDOEQ2ZkhGMF84btNDCLgoGh2oh7e2Vee0dy1p5VjlL_TrhZUCLpCUAb2Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKbYKlRYfKWIF5tOIcHSyfejT7kiAv7rXMDDDOEQ2ZkhGMF84btNDCLgoGh2oh7e2Vee0dy1p5VjlL_TrhZUCLpCUAb2Q&google_hm=SxU-p0QSToukONBlvF-EPg==
Request Chain 224
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_cver=1&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E&google_tc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E&google_tc=
Request Chain 245
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMUvcgYC7b9kHRz-neBRTDk&google_cver=1&google_push=AYg5qPJ0Ly8hHo4g2ZROFZH2HQD7ywJ0W3qqAxBDuiQyMfCT7ev2ep_ZtQnTt87tvIMiiHTSsJ-iYpiLU7MJ04EEepRbJ8O1GsLWQw HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMUvcgYC7b9kHRz-neBRTDk&google_cver=1&google_push=AYg5qPJ0Ly8hHo4g2ZROFZH2HQD7ywJ0W3qqAxBDuiQyMfCT7ev2ep_ZtQnTt87tvIMiiHTSsJ-iYpiLU7MJ04EEepRbJ8O1GsLWQw HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=6df6883d-aede-455b-9a09-f62c52b950a9&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJ0Ly8hHo4g2ZROFZH2HQD7ywJ0W3qqAxBDuiQyMfCT7ev2ep_ZtQnTt87tvIMiiHTSsJ-iYpiLU7MJ04EEepRbJ8O1GsLWQw&google_hm=SxU-p0QSToukONBlvF-EPg==
Request Chain 246
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEC25dT6rOmFCiYdrODy09fg&google_cver=1&google_push=AYg5qPJhX3hSIdFInXnRW8OqnAxUUjNU3yLoSZV4dD2P1uTcHVpnL5VML42cg_yBsJsAu8OU7T2pauhwqi57ssrXn6BWhM1YXgJE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJhX3hSIdFInXnRW8OqnAxUUjNU3yLoSZV4dD2P1uTcHVpnL5VML42cg_yBsJsAu8OU7T2pauhwqi57ssrXn6BWhM1YXgJE&google_hm=NjMxMzA4NTY4NTMyODM3MTE1Mg%3D%3D
Request Chain 247
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIx9FEtd8oyWEtqt-Q-MsJY&google_cver=1&google_push=AYg5qPIDya-lGs8DgNv1CXa9LRJ_arZ1KQuZkrrzGxUBFmmehUbx37lNrmyR1iR60efju8rz7fKeXmPq6OvJ-XQklcrw1DZB7QG5rQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7MOhdbefRZi-LIZbnsglDw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIDya-lGs8DgNv1CXa9LRJ_arZ1KQuZkrrzGxUBFmmehUbx37lNrmyR1iR60efju8rz7fKeXmPq6OvJ-XQklcrw1DZB7QG5rQ
Request Chain 248
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECN99s1KM08qRNnC10vRc1g&google_cver=1&google_push=AYg5qPIncx8dutlGw7rxmSf9jvYWhnFAASn99xTxtIDUHkkLVWdpkO6rljCnh33l6HYbKx0Mbl4QLxsU3Jt5p584jwRoHxr5wTnWQQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxODRZVlItMU8tSjdTUg==&google_push=AYg5qPIncx8dutlGw7rxmSf9jvYWhnFAASn99xTxtIDUHkkLVWdpkO6rljCnh33l6HYbKx0Mbl4QLxsU3Jt5p584jwRoHxr5wTnWQQ
Request Chain 249
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJx34tZFpdTCi-cWRio5Khs&google_cver=1&google_push=AYg5qPJum2BAjZXfjUYAHr1p3VPau46CDyYybwxlGJXRlWJiDjvtXBC-iOXbu7BGu-qpLF-u5aZofZ1Ypv_EBat33MlsRdVf96qGmJ8 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJx34tZFpdTCi-cWRio5Khs&google_cver=1&google_push=AYg5qPJum2BAjZXfjUYAHr1p3VPau46CDyYybwxlGJXRlWJiDjvtXBC-iOXbu7BGu-qpLF-u5aZofZ1Ypv_EBat33MlsRdVf96qGmJ8&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TZU9vM21GRTJ1R21jNUdzNzFWUk5OM0NKY0dtek1fWH5B&google_push=AYg5qPJum2BAjZXfjUYAHr1p3VPau46CDyYybwxlGJXRlWJiDjvtXBC-iOXbu7BGu-qpLF-u5aZofZ1Ypv_EBat33MlsRdVf96qGmJ8
Request Chain 253
  • https://www.awin1.com/cshow.php?s=2882174&v=8508&q=413151&r=235229&pref1=82942300047741800719590011704018&pv=1 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=b66c25e0-0afc-11ec-9723-692d00a25ac2&v=8508&r=235229&q=413151&s=2882174&viewref=82942300047741800719590011704018&pv=1
Request Chain 259
  • https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=93811400051604900719590011704014&t=html HTTP 302
  • https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
Request Chain 260
  • https://ti.tradetracker.net/?c=34211&m=1888189&a=70002&r=82942300047741800719590011704018&t=html HTTP 302
  • https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png
Request Chain 263
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENV_PcLLs_ZC7RNvDZr6l3Q&google_cver=1&google_push=AYg5qPKT_-BM8PrtRALZ0y7Ivxc2xVDVefvQicxLYQKfVfyLxrD6Mqd4rjXCw8-rgNDt5s0dRv_76PBuBhXlVbjvm6s9FpvGFww HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODQyNzYxNzIxMzU0ODIyMDMwMg== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEOjRW8e14UGCR2nGVKQhb8w&google_cver=1
Request Chain 265
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOA4QZF5uUrbXXwrCVOv-wg&google_cver=1&google_push=AYg5qPINn6hrMLgAJ1L-xfzs4MYNhvCx0TMbzlBvgYNoKJi3mb2FETo7P-IHMloEIPo2tKIa7GgWFP0onTkKf5NmDMdcU9UnFeA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPINn6hrMLgAJ1L-xfzs4MYNhvCx0TMbzlBvgYNoKJi3mb2FETo7P-IHMloEIPo2tKIa7GgWFP0onTkKf5NmDMdcU9UnFeA&google_hm=U8wJqOGZTEC5R0EQL_wbfwU
Request Chain 268
  • https://rtb.openx.net/sync/dds?google_gid=CAESELHaFLz93bMlcB-KaUpT68U&google_cver=1&google_push=AYg5qPLBGzfZOo7Wb5Kr4zJj3-yCtEyVJD3XtrrkSfddJ3MStehTrni9ArALUX8zom31k-8gFZHtqAxX5H1l6kemSNqpl2_RUkE HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESELHaFLz93bMlcB-KaUpT68U&google_cver=1&google_push=AYg5qPLBGzfZOo7Wb5Kr4zJj3-yCtEyVJD3XtrrkSfddJ3MStehTrni9ArALUX8zom31k-8gFZHtqAxX5H1l6kemSNqpl2_RUkE&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLBGzfZOo7Wb5Kr4zJj3-yCtEyVJD3XtrrkSfddJ3MStehTrni9ArALUX8zom31k-8gFZHtqAxX5H1l6kemSNqpl2_RUkE&google_hm=gVMuihjzwTYxoFcMbrjgxQ==
Request Chain 269
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECN99s1KM08qRNnC10vRc1g&google_cver=1&google_push=AYg5qPIfLVUOZ4yAA6bFTC0c5O4rzWkp5XokAOs6NiiISMfldBLs2GGSf3ccS1aVBN9uE9GvD92XUx4G7TND8KPDZguOVdtjKYM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxODRaR1QtSS0zWEhK&google_push=AYg5qPIfLVUOZ4yAA6bFTC0c5O4rzWkp5XokAOs6NiiISMfldBLs2GGSf3ccS1aVBN9uE9GvD92XUx4G7TND8KPDZguOVdtjKYM
Request Chain 278
  • https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=82942300047741800719590011704018&t=html HTTP 302
  • https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg

285 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.suarasurabaya.net/ 		134 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.suarasurabaya.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32be4fa6361c58996f8273dbb2f80aacad28dafe349020cd35439674ec2a64aa

Request headers

:method
GET
:authority
www.suarasurabaya.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
link
<https://www.suarasurabaya.net/wp-json/>; rel="https://api.w.org/" <https://www.suarasurabaya.net/wp-json/wp/v2/pages/152>; rel="alternate"; type="application/json"
x-debug-cache-fetch
HIT
x-debug-cache-store
BYPASS
x-debug-cache-key
nginx-cache:httpsGETwww.suarasurabaya.net/
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIKBg6pOmGEcWXXLMxDjmBhm4BO5xoYFSyJ4iioX1K8G96X2pwkifv0wJlK8wLu8RSB%2FAQUHCQzi1%2BXvv6Sj8MtJBOv6iY9QhJOYGvG%2BjMxrIbqOSmSSAce6DeDCkh83xj3iLTSHWdl78zEqvqBhYDSMWgo%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
687d0c5979dd5c2c-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5266
date
Wed, 01 Sep 2021 06:47:15 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 01 Sep 2021 08:47:15 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
911a78a240d4dd3959f54a7c66e0b52af0302b35d663d5997d8cdc327a117ac2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"974 / 954 of 1000 / last-modified: 1630447775"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25286
x-xss-protection
0
expires
Wed, 01 Sep 2021 08:15:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
494dc230d1af13c51e120665390d683d14fe664063cede8b467a9f7d7a096323
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49553
x-xss-protection
0
server
cafe
etag
15814572823861731209
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 08:15:01 GMT
gifdasdasd.gif
www.suarasurabaya.net/wp-content/themes/ss/dist/img/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/themes/ss/dist/img/gifdasdasd.gif
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61ca660df0fee539cf16ef2aa95643a904b5f8ec88f80e04563149e3b6881765

Request headers

:path
/wp-content/themes/ss/dist/img/gifdasdasd.gif
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
712602
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
11123
last-modified
Wed, 19 Feb 2020 03:38:09 GMT
server
cloudflare
etag
"5e4cada1-2b73"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsFBA73ORxk8VTfv5pRRsPr7XiZzr7iUzYbSaX2aTbHYi0Ng5ki006j5oEOs7k4fTr0jaQToAryrzmbAemEgHwVaChB%2BVmRYKAWzfYF574m1phcNTjcEJjDODXAaraQQJa8xE%2FYZkHiFWTQ2qYKcfONPygE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c605ada177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
banner-vaksinasi-terimakasih.jpg
www.suarasurabaya.net/wp-content/uploads/2021/08/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/08/banner-vaksinasi-terimakasih.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04cb8475e10292e42871f7c35328311967181822978f38b8c89c2b2fe968afbc

Request headers

:path
/wp-content/uploads/2021/08/banner-vaksinasi-terimakasih.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
50915
last-modified
Sat, 28 Aug 2021 06:22:35 GMT
server
cloudflare
etag
"6129d62b-c6e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oU6ujFdGKRnNyEDYiYEoG1f5QJb8UtO9AcAnh4i9Q%2FnQmZw2b4NN%2FBhW7J3OChALB9LnNq7sXSDiO5RiS1Uh8Dv0R1YZWVXLqq6oaZ8tIeIMIo01Zrmh4sUQBSBbiZ92HE13ane8qBxTykDl4wqrs1%2FYsQg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c605ad7177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
feather-radio.png
www.suarasurabaya.net/wp-content/themes/ss/dist/img/ 		808 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/themes/ss/dist/img/feather-radio.png
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
197799db6b27a326ac5617f38962dd7bec43a2dfcc0e44e2d9fa84574ee61378

Request headers

:path
/wp-content/themes/ss/dist/img/feather-radio.png
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11328419
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
808
last-modified
Wed, 19 Feb 2020 03:38:09 GMT
server
cloudflare
etag
"5e4cada1-328"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XFduQYlh%2F%2BfwI1tvVUuq9I1hG1ezar%2BxRJBclQn6N%2FKcvIU%2BdifdBv2zJN95WMdZpHYN9BEGMXN3MqY%2B%2FoDpthlXo2qhqY5aRN9DGKv5dlKHVAI1p%2B4Sf272kX7lEYAYUhP91crHR3HeaPAsO6GUiZeVxY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c605ad0177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
siema.min.js
www.suarasurabaya.net/wp-content/themes/ss/dist/js/libs/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.suarasurabaya.net/wp-content/themes/ss/dist/js/libs/siema.min.js
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3fcfa90f90474e880b814e04dd51a14dfc5facac3685dc46ec25b91e01ba179

Request headers

:path
/wp-content/themes/ss/dist/js/libs/siema.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Feb 2020 03:38:09 GMT
server
cloudflare
etag
W/"5e4cada1-3320"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBLSUhin%2FhS5Pb9RoHXKIhqm2njkW7UhyyXhl6zSQKrZsoayAXoxgHuioVmt9Koi7reb%2B92YgNqTT4xOt9OUcmz2mDNVist%2FSm0H%2F0xLpK2Ore9XE2IZm%2Budo9HdUn04aKdRT4sFWIObUPI7Mq2CbgzUFr0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1209600, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
687d0c605ace177a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Wed, 15 Sep 2021 08:15:01 GMT
script.min.js
www.suarasurabaya.net/wp-content/themes/ss/dist/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.suarasurabaya.net/wp-content/themes/ss/dist/js/script.min.js
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecba8bb6eda81a91a8fa57fce51683d670ec7448e5d41c04a5dd74d0f245e947

Request headers

:path
/wp-content/themes/ss/dist/js/script.min.js
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Feb 2020 08:11:09 GMT
server
cloudflare
etag
W/"5e4ced9d-13bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eK95HeiqXkm%2FixbuiUb%2BVVORkw4VPtFzr3JXj2nHJsKkLfdXYw%2B86mT7t2KiGPeoMnBIBdTJM5vBXEIDeuyVy7EQyONstq88H2ixUaQHeDlpr%2BgpkMzSz0L0p%2BJ%2BWGCXESOoTCAS45DlyXWwLdYlVcEb3Ns%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1209600, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
687d0c605ad1177a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Wed, 15 Sep 2021 08:15:01 GMT
wp-embed.min.js
www.suarasurabaya.net/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.suarasurabaya.net/wp-includes/js/wp-embed.min.js
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 06 Apr 2021 10:27:15 GMT
server
cloudflare
etag
W/"606c3783-592"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7I5YNio1nfrzU04sOPVMJonLGRFwDS2m9c1fil9D%2Btb2tEDw%2FFGVkVSgRErWDjqQGVs9KENsbTgZ%2FjCZm8lhMd9xqCHAReBx7Z1pqvxj4rE9duArrCSCgMhO5XPK%2BlHRa20r7WxsFCox2e0Xkpic5PNtYH4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1209600, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
687d0c605ad4177a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Wed, 15 Sep 2021 08:15:01 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1246333267&utmhn=www.suarasurabaya.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6744551-1&cid=538317931.1630484101&jid=36258203&_v=5.7.2&z=1246333267
35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6744551-1&cid=538317931.1630484101&jid=36258203&_v=5.7.2&z=1246333267
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 01 Sep 2021 08:15:01 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:01 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6744551-1&cid=538317931.1630484101&jid=36258203&_v=5.7.2&z=1246333267
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
367
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13d2c280d404af96e3392f75cc0f3b30593f93e97e26e2947f531636981271ab

Request headers

Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
Lato-Regular.woff2
www.suarasurabaya.net/wp-content/themes/ss/dist/fonts/Lato/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.suarasurabaya.net/wp-content/themes/ss/dist/fonts/Lato/Lato-Regular.woff2
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76df5b67646f4f0f999d4e1c482ab2007b948f3b9acc2c8a207bfdb214103855

Request headers

sec-fetch-mode
cors
origin
https://www.suarasurabaya.net
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101
:path
/wp-content/themes/ss/dist/fonts/Lato/Lato-Regular.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.suarasurabaya.net
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
712602
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 19 Feb 2020 03:38:09 GMT
server
cloudflare
etag
W/"5e4cada1-7204"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNFi7T6xyOg1tKzX%2BF95Z96u%2FFAdM5Wn9oTUGlmnxYzGxwq3ECiXl%2FbZGni5%2BqUPzWu97qBk%2BhsUCXI2QxD%2F7scYpmWQwDOOSdlmHrApk98uJSjizjGUqsjxVms8I3s%2Fbf8IsL7Or5tH2c0WqLa8xyo2yTM%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/x-woff
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
687d0c605adc177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
BenchNine-Bold.woff2
www.suarasurabaya.net/wp-content/themes/ss/dist/fonts/BenchNine/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.suarasurabaya.net/wp-content/themes/ss/dist/fonts/BenchNine/BenchNine-Bold.woff2
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd4ba8a3e133d3c0accc9049581fd238ffcd7e8b7c716538b759154bc7a4e0d5

Request headers

sec-fetch-mode
cors
origin
https://www.suarasurabaya.net
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101
:path
/wp-content/themes/ss/dist/fonts/BenchNine/BenchNine-Bold.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.suarasurabaya.net
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3460860
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 19 Feb 2020 03:38:09 GMT
server
cloudflare
etag
W/"5e4cada1-6914"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sV2SwbXZAY%2BtJ6VFizyj9cAQe67fTRfdD9JvicohKWJIVee9Sw1q40ReeUlZ5KqBx87W13o4CaWv93%2FD1XYbtXpY6evaPC45xPMLQywjBsP%2BPb3AIgfwb%2BBpQcssbWdeLntT%2FIuALkBuE7pUm1P%2FQLqnFuA%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/x-woff
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
687d0c605ade177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Lato-Semibold.woff2
www.suarasurabaya.net/wp-content/themes/ss/dist/fonts/Lato/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.suarasurabaya.net/wp-content/themes/ss/dist/fonts/Lato/Lato-Semibold.woff2
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa5c2a23e811b1927475a06b9996c2276e858d03712813419dbf994c692506b

Request headers

sec-fetch-mode
cors
origin
https://www.suarasurabaya.net
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101
:path
/wp-content/themes/ss/dist/fonts/Lato/Lato-Semibold.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.suarasurabaya.net
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11328422
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 19 Feb 2020 03:38:09 GMT
server
cloudflare
etag
W/"5e4cada1-a810"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkOjw7aVnLFJdLfDYH6%2BWIehbIfKJQtTDw1WXE6FpCQtPq%2F64ZCwvDWLx4ClmQzx5cwZWW%2B4XPFVY8LxT2kMXWUR9PmipRTReeYzWnq%2FwDuUBV7swSab%2F7ZmmYBUNx1r%2BHdwqeCzywCTddbZaTw5szH6LQU%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/x-woff
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
687d0c605ae0177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Lato-Bold.woff2
www.suarasurabaya.net/wp-content/themes/ss/dist/fonts/Lato/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.suarasurabaya.net/wp-content/themes/ss/dist/fonts/Lato/Lato-Bold.woff2
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e47c34e4bb6a2fe7f50c02b0656e10666ded963f874015cb10ee1be923ea4448

Request headers

sec-fetch-mode
cors
origin
https://www.suarasurabaya.net
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101
:path
/wp-content/themes/ss/dist/fonts/Lato/Lato-Bold.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.suarasurabaya.net
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
538873
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 19 Feb 2020 03:38:09 GMT
server
cloudflare
etag
W/"5e4cada1-7004"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdQVw1CMimo6V1dzgFzMt1mvOJjHbP2JIt5yhbTxH6%2Fgadttkv9OYCVJ3UUvinFF0%2FUXzOyrBWjsbAJwIL0IKuBDwoS%2Bz3XHvii6xaElJQMmpygCAOiak9WEGee3SUntwLAQqmBtPwKsR8yKwd%2FXrcqz2Qo%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/x-woff
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
687d0c605ae1177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
cropped-17agustus2021.jpg
www.suarasurabaya.net/wp-content/uploads/2021/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/08/cropped-17agustus2021.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7725b94809fdcbcbe16d4e16f36c1ff927462e244fe80a4fc9aa21cd02fa6b25

Request headers

:path
/wp-content/uploads/2021/08/cropped-17agustus2021.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2430513
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4875
last-modified
Wed, 04 Aug 2021 04:41:14 GMT
server
cloudflare
etag
"610a1a6a-130b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2F%2F7AGqu9ePmlSWfY994rUxkZEozwPYIfzm0vAQxgX8EPFUXMbOCWn05fWxWkkKRzdGFEP3xEGK59OPG8InJxa2%2Brjy8SVLP7SeaUy8tl079kZmZzUfJL1JNrnC21%2Fw4HpazRgUuLj3sZk08f%2FIxGJ76uI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c608b1a177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
WhatsApp-Image-2021-01-03-at-21.41.03-840x493.jpeg
www.suarasurabaya.net/wp-content/uploads/2021/01/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/01/WhatsApp-Image-2021-01-03-at-21.41.03-840x493.jpeg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f77720640f409f0bf318e2415b93594c3ee47ce8b53cc0e9428ef81373436b0

Request headers

:path
/wp-content/uploads/2021/01/WhatsApp-Image-2021-01-03-at-21.41.03-840x493.jpeg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
29055
last-modified
Sun, 03 Jan 2021 14:42:05 GMT
server
cloudflare
etag
"5ff1d7bd-717f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Os4uDRRdrFXVooPKk8W7%2Fr5GCozea31WzZX2Xtf8ilX%2F0IUEMqAM3NV16jsyBMmREQxeuJjDoXwzXJGoRV4mlD2PqDIX6l3%2Fqzj11ESIeCV4LVc6ZWjOMA2%2FOk9JIIebvMBxez6hF3CahxSeJ%2B0hxsoK%2BoA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c608b1b177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
HUT-RI-76-FOKUS-FIX-300x195.jpg
www.suarasurabaya.net/wp-content/uploads/2021/08/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/08/HUT-RI-76-FOKUS-FIX-300x195.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35b3c05918d7ea5a9fb71e86970d047106c47a313ab1eca23220bf4aba43736c

Request headers

:path
/wp-content/uploads/2021/08/HUT-RI-76-FOKUS-FIX-300x195.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5088
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
22320
last-modified
Sat, 14 Aug 2021 07:32:06 GMT
server
cloudflare
etag
"61177176-5730"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpTKQMc%2FkRm%2B04FYq4H%2BA2Y3GZ3N5U0ggNyfxWNswLO4TpZdXyR9wTD%2FJdl27jYG043tskPo4ec3ZVA8vt%2BpMElihhjNmuffxPYon0j7T4QXF4g0ijXXFK0wZ0SnZvNYYWdSl%2BRv%2FxtnWlv4Gt7YuGbOxmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c608b1e177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
tes-swab-pcr--300x195.jpg
www.suarasurabaya.net/wp-content/uploads/2020/12/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2020/12/tes-swab-pcr--300x195.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b54a321b8eecadda53d17a149945608b9122342047488015144021a380bda34e

Request headers

:path
/wp-content/uploads/2020/12/tes-swab-pcr--300x195.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5089
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8807
last-modified
Thu, 03 Dec 2020 02:28:47 GMT
server
cloudflare
etag
"5fc84d5f-2267"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igHT0%2BYuEsTORVpFDIo46bI5J6S4Cfs1kXoRom2r%2BkXU1au%2BJf0LDeLK8%2FZumngz8emnV40Jz%2FN%2Fr%2BNLmTPqNFlRuCRWj29hahhD8HTmTZZyWPChFm4Yy8v3JgA748UG981JngrDOT2%2FIAJnPMhiNv1Ox4s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c608b1f177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
1624153490-300x195.png
www.suarasurabaya.net/wp-content/uploads/2021/06/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/06/1624153490-300x195.png
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
780eb906e0e3255ce7412b9f7c789b99d9247f609b662337ff2a2fe043f0425c

Request headers

:path
/wp-content/uploads/2021/06/1624153490-300x195.png
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5088
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
15542
last-modified
Sun, 20 Jun 2021 02:01:14 GMT
server
cloudflare
etag
"60cea16a-3cb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aos4tvyKrgq1Y%2FN%2FADl0fsN1eVagmkBgyswwZ928JJXJ3g0ZiyMQgKWWsVYVop7H7KalpgA05BPLy8u13I17qthDmmsUFAKucp%2FXAIQWESKkJgHgYCfsverXEhSXw%2BEn1%2BYD0v0xLwmLff15CxdrM6KR9Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c608b20177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
PPKM-DARURAT_BRM-300x195.jpg
www.suarasurabaya.net/wp-content/uploads/2021/07/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/07/PPKM-DARURAT_BRM-300x195.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a097dca77d1085df185271889609a160f22dd81c309f1d0d5e76960676b2bf6f

Request headers

:path
/wp-content/uploads/2021/07/PPKM-DARURAT_BRM-300x195.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1663650
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
18987
last-modified
Thu, 01 Jul 2021 04:47:50 GMT
server
cloudflare
etag
"60dd48f6-4a2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGHaWVPsH%2F3dYr19GjggPIF7WbZFWv00ZIEx%2BapTpyYSe2Okef6PJ4B6ocaP%2BbSQsSBjJA%2FbuYtMvqlJ11wdrIpPBYr26nf699831w8HM2f%2BekNM49lGoKUp0BRLlAggqyrsKCM5DSlu2DhGx%2B1gl0jkoH0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c608b22177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
lonjakan-kasus-covid-19-300x195.jpg
www.suarasurabaya.net/wp-content/uploads/2021/06/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/06/lonjakan-kasus-covid-19-300x195.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1226fb620231964e231f3a9e0b672e4981e9da631a0b8a1b8c9a6f32c329e8e

Request headers

:path
/wp-content/uploads/2021/06/lonjakan-kasus-covid-19-300x195.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5088
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12653
last-modified
Sat, 19 Jun 2021 14:28:24 GMT
server
cloudflare
etag
"60cdff08-316d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YgMkSFmDBObQ5aBqcM8uHsEUxfjVvBcXjqJB1AD7Y45UxhOWWr9DVIkItx20dM1NnNwp5Puo9A7Dn5ItMEcXCgB3wc%2BmRcIn1wzHyPpeJD9VT%2BJYeLj7Pa%2BIMIb51x9geyqia%2F7WTZPYBTgmsistZ0FTSPo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c608b24177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
3-KEPALA-DAERAH-e1614647054307-300x195.jpg
www.suarasurabaya.net/wp-content/uploads/2021/03/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/03/3-KEPALA-DAERAH-e1614647054307-300x195.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62bc3e57e65325628fcb1440a2467a2445a9a83a87e31564f1e5cd881c99c23b

Request headers

:path
/wp-content/uploads/2021/03/3-KEPALA-DAERAH-e1614647054307-300x195.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5088
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12851
last-modified
Tue, 02 Mar 2021 01:04:14 GMT
server
cloudflare
etag
"603d8f0e-3233"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DufcJB0OzAWLkcdT3ToXB%2FcOxZ6TarU1zSXM9mQcczqWJ%2FpFHY3Z910z1nhKktthhQUDc8JMv1pyLfptWOxCjOqK02Cp0b4PyRQUoOvWmohNW1vTAcxqFBOi73DN25vkYTAUjFYAaKXrAtDqaqyL70pOCJs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c608b27177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ft-bahrun-b-750x493.jpg
www.suarasurabaya.net/wp-content/uploads/2021/08/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/08/ft-bahrun-b-750x493.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
526bceedd88b07e87a9b5e7be265e26a21e22f542da7ef48e17cdc59c20e2037

Request headers

:path
/wp-content/uploads/2021/08/ft-bahrun-b-750x493.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
151601
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
117883
last-modified
Mon, 30 Aug 2021 11:15:35 GMT
server
cloudflare
etag
"612cbdd7-1cc7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YRru1sVLsVIXvvmymudF9dKDq442Nsk8tWCyjtjhrZNkBxUN7960RvhxFne9pIvn%2BkJTcsfppY4LAMhy9ElVI5e4QzOlIg3PpkiR80Swjk1q2CxLhGFlR6S1pEZ1hsI%2B2w2ay4W2JL%2BCi5XicfdxivmAJrY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c608b2a177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
pv-counter.php
www.suarasurabaya.net/wp-content/plugins/page-view-counter/wordpress-pageview-counter/ 		16 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.suarasurabaya.net/wp-content/plugins/page-view-counter/wordpress-pageview-counter/pv-counter.php
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

sec-fetch-mode
cors
origin
https://www.suarasurabaya.net
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101
content-length
13
:path
/wp-content/plugins/page-view-counter/wordpress-pageview-counter/pv-counter.php
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 01 Sep 2021 08:15:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-debug-cache-key
nginx-cache:httpsPOSTwww.suarasurabaya.net/wp-content/plugins/page-view-counter/wordpress-pageview-counter/pv-counter.php
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-debug-cache-store
BYPASS
content-type
application/json
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0rHWCL6z02Pzrz93R7RRGS3GWgQ6DtKTzizI1gle4xspV%2BvGyX0ueWsps910dzhf%2FZw81ppPMJGNYKNP1cdvp1kJRxuQZx8iKaiMlMs4qrxRUiAWaPbts1JC0cfNgtrNMaHI47frAF0Ec8URt8FwwjcFnM%3D"}],"group":"cf-nel","max_age":604800}
x-debug-cache-fetch
BYPASS
cf-ray
687d0c608b2e177a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
www.suarasurabaya.net/get_penyiar_active/ 		113 B
780 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.suarasurabaya.net/get_penyiar_active/?security=eb0018665a
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acee8594586274c3cb685dd003907261e07609785a915b1fd3017698fcfb0211

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101
:path
/get_penyiar_active/?security=eb0018665a
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

date
Wed, 01 Sep 2021 08:15:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-debug-cache-key
nginx-cache:httpsGETwww.suarasurabaya.net/get_penyiar_active/?security=eb0018665a
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-debug-cache-store
BYPASS
content-type
application/json; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVZW7mJFRMVVqhD90IpmS%2FH0IQXIeZbj%2Fph8ZkaXrlsYbgr6QVTvl8taH2BagbIK0sMX2gr3rRqgKja2SZeD00cCdDn%2FOYnTW8Up%2FGwqGzHPD20Ou6HWlx8YaPlLp8mI4ZlUBkcMdwv8QJeiSUg6c4b9AI8%3D"}],"group":"cf-nel","max_age":604800}
x-debug-cache-fetch
HIT
cf-ray
687d0c608b32177a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/ 		250 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1876807398903530&plah=www.suarasurabaya.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
789f22b18f4888fd4abfde82c10d9436d2ba5f7aa1107b0203ba386c688493cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95226
x-xss-protection
0
server
cafe
etag
17201458395757084847
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 08:15:01 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210830/r20190131/ Frame 2718 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210830/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210830/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.suarasurabaya.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.suarasurabaya.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 31 Aug 2021 12:45:30 GMT
expires
Tue, 14 Sep 2021 12:45:30 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
cache-control
public, max-age=1209600
age
70171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_2021082401.js
securepubads.g.doubleclick.net/gpt/ 		330 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
f99afd7517841902151c384754ab918ceaa4abfae5db7e2d62459fd17954647f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 24 Aug 2021 08:37:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118369
x-xss-protection
0
expires
Wed, 01 Sep 2021 08:15:01 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		105 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.suarasurabaya.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
bc628c4a9dac7400b3f093df712f8224f7c4fc2bd1d93626a9068f8cf9a7d527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Sep 2021 08:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Wed, 01 Sep 2021 08:15:01 GMT
cookie.js
partner.googleadservices.com/gampad/ 		207 B
662 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.suarasurabaya.net&callback=_gfp_s_&client=ca-pub-1876807398903530
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1876807398903530&plah=www.suarasurabaya.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e1ddcf2515511deef64c4a824e959193359a30bc29629a69584a2d3616b3bc5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.suarasurabaya.net%2F&tn=HEADER&id=main-header&cls=main-header%20header-fixed&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.suarasurabaya.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1876807398903530&plah=www.suarasurabaya.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Sep 2021 08:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.suarasurabaya.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1876807398903530&plah=www.suarasurabaya.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Sep 2021 08:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FFD5 		32 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1876807398903530&output=html&adk=1812271804&adf=3025194257&lmt=1630484101&plat=2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.suarasurabaya.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630484101255&bpp=4&bdt=110&idt=105&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6755872357681&frm=20&pv=2&ga_vid=538317931.1630484101&ga_sid=1630484101&ga_hid=1635986981&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062314%2C44749371%2C31062297&oid=3&pvsid=3880600926224204&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=123
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1876807398903530&plah=www.suarasurabaya.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3bc3922c51fa796c6671b9ceebd0a7f3fcd3c47ef1bd37d5df100f730e5bac30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1876807398903530&output=html&adk=1812271804&adf=3025194257&lmt=1630484101&plat=2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.suarasurabaya.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630484101255&bpp=4&bdt=110&idt=105&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6755872357681&frm=20&pv=2&ga_vid=538317931.1630484101&ga_sid=1630484101&ga_hid=1635986981&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062314%2C44749371%2C31062297&oid=3&pvsid=3880600926224204&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=123
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.suarasurabaya.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.suarasurabaya.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 01 Sep 2021 08:15:01 GMT
server
cafe
content-length
2045
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 01-Sep-2021 08:30:01 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Sep 2021 08:15:01 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1876807398903530&plah=www.suarasurabaya.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322975956640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27566
x-xss-protection
0
expires
Wed, 01 Sep 2021 08:15:01 GMT
integrator.js
adservice.google.nl/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=www.suarasurabaya.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Sep 2021 08:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.suarasurabaya.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Sep 2021 08:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		84 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3880600926224204&correlator=2375145714595488&output=ldjh&impl=fifs&eid=44749371%2C31062297&vrg=2021082401&ptt=17&sc=1&sfv=1-0-38&ecs=20210901&iu_parts=21986873345%2CSuarasurabaya%2CHomepage%2CSuarasurabaya_Mobile&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F3%2F2%2C%2F0%2F1%2F2%2C%2F0%2F3%2F2%2C%2F0%2F1%2F2%2C%2F0%2F3%2F2%2C%2F0%2F1%2F2%2C%2F0%2F3%2F2&prev_iu_szs=970x250%7C970x90%7C728x90%2C300x600%7C300x250%2C300x250%2C320x50%2C728x90%2C320x50%2C728x90%2C320x50%2C728x90%2C320x50&prev_scp=pos%3DLeaderboard%7Cpos%3DMR1%7Cpos%3DMR2%7Cpos%3DMultibanner2M%7Cpos%3DMultibanner3%7Cpos%3DMultibanner3M%7Cpos%3DMultibanner4%7Cpos%3DMultibanner4M%7Cpos%3DMultibanner5%7Cpos%3DMultibanner5M&cookie_enabled=1&bc=31&abxe=1&lmt=1630484101&dt=1630484101509&dlt=1630484101146&idt=324&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C1345%2C1345%2C-9%2C436%2C-9%2C436%2C-9%2C436%2C-9&adys=-9%2C12885%2C17446%2C-9%2C2987%2C-9%2C3655%2C-9%2C4416%2C-9&adks=31569725%2C3040989654%2C2285757840%2C3614860598%2C1442763743%2C3614860567%2C1442763742%2C3614860532%2C1442763741%2C3614860501&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.suarasurabaya.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C2500x-1%7C2500x-1%7C0x-1%7C1110x-1%7C0x-1%7C1110x-1%7C0x-1%7C1110x-1%7C0x-1&msz=0x-1%7C2500x-1%7C2500x-1%7C0x-1%7C1110x-1%7C0x-1%7C1110x-1%7C0x-1%7C1110x-1%7C0x-1&ga_vid=538317931.1630484101&ga_sid=1630484101&ga_hid=1635986981&ga_fc=true&fws=2%2C4%2C4%2C2%2C4%2C2%2C4%2C2%2C4%2C2&ohw=0%2C1600%2C1600%2C0%2C1600%2C0%2C1600%2C0%2C1600%2C0&btvi=-1%7C1%7C2%7C-1%7C3%7C-1%7C4%7C-1%7C5%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
1dd9718345f20cdeded242c83f24df15ed0866158de75f7eb2f34d7424feac97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30553
x-xss-protection
0
google-lineitem-id
-1,-1,-2,-2,-1,-2,-2,-2,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-2,-2,-1,-2,-2,-2,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.suarasurabaya.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5E31 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.suarasurabaya.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.suarasurabaya.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 01 Sep 2021 08:15:01 GMT
expires
Thu, 01 Sep 2022 08:15:01 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		85 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3880600926224204&correlator=2375145714595488&output=ldjh&impl=fifs&eid=44749371%2C31062297&vrg=2021082401&ptt=17&sc=1&sfv=1-0-38&ecs=20210901&iu_parts=160553881%2CSuarasurabaya%2CHomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x250%7C728x90%7C336x280%7C300x250%2C728x90&prev_scp=pos%3DMultibanner1%7Cpos%3DMultibanner2&cookie_enabled=1&bc=31&abxe=1&lmt=1630484101&dt=1630484101515&dlt=1630484101146&idt=324&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C436&adys=1409%2C2187&adks=3747442417%2C3817749766&ucis=b%7Cc&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.suarasurabaya.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1110x-1%7C1110x-1&msz=1110x-1%7C1110x-1&ga_vid=538317931.1630484101&ga_sid=1630484101&ga_hid=1635986981&ga_fc=true&fws=4%2C4&ohw=1600%2C1600&btvi=6%7C7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
4f1f813ad1620784eb949c531fa754e0cadaae7e2b2275b649982e185e48d73e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28242
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.suarasurabaya.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-1876807398903530&warn=12&w=1600&h=1200&eatf=false&reatf=false&apv=20210829_113447&sat=1630341651157&afm=0&as_count=0&d_count=0&ng_count=0&am_count=0&atf_count=0&mdns=0&alldns=0&allp=89&pgh=1200&su=www.suarasurabaya.net&pvc=3880600926224204&r=0.1
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5D20 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.suarasurabaya.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.suarasurabaya.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 01 Sep 2021 08:15:01 GMT
expires
Thu, 01 Sep 2022 08:15:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3EB5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.suarasurabaya.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.suarasurabaya.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 01 Sep 2021 08:15:01 GMT
expires
Thu, 01 Sep 2022 08:15:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame 5D20 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite_fy2019.js
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:04:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
629
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7645
x-xss-protection
0
server
cafe
etag
13200147268341533873
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 08:04:33 GMT
css
fonts.googleapis.com/ Frame 5D20 		8 KB
816 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 07:29:24 GMT
server
ESF
date
Wed, 01 Sep 2021 08:15:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Sep 2021 08:15:01 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210823_RC00/ Frame 5D20 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210823_RC00/outstream.min.css
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 23:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
550684
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 17:57:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Aug 2022 23:16:58 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210823_RC00/ Frame 5D20 		355 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210823_RC00/outstream.min.js
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a94b2bfa870862839108ea5447cb27b7ace9a3ce52aa37305a5b5d57e85bbce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 21:14:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
558005
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126191
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 17:57:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Aug 2022 21:14:57 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 5D20 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:09:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
343
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 08:09:19 GMT
l
www.google.com/ads/measurement/ Frame 5D20 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSkmw5_jF1XfnccKAqCC4a2TkmQ8Z-NpLjpnXGSDF8QSoAj_e1NoLqcW94HLImySdEp2zhC1oVW0eetR-NpezRePWNjrA
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame B409 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1Z21PTAB&v=APEucNXYQauMow2IvKBL5AUS7nHOiHn7onRWwNJgiJXRMFb-fosmMFkvWICvVb1lQRq7AkP8uXm7UZZgSQpwP7rhpkYiyhpXcH1XeI50lRg3D78fR0aWK16Awg9PgDC6_aLPV3H1nE2j0DC8XszmBq0RgAqJ2ZS_SzSonXWHAqZPLpWc6ZtQYX0
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsY1Z21PTAB&v=APEucNXYQauMow2IvKBL5AUS7nHOiHn7onRWwNJgiJXRMFb-fosmMFkvWICvVb1lQRq7AkP8uXm7UZZgSQpwP7rhpkYiyhpXcH1XeI50lRg3D78fR0aWK16Awg9PgDC6_aLPV3H1nE2j0DC8XszmBq0RgAqJ2ZS_SzSonXWHAqZPLpWc6ZtQYX0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkmj_OR2LuqyPrr4_-qdytTCEpVUCv_lQ_SXIgzQ1qyevWxgcSxlP8ENntuIrQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 01 Sep 2021 08:15:01 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 3EB5 		24 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BzKWCPshTF-QVQkng5hTEeLgJhCro8FmWPVD_z_9halcTvf_k_Y7_jDC0LH9r0uvgwCoheCxTHeiES1ngsILsPhAyFKVYo6TKVQjZ_ejo4QbjNzlnhb4B7mlAq7I03V4IiusfqgJJwNa_lc_nyPVyJqQRssQ&cry=1&dbm_d=AKAmf-BuMv1QcZagLj2ET4F5jfwMYgU78LqidQf1q6oP1zMgjj34ohQSez_9SlgyCEf3O2jPchEl_bqWYIdblft4OkN4DIwSaPF7JA56ic8_zSvV8HZyWXJl5QXCyfP18AXObaqzYBG58B6E_S8591mPoDC1RR5A7S2a1N1QlTyuFOOTVzM3gqBd2Vbh8_WodcHTv4l0uzp8GYq7zRoJrrSaeYYzoKy8PA6jrmiWj0FJVT345vvi2RLpo5ei_yFBC_duK0cb438MOPfB1NW5CEcQjdph07OU6wmuAPdKZl-pwCQzmPCbJcYMkj0yB4YU2lR-6fyZrJ31dsfm5hsOz31S1aCyJ43KM-GmXfD9PeI7hBaf_2xOiIBtVvMtKrJ4IGCzHXbgwwmavleEH9IhhvCrA87ewmvPmfsCRi_26wqA442Q8N9gfAxf6MaVL0YSXSqdTBPsY3sZYsV7K0x7wu39H9Km5hk771vU2h4aZEm7ceFG-IaEjHSF4x6wj7A8Z2jtwLH00U0WABxQJdwhX7ioDAtmhepQ4rAWIlN9io3yxiq77KtN49F_DGAx6_Qn6SoFTnHSvxy4avM_7Yj5Ft-FxcUCsThCML0Skqt1iF4aHqhhlRDGLE76lc8wtyQTC24Cz_yTQRQ-yIdAr56vlrWhZ8E8fq4fcYe26BIXp7JY-4sR-zRMLfII8Vss9Oy9nc8wcGko9TxUwcwzaGD9mf_ChMZc7RE0AX9KAAbzBs19AXXZkbaMAnvBq4Y3s2y3xMmcxZ7DP8fYD9c9uMsHGEcQNxhy-jxUDGoaGnpUvklABMsdr2GRIZeS8f5xBS7KupDtnZYukEQKqq9QujFg_xZxIF_7PNSQn1M0GNH5LqLW1BESSnMGGgoQGfg-4SN7dE-VKiS8V7Fw0lvHloQkjKMY7xSRFnE3FGdSa1KNJPji-gucp6905ls14fvywN-ql5w-URg8BBlxl2yRqMIJUYsMNtxwe7p0Hk2rFHE0IAXw6LJSqQ80TDC61h6lQVHp2xCOLPKaz2-3WCWH5b9vaDe8gR5I8dQPJrEfJBBE4sGvLjv9mbrOtmTC7wn_0XHoZ4BRQVdmjsSmSwly07MTrYr4GNSlelJNxKkEudp92rRq68vwxdjFF5YFmIlgbPz6yXoFhlbBT4qR4x4uDk6OJyB18QfmpdETIs4RM9icEmz6-OJ9CzLmWD9eo0wlrGvOPJfxeRk2tOy9gbvHcmi2l1EPlynVIP5vMp1EtB2_x32vcnc0-UkJ7B_rkhfuBkA4h6jo9Ri1vPqhy_hcxQaLbXzm7Cm1OMYIlc_kIbINe37sPpkOueIqf_OE7opFth_cs8cjx3Llr2aVntMFFDAH2kf6TDuOsH7tk_5ZLHtxMGYMjwrzi_vaOzye8XqHTu90WtzABEIvNux-LyMG8-7OoPSBekoToWSGlKzylY8WE-GRL95afkjhnX2UTk4V_i21qdZ2DopQpSKd4qVPkTx9qmlK0HEMd32BPycFqOebXYW1lC5SAKVbm1e7LcsGlvKZGI2lHGyfPnhwMiC4U07RIE01fa5YB1sahb5PTCWYNCOGELUakm2lkyBb9ggI8W24ecpGqTlv6AgdXsgkvPmsHXzV0NcY8W9vrBKOAlpKEZ8wceI_dOqTW5-uymIBSd8Lm8s1R-x-5lJHngNeC4E-fHc5uw0xoPMIkSQlmuyIqsnObP8z1WKxVc3wPjD-ihMdWO1kEtBfjMhcA0_ShJXpOiE_X4tNEVqQMu-y06fWRSR53urHpEdacvhSdK6lMwuz9ZTQfVvL8VqLVKH1FcszrxnxeyW05X19yMwfgkqtlsvgWTd6tTeA1jhJK2xHNkXB46t8CVxkH4mYFwAooobquzUPwEf7lWeMledpgC53J2Yo4ljoBQT00bNhO8Z1viXPadrAkN9ghZnTca17MG55XLcdF6Z_BfE2PiB9R7uyDy8HXugfb-phEPFyHlitlwKffDODFMoCevn15Aqk78dkP-JSdqbkZlA5AWOqQxz6XXrYTpnpNEr9o_kqC_5nN5SlBxP53mHLIUUpXryIjt9vRW3h1mu8bmNwSWXerD9y3M4k4naIJh64aLv6_OCtbDEqn_Kla7TTxuVBaoiSC3jvDVbx0gNcpIL-Y--lejX-af0QVBUBs5b0ogUCOBJweHpytZ75ixtUglw9aMffQZHeIfFRIQKsYhu0cV9FD_45mRv9iVRhDiOKmibQnEXpLPWkcKq8Jpx1mRElEgxOugp81lufZrA205AZGIGhQTH2pcyEDfHdzBkha2Lz5DEKI3lTtclMC-VYPKCteQs5RR5UqdR4MyajUHMnq5I8svYQihIh_CHnktcMI7IpYxI7VMe0kjieUZIfI4pXHG2NSmKgdd2_Vdli1q2P3nVrhWPJLNemohCjx0ibW5h3hKC4rzf5phGa0_h3QX_n3E1LS5gFFc1uwpKhduSUzFccwmOkWV1twVP2e7xoixk4NYdMwOjy9m3jTF54MMzaacYB36OaCfhaoe2cgrojdmEIdz64k_O6I7WmnSq8eSsCiBXxtjeHmOLWL5hxLOKnOeLu4dTsVfQdT1sIbHfcJc_8MXohaO2FoddDn6xCgMkUU4PfNwBw3X9Q8gGFwleA5ncWc-B3LMgpWodF6-2gZ0W5vUZVaEV_e2e_-QpeRhBL5SixBBpSNiAjdWntNhfbzAK4VueA4TrWFVUKXFNGdWWmnXE8bio45Y5o8UegE4Mj37q03Z-r76CvSJp_fnSpn1QhiAnS7RY5pO8ZY_beKSQYqtdsuDUuj0H5zluRNHL9wtsiKrlv6ElpkwACCGFGdyn97y3K3YlXhJ8nqKZ8Gp4mL9XG3-1hkAxBOzHvV5HFV_4Do37gbYeMuMHy1JHOho1q1-XTl9yvrWLf9A9yqAMh8m-QfE7OS1AmtMtXhzs-t5BGvt3oMRfErZDKZgRK2y0FpJfX4z6x035bwQbcMS-vDU0ohx-OTdDv379iqYSuRYRrusch_3kf2zQY8G6v4NAqVAK7ZTiLSfWg6-tFPTMiwFCCqHQuxPscVfB-3IE6VFERLoNOAu4plq5ud6AONODthkVaGBfKKxKF2j7YuDjwtmYS4kc0VHbon3jBTTkDTHwp2CyBdQcsRuh63JrkLWGg_tfBdIQ11Vq2I1RvLnbQBwcOWuxXm1Z0nrWDFTr7X8q5hkQOo9-3DUq_KXhDLZDVojszdRfxWAa8zr9kP-qYMKnD_vCeKMmKlyOTURLgGqdQipNCKvAsG7qzwKtM&cid=CAASEuRo0Nz4afzYy2R0kOJdJtGJTQ&rfl=1%2Chttps%253A%252F%252Fwww.suarasurabaya.net%252F%240
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f105903bcde67bd2e1acc55d058d1aece1f0e11121d9c2d59191457ca7157d62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12892
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3EB5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Az9IgudbSWqwiw9yLvOg5lJWpQZK86Ycz-kfg_TNAXbTUrUjRJDK77VYU11XGLbVKvu8w0sopcasvFi5iPcOMhzdpaEGAURVMSGuV4puF-jgHYTpQ
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 3EB5 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
389
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 08:08:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3EB5 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:02 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Wed, 01 Sep 2021 08:15:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 3EB5 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:09:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
343
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 08:09:19 GMT
fonts.min.css
www.suarasurabaya.net/wp-content/themes/ss/dist/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.suarasurabaya.net/wp-content/themes/ss/dist/css/fonts.min.css
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c6981a58dddd90fd935036e3d584d3a084d78e33e1806e227fe9ba12777bd26

Request headers

:path
/wp-content/themes/ss/dist/css/fonts.min.css
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=581220a3f25c0820:T=1630484101:S=ALNI_MZ6pBYCljQQ92yaopVRMA7Ls5gWbA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:02 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Feb 2020 03:38:09 GMT
server
cloudflare
etag
W/"5e4cada1-d55"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcYxEk44ejsHIqRY16k6x6YqSaag2NjHx9LLzALU61TJ%2Bdk1vSlhLil8kj1u3%2FVpkPR8DE%2B63Qd7gdm6%2BHS0r548GEaeayTmmHHfXeeUEuFSD9%2Bkx7yH4V5AzInIJAc5hIfcMv6IpvrIKY3xWQBzN5yomfk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=1209600, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
687d0c65eacc177a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Wed, 15 Sep 2021 08:15:02 GMT
style.min.css
www.suarasurabaya.net/wp-content/themes/ss/dist/css/ 		67 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.suarasurabaya.net/wp-content/themes/ss/dist/css/style.min.css
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdc7eba23132f13d81188bcefd0caa7fc1ebea4f505973e9f2afd40f973c9b5c

Request headers

:path
/wp-content/themes/ss/dist/css/style.min.css
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=581220a3f25c0820:T=1630484101:S=ALNI_MZ6pBYCljQQ92yaopVRMA7Ls5gWbA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:02 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 17 Apr 2020 07:52:07 GMT
server
cloudflare
etag
W/"5e996027-10add"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eg49rijl8lL51Wd%2FJrkLYFoDeDI0mqxm1hB%2B2fqOLJwZkBPfJSCtPCZUDQ0a5wA%2B9tvXGoVV70vpH%2FGHuqW49mzbKrQLiAIJp26nr%2FClDO7T1tTJ2LoMOmRERXRGpS6BfZFY%2F%2BA2ZgfdXVOfA3IHeS15Ohw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=1209600, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
687d0c65fada177a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Wed, 15 Sep 2021 08:15:02 GMT
rum
dsum-sec.casalemedia.com/ Frame B409
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGT_vHq9YLjQbZR0OFHNQI8&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGT_vHq9YLjQbZR0OFHNQI8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1Z21PTAB&v=APEucNXYQauMow2IvKBL5AUS7nHOiHn7onRWwNJgiJXRMFb-fosmMFkvWICvVb1lQRq7AkP8uXm7UZZgSQpwP7rhpkYiyhpXcH1XeI50lRg3D78fR0aWK16Awg9PgDC6_aLPV3H1nE2j0DC8XszmBq0RgAqJ2ZS_SzSonXWHAqZPLpWc6ZtQYX0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 08:15:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 01 Sep 2021 08:15:02 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGT_vHq9YLjQbZR0OFHNQI8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B409
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YS82hseYsp-kANP0R9S4YgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOCLbC0XQDUQUbbTsHWBjd0&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOCLbC0XQDUQUbbTsHWBjd0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1Z21PTAB&v=APEucNXYQauMow2IvKBL5AUS7nHOiHn7onRWwNJgiJXRMFb-fosmMFkvWICvVb1lQRq7AkP8uXm7UZZgSQpwP7rhpkYiyhpXcH1XeI50lRg3D78fR0aWK16Awg9PgDC6_aLPV3H1nE2j0DC8XszmBq0RgAqJ2ZS_SzSonXWHAqZPLpWc6ZtQYX0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 08:15:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 01 Sep 2021 08:15:02 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOCLbC0XQDUQUbbTsHWBjd0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B409
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPmtbQbcSVK5G7VC7DWErDg&google_cver=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPmtbQbcSVK5G7VC7DWErDg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1Z21PTAB&v=APEucNXYQauMow2IvKBL5AUS7nHOiHn7onRWwNJgiJXRMFb-fosmMFkvWICvVb1lQRq7AkP8uXm7UZZgSQpwP7rhpkYiyhpXcH1XeI50lRg3D78fR0aWK16Awg9PgDC6_aLPV3H1nE2j0DC8XszmBq0RgAqJ2ZS_SzSonXWHAqZPLpWc6ZtQYX0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 08:15:02 GMT
X-Proxy-Origin
159.48.55.5; 159.48.55.5; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
d9c25d06-468f-47f5-9d77-7d65529526f6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPmtbQbcSVK5G7VC7DWErDg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B409
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyNzkwNzUxOTE0NjQyMjQyOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyNzkwNzUxOTE0NjQyMjQyOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1Z21PTAB&v=APEucNXYQauMow2IvKBL5AUS7nHOiHn7onRWwNJgiJXRMFb-fosmMFkvWICvVb1lQRq7AkP8uXm7UZZgSQpwP7rhpkYiyhpXcH1XeI50lRg3D78fR0aWK16Awg9PgDC6_aLPV3H1nE2j0DC8XszmBq0RgAqJ2ZS_SzSonXWHAqZPLpWc6ZtQYX0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 08:15:02 GMT
X-Proxy-Origin
159.48.55.5; 159.48.55.5; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
28359267-2f1e-4683-bb6b-b02e06aa1dfd
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyNzkwNzUxOTE0NjQyMjQyOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Rachmawati.png
www.suarasurabaya.net/wp-content/uploads/2020/03/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2020/03/Rachmawati.png
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e50627b8bbb06ac9e745106b6adb31e0264189d1b6a2dbd56146142f4fa2700b

Request headers

:path
/wp-content/uploads/2020/03/Rachmawati.png
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=581220a3f25c0820:T=1630484101:S=ALNI_MZ6pBYCljQQ92yaopVRMA7Ls5gWbA
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
186684
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
22070
last-modified
Tue, 24 Mar 2020 03:17:01 GMT
server
cloudflare
etag
"5e797bad-5636"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0t8aOeEMlWBzQIinvantpXC6a17UHZZ%2FiLGea%2BhfZ%2FMjqNHGsvvP%2FASXmVHUY%2FD9JWWVZIHASgRHYt%2FDynJY7rnysBKWBnfu9snp9WIcQWFgcpWNNYxbi7Cbn%2Bruz8b9S%2BTl0FhVSvvGj5tnQ5whTt0TbNw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c660af4177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
container.html
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CDAC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.suarasurabaya.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.suarasurabaya.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 01 Sep 2021 08:15:01 GMT
expires
Thu, 01 Sep 2022 08:15:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E4C6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.suarasurabaya.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.suarasurabaya.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 01 Sep 2021 08:15:01 GMT
expires
Thu, 01 Sep 2022 08:15:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
csi
csi.gstatic.com/ Frame 5D20 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kt184wyo&c=2424795546783&slotId=1212397773391.5&qqid=CIWovs2q3fICFajouwgdzrkGMQ&fb=outstream-lima&sei=21062100%2C44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210823_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.34.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qro02s27-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 5D20 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 07:18:45 GMT
x-content-type-options
nosniff
age
435377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Aug 2022 07:18:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 5D20 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 11:31:42 GMT
x-content-type-options
nosniff
age
333800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Aug 2022 11:31:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D20 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C9F54hTYvYcXRIqjR7_UPzvOaiAPercXFZPXxvdfPDYiO9cHgKRABIPTr9itgkYSAgPwXoAH3z6rQAcgBBagDAcgDmwSqBN4BT9AIwpALMqksZAT3ALPRmQj51BLt4TTe5uGb6bDs4QHiC-BMIbJCEtAIPC7b_unj7w_TbqYEkN7mDNXjsicD8MinHRVIKEDPAbz84qSgrQXlWET4oHOTtaRwe5DiFd_eDD6FXyLGrRswJym0D5r7xmYACtoBJBH2lo_lgpCRhmd_TPVHsKWbaUIo-IGBadvd4VFCXI8540ZtKspsEBh_zm831nzpl5fAcae7nWSyWLtOA4QLgsewALjtcjv2oUP9yOIwHG4zsQlTZfjmcV5-jgKACCTMfBs13072s4SpwASm3LuT0wPgBAOQBgGgBk6AB_Gv1a8CqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE8WzuwzQEwDYEw2IFAfYFAHQFQGAFwE&eventType=clickstring&clientTime=1630484102119&ai=C9F54hTYvYcXRIqjR7_UPzvOaiAPercXFZPXxvdfPDYiO9cHgKRABIPTr9itgkYSAgPwXoAH3z6rQAcgBBagDAcgDmwSqBN4BT9AIwpALMqksZAT3ALPRmQj51BLt4TTe5uGb6bDs4QHiC-BMIbJCEtAIPC7b_unj7w_TbqYEkN7mDNXjsicD8MinHRVIKEDPAbz84qSgrQXlWET4oHOTtaRwe5DiFd_eDD6FXyLGrRswJym0D5r7xmYACtoBJBH2lo_lgpCRhmd_TPVHsKWbaUIo-IGBadvd4VFCXI8540ZtKspsEBh_zm831nzpl5fAcae7nWSyWLtOA4QLgsewALjtcjv2oUP9yOIwHG4zsQlTZfjmcV5-jgKACCTMfBs13072s4SpwASm3LuT0wPgBAOQBgGgBk6AB_Gv1a8CqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE8WzuwzQEwDYEw2IFAfYFAHQFQGAFwE
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 5D20 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kt184wyx&c=2424795546783&slotId=1212397773391.5&qqid=CIWovs2q3fICFajouwgdzrkGMQ&fb=outstream-lima&ulv=1&cll=0&dmn=bid.g.doubleclick.net&pth=%252Fdbm%252Fvast&rbid=dbm
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210823_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.34.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qro02s27-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 5D20 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~kt184wzs&c=2424795546783&slotId=1212397773391.5&qqid=CIWovs2q3fICFajouwgdzrkGMQ&fb=outstream-lima&lb_sdkv=h.0.0.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210823_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.34.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qro02s27-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 5D20 		28 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AGAJ-qxilIWj6nwVTo0r2cCHZSzbEpNsKGHaVXGpzdJZ62tSBcIRyjzTYbg89sETxQx8EP2aZsCnSBvcVGW1uh0HBJeA&dbm_d=AKAmf-CNzPvXGYmFXb-lwbGvrHInyz5qqsMax8U2kSwnNG7Y5JPrKN5-RlDfb_L6DLFDog5R82dG63dUHXXtUWvpkgHdeAT-F_v8shGx6IemSmNHtrGQMZT8QBoCN5ptMq5NfoFbwAffM5qYidn11frmP_CSnS8X3hbYGE91KSpONJD7GJlUIQ9EcxU8sQtNXcSWB-hOtAbG3pcsEj6CoYqVN0XszvGS2wnAY2AwXoKgS32_OicnEvOb2L4Z2_VfYC_fcOocrWOm7PcRj5JTuoVu17cD-VFmn_DG9PzbvnOeFOOpuo9ADd13CC4YYhDYlSeOtygW2essyE1Q89HaVgfHAv-B5r2n6v2JeBgFGVhf1v7TtspE15w8Rbbtv5Tee528jhpmpFKV4XSHLMUnJ-zx8pIWG4qbpNQV9er4gI_ftbPPV-Mt_PisjckfO7pzYXAqLbSPmsBB7hSPzellCuKyCOHQX1pDUKjGVDO478IOByR93eqHOkF48Lgf1bGaETOAbsLtJ8eq5CI-JIxlPHRiGYOQiRMIUZOZ7YKd-AfrSWSSwRKD0ooztfBhThoc6wRWcl628gzip9TPLZZV61recUg64qaHC-vnl9m_XQhHF4oSFd5U7v-nRZiHCZ7hjOxja3HS1SfUSUorpdtwOpPgP7nmCSNjVtrqB5kKT4c6qF2EQOPYJlh-moQyShN7duSVNdGjZbGyPhrkmKBzbSvRIpOpUITsJROaecJsbwH5t0Domoel_-Obl2iv1CXLIwxBiKeHA9gdEkyhCXjbSbjxSQn7BH_Luy1crnAIdWmm1BXk5ajG52PwUm6CRJaA_9nEN3aZmbW8-eUU_p2H_TMBBZyMoZxQrVW6u32l8kR2LRRGYGI7X3XMga1rIcE9vUJ4degp-agRm-iTLGp3N2OcjyeX2NN-_W9MijDZ_gCR_-cVMtV8ekRs4S9kBJp-kIIRrX--yZx15nhpjJJG3ompwcZAVlUXd9ikB0zBETbq9CRWXOF98F3-j-kVKYIHVtETypaVu_Wx1pETrlCTK5EyK_ISenHrtxh-Tj1XGmx-rE9MAwNnUB39sEgD9YwL_wg8ZM8NtgZfmYmgKAJ6XR5y7SqUoMLcDVcU5iXcnyZEPQQQ67yTZNkF33SnaMPbF6dXkZVAMphpdicCJ6cXZPcVPjCgLHQ6stoqy05yQbx_MOu25tpJNiFM5qhMKlm58HjVmwg3sBui_dZtpGlHh5ZyIUEp5DsxN1sx-6JcvYWPl3eTncUVBF171S2Ddsudf7zFh1X9Hu46MfkgHvFTIqOtNgmmBNt_l8xDiwR6al1nL1n4nKhqL5pp5Is-TVVI3J1a2Fw0VrVzHZRtOoRHcZ5Zi33KXGIIvl_9XcArwgQaY2SwLscZAeiqw23HSkvoSgbkqucWkJA1SeK9R5A87u6c7Q7pw0gZDXON_pto8Ha2Y7dfCwlwUaN9HTb0v1bAkq7l5r7b8FaeptgZF1aYufTiUk3b9m2Tzy0QnN1b9c677UvcHM5yySH5hFcdRNOu6OhlmmuQgZuCO8W-CYT8_N_7TbSq27cSBVkPJcPrq0uZAhSDvcCsVntKoRf9RpflyVYOhybbwy41e90LgMGnrpk8_vVgkLOi5MJpvUVm7HY9YeUo2Ky7K81OmhHK0KWap5rDm9qUSmOGpqjkKqnZIYISklJf0h5qgcyvzGtljqWzOyh7mKZ-nehp5B0-3RcjoWgxe72506Ch7Qp5uDFbhx97VJNJY5ojnKLr_P05l3RBFzD7TFL-uPB7LLaE7AtXyh3w2UdznDVcBAJBniMHPi8iL6UatIBpjajRZIn6pTrjKyQSaL_Q-Lpovj5SncaB9XNFmhTGL9J8m7pOeBur7sgLDiefa2Z06GXghyaiGra2LpCglDmpXbqNk-Eg9OCwFGTrpPs6G_ftSLJwuottzNqrJNIX2UHKOes0SetDZvSqXb-rmGbGKvQeGexaflp6Cgf4YUpnGo7aY09UTmT0_UUS1UhxVVBQCX_xYfrJ1lkfT_WdxbaIdSWEsAuye7on7XvzT1f3xQi8Gx6R7oXJRY-UuZ8rydT4NozsXzgC08SqbM1A_CyFJ1oiej9m4TjXt9weKfPitG5jn1tZoRRbNjoh87K7OYfTC6BZsGseVSzrhYHqHw5VAwZhDPxTDNfcKDDSU78Fx5hRTq9t3l9EB0DJOwLw3u4RUX8YK57PEhiPZZKSkIcqnfrW78Xzji-66pomCOtmDLRcSLGzlOvRGYhHD4JsOxawcHWVieqFeV5uy5Mki8nJRpuobjChFW1Anh7IhlRyW2U288sTeifBYr7cW-i33MSP3PZPz46r0k2alTUkpRsQUkcVJ29K9O0ywOQ2k_9vglGESqCSWGpphi3SlUdz9sjaW_DWgwFywudWeCZzhMQE7nzYlWIS_jd_-uTEAqhiwEPu5Scx-poLuDDzmx7DhgJ43nGTF-Xh00Mea__h1JOdCnvLQX8sJNBKkleyF22dletYnN7jPgcV4iE4pq3kwVeDCBpozugw88aVJ-h-OH3kgDBH34E2smX1yDTG69riUGUj6KnGuOfYEYTJ8Z5APQU497he7OGvvoVtmXhJpVs6PWwLfpeAPIiBKH2y7mHH4SAw53KdNDyl3b9e8f-HPSN4GExC297qmaYs6MT4J-3gTMQrvDxES_9g7YxwXn2xpxTCg1BIqNkIdvDxoyVTC6vs1wXXM4IKqNzoWuMMEIP6OY4p2aj6zygDSUIJwPw01xq-BrhhBJEWfxs2FvdDfSDBWmOYzzC36DFHu2nbuv9QoI_0QeTjThYnlFz7I8EFSru0FSGmq1D-x-_A1tnCh7E3GX8qWH3ZgzTUOawZ_v_VlhryB5RfHr9ENRpn-HM-H_6rNUfbaHHt35BmOsVidGHgp4PcCIGQ57PqwogSusQE6leTYDgZBI0KUz1IrmwAclvP1201wRMlOijcYm3DYeKJIKYa8vd4KD3bqY7poklNjfnY-qiIkfbWc4mXtNbXjM-SqtCsxqgajT2SL2Vxb26Cp7a_PHlpx8-Y3dhgTFJYDTPyCkCF_Mh4qwdGb8VGolnVBmVRDF4daJTPLWCfwvHIywm1aq0e4HLLi8iOAg3MVAU&cid=CAASEuRoYUvbLfO__KMv4qqzAzGqKg&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210823_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f156.1e100.net
Software
cafe /
Resource Hash
69324fd6adf616828338ec2180860597c12f52a0aecff99615cd281e28e864dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14021
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5D20 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_gRphTYvYcXRIqjR7_UPzvOaiAPercXFZPXxvdfPDYiO9cHgKRABIPTr9itgkYSAgPwXoAH3z6rQAcgBBagDAaoE2wFP0AjCkAsyqSxkBPcAs9GZCPnUEu3hNN7m4ZvpsOzhAeIL4EwhskIS0Ag8Ltv-6ePvD9NupgSQ3uYM1eOyJwPwyKcdFUgoQM8BvPzipKCtBeVYRPigc5O1pHB7kOIV394MPoVfIsatGzAnKbQPmvvGZgAK2gEkEfaWj-WCkJGGZ39M9UewpZtpQij4gYFp293hUUJcjznjRm0qymwQGH_ObzfWfOmXl8Bxp7udZLJYu04DhAuCx7AAuO1yO_ahG_wCvTtOuyQjtPzD60XXJexNaxDLelSgOK0rBu_ABKbcu5PTA-AEA4gFmL6L-y-SBQYIGxADGAOSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB_Gv1a8CqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHChCC0xwY4YGCqAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgPICwGwE8WzuwzIE4Hc5wnQEwDYEw2IFAfYFAHQFQGAFwGyFx4KHAgAEhRwdWItMTczODI4NDIxNTY0MTUyMRi5mh0&sigh=lkCCLJFvQhg&cid=CAQSOwCNIrLM24ZxYqAYaMKZc1v4SOPJSSn52DHHjHnEy4ADiuinlJCyvC2AEYIyeSZLxI1FJayvOziKkqf0&vt=10
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3F3A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 31 Aug 2021 13:41:14 GMT
expires
Wed, 01 Sep 2021 13:41:14 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
66828
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 5D20 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76725ac5b1de04ec59ddab946cea69c7e78e7e3de7a442b617bee4f902f8e490

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame 3EB5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BzKWCPshTF-QVQkng5hTEeLgJhCro8FmWPVD_z_9halcTvf_k_Y7_jDC0LH9r0uvgwCoheCxTHeiES1ngsILsPhAyFKVYo6TKVQjZ_ejo4QbjNzlnhb4B7mlAq7I03V4IiusfqgJJwNa_lc_nyPVyJqQRssQ&cry=1&dbm_d=AKAmf-BuMv1QcZagLj2ET4F5jfwMYgU78LqidQf1q6oP1zMgjj34ohQSez_9SlgyCEf3O2jPchEl_bqWYIdblft4OkN4DIwSaPF7JA56ic8_zSvV8HZyWXJl5QXCyfP18AXObaqzYBG58B6E_S8591mPoDC1RR5A7S2a1N1QlTyuFOOTVzM3gqBd2Vbh8_WodcHTv4l0uzp8GYq7zRoJrrSaeYYzoKy8PA6jrmiWj0FJVT345vvi2RLpo5ei_yFBC_duK0cb438MOPfB1NW5CEcQjdph07OU6wmuAPdKZl-pwCQzmPCbJcYMkj0yB4YU2lR-6fyZrJ31dsfm5hsOz31S1aCyJ43KM-GmXfD9PeI7hBaf_2xOiIBtVvMtKrJ4IGCzHXbgwwmavleEH9IhhvCrA87ewmvPmfsCRi_26wqA442Q8N9gfAxf6MaVL0YSXSqdTBPsY3sZYsV7K0x7wu39H9Km5hk771vU2h4aZEm7ceFG-IaEjHSF4x6wj7A8Z2jtwLH00U0WABxQJdwhX7ioDAtmhepQ4rAWIlN9io3yxiq77KtN49F_DGAx6_Qn6SoFTnHSvxy4avM_7Yj5Ft-FxcUCsThCML0Skqt1iF4aHqhhlRDGLE76lc8wtyQTC24Cz_yTQRQ-yIdAr56vlrWhZ8E8fq4fcYe26BIXp7JY-4sR-zRMLfII8Vss9Oy9nc8wcGko9TxUwcwzaGD9mf_ChMZc7RE0AX9KAAbzBs19AXXZkbaMAnvBq4Y3s2y3xMmcxZ7DP8fYD9c9uMsHGEcQNxhy-jxUDGoaGnpUvklABMsdr2GRIZeS8f5xBS7KupDtnZYukEQKqq9QujFg_xZxIF_7PNSQn1M0GNH5LqLW1BESSnMGGgoQGfg-4SN7dE-VKiS8V7Fw0lvHloQkjKMY7xSRFnE3FGdSa1KNJPji-gucp6905ls14fvywN-ql5w-URg8BBlxl2yRqMIJUYsMNtxwe7p0Hk2rFHE0IAXw6LJSqQ80TDC61h6lQVHp2xCOLPKaz2-3WCWH5b9vaDe8gR5I8dQPJrEfJBBE4sGvLjv9mbrOtmTC7wn_0XHoZ4BRQVdmjsSmSwly07MTrYr4GNSlelJNxKkEudp92rRq68vwxdjFF5YFmIlgbPz6yXoFhlbBT4qR4x4uDk6OJyB18QfmpdETIs4RM9icEmz6-OJ9CzLmWD9eo0wlrGvOPJfxeRk2tOy9gbvHcmi2l1EPlynVIP5vMp1EtB2_x32vcnc0-UkJ7B_rkhfuBkA4h6jo9Ri1vPqhy_hcxQaLbXzm7Cm1OMYIlc_kIbINe37sPpkOueIqf_OE7opFth_cs8cjx3Llr2aVntMFFDAH2kf6TDuOsH7tk_5ZLHtxMGYMjwrzi_vaOzye8XqHTu90WtzABEIvNux-LyMG8-7OoPSBekoToWSGlKzylY8WE-GRL95afkjhnX2UTk4V_i21qdZ2DopQpSKd4qVPkTx9qmlK0HEMd32BPycFqOebXYW1lC5SAKVbm1e7LcsGlvKZGI2lHGyfPnhwMiC4U07RIE01fa5YB1sahb5PTCWYNCOGELUakm2lkyBb9ggI8W24ecpGqTlv6AgdXsgkvPmsHXzV0NcY8W9vrBKOAlpKEZ8wceI_dOqTW5-uymIBSd8Lm8s1R-x-5lJHngNeC4E-fHc5uw0xoPMIkSQlmuyIqsnObP8z1WKxVc3wPjD-ihMdWO1kEtBfjMhcA0_ShJXpOiE_X4tNEVqQMu-y06fWRSR53urHpEdacvhSdK6lMwuz9ZTQfVvL8VqLVKH1FcszrxnxeyW05X19yMwfgkqtlsvgWTd6tTeA1jhJK2xHNkXB46t8CVxkH4mYFwAooobquzUPwEf7lWeMledpgC53J2Yo4ljoBQT00bNhO8Z1viXPadrAkN9ghZnTca17MG55XLcdF6Z_BfE2PiB9R7uyDy8HXugfb-phEPFyHlitlwKffDODFMoCevn15Aqk78dkP-JSdqbkZlA5AWOqQxz6XXrYTpnpNEr9o_kqC_5nN5SlBxP53mHLIUUpXryIjt9vRW3h1mu8bmNwSWXerD9y3M4k4naIJh64aLv6_OCtbDEqn_Kla7TTxuVBaoiSC3jvDVbx0gNcpIL-Y--lejX-af0QVBUBs5b0ogUCOBJweHpytZ75ixtUglw9aMffQZHeIfFRIQKsYhu0cV9FD_45mRv9iVRhDiOKmibQnEXpLPWkcKq8Jpx1mRElEgxOugp81lufZrA205AZGIGhQTH2pcyEDfHdzBkha2Lz5DEKI3lTtclMC-VYPKCteQs5RR5UqdR4MyajUHMnq5I8svYQihIh_CHnktcMI7IpYxI7VMe0kjieUZIfI4pXHG2NSmKgdd2_Vdli1q2P3nVrhWPJLNemohCjx0ibW5h3hKC4rzf5phGa0_h3QX_n3E1LS5gFFc1uwpKhduSUzFccwmOkWV1twVP2e7xoixk4NYdMwOjy9m3jTF54MMzaacYB36OaCfhaoe2cgrojdmEIdz64k_O6I7WmnSq8eSsCiBXxtjeHmOLWL5hxLOKnOeLu4dTsVfQdT1sIbHfcJc_8MXohaO2FoddDn6xCgMkUU4PfNwBw3X9Q8gGFwleA5ncWc-B3LMgpWodF6-2gZ0W5vUZVaEV_e2e_-QpeRhBL5SixBBpSNiAjdWntNhfbzAK4VueA4TrWFVUKXFNGdWWmnXE8bio45Y5o8UegE4Mj37q03Z-r76CvSJp_fnSpn1QhiAnS7RY5pO8ZY_beKSQYqtdsuDUuj0H5zluRNHL9wtsiKrlv6ElpkwACCGFGdyn97y3K3YlXhJ8nqKZ8Gp4mL9XG3-1hkAxBOzHvV5HFV_4Do37gbYeMuMHy1JHOho1q1-XTl9yvrWLf9A9yqAMh8m-QfE7OS1AmtMtXhzs-t5BGvt3oMRfErZDKZgRK2y0FpJfX4z6x035bwQbcMS-vDU0ohx-OTdDv379iqYSuRYRrusch_3kf2zQY8G6v4NAqVAK7ZTiLSfWg6-tFPTMiwFCCqHQuxPscVfB-3IE6VFERLoNOAu4plq5ud6AONODthkVaGBfKKxKF2j7YuDjwtmYS4kc0VHbon3jBTTkDTHwp2CyBdQcsRuh63JrkLWGg_tfBdIQ11Vq2I1RvLnbQBwcOWuxXm1Z0nrWDFTr7X8q5hkQOo9-3DUq_KXhDLZDVojszdRfxWAa8zr9kP-qYMKnD_vCeKMmKlyOTURLgGqdQipNCKvAsG7qzwKtM&cid=CAASEuRo0Nz4afzYy2R0kOJdJtGJTQ&rfl=1%2Chttps%253A%252F%252Fwww.suarasurabaya.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:10:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9263
x-xss-protection
0
server
cafe
etag
16747441857000454541
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 08:10:51 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3EB5 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BzKWCPshTF-QVQkng5hTEeLgJhCro8FmWPVD_z_9halcTvf_k_Y7_jDC0LH9r0uvgwCoheCxTHeiES1ngsILsPhAyFKVYo6TKVQjZ_ejo4QbjNzlnhb4B7mlAq7I03V4IiusfqgJJwNa_lc_nyPVyJqQRssQ&cry=1&dbm_d=AKAmf-BuMv1QcZagLj2ET4F5jfwMYgU78LqidQf1q6oP1zMgjj34ohQSez_9SlgyCEf3O2jPchEl_bqWYIdblft4OkN4DIwSaPF7JA56ic8_zSvV8HZyWXJl5QXCyfP18AXObaqzYBG58B6E_S8591mPoDC1RR5A7S2a1N1QlTyuFOOTVzM3gqBd2Vbh8_WodcHTv4l0uzp8GYq7zRoJrrSaeYYzoKy8PA6jrmiWj0FJVT345vvi2RLpo5ei_yFBC_duK0cb438MOPfB1NW5CEcQjdph07OU6wmuAPdKZl-pwCQzmPCbJcYMkj0yB4YU2lR-6fyZrJ31dsfm5hsOz31S1aCyJ43KM-GmXfD9PeI7hBaf_2xOiIBtVvMtKrJ4IGCzHXbgwwmavleEH9IhhvCrA87ewmvPmfsCRi_26wqA442Q8N9gfAxf6MaVL0YSXSqdTBPsY3sZYsV7K0x7wu39H9Km5hk771vU2h4aZEm7ceFG-IaEjHSF4x6wj7A8Z2jtwLH00U0WABxQJdwhX7ioDAtmhepQ4rAWIlN9io3yxiq77KtN49F_DGAx6_Qn6SoFTnHSvxy4avM_7Yj5Ft-FxcUCsThCML0Skqt1iF4aHqhhlRDGLE76lc8wtyQTC24Cz_yTQRQ-yIdAr56vlrWhZ8E8fq4fcYe26BIXp7JY-4sR-zRMLfII8Vss9Oy9nc8wcGko9TxUwcwzaGD9mf_ChMZc7RE0AX9KAAbzBs19AXXZkbaMAnvBq4Y3s2y3xMmcxZ7DP8fYD9c9uMsHGEcQNxhy-jxUDGoaGnpUvklABMsdr2GRIZeS8f5xBS7KupDtnZYukEQKqq9QujFg_xZxIF_7PNSQn1M0GNH5LqLW1BESSnMGGgoQGfg-4SN7dE-VKiS8V7Fw0lvHloQkjKMY7xSRFnE3FGdSa1KNJPji-gucp6905ls14fvywN-ql5w-URg8BBlxl2yRqMIJUYsMNtxwe7p0Hk2rFHE0IAXw6LJSqQ80TDC61h6lQVHp2xCOLPKaz2-3WCWH5b9vaDe8gR5I8dQPJrEfJBBE4sGvLjv9mbrOtmTC7wn_0XHoZ4BRQVdmjsSmSwly07MTrYr4GNSlelJNxKkEudp92rRq68vwxdjFF5YFmIlgbPz6yXoFhlbBT4qR4x4uDk6OJyB18QfmpdETIs4RM9icEmz6-OJ9CzLmWD9eo0wlrGvOPJfxeRk2tOy9gbvHcmi2l1EPlynVIP5vMp1EtB2_x32vcnc0-UkJ7B_rkhfuBkA4h6jo9Ri1vPqhy_hcxQaLbXzm7Cm1OMYIlc_kIbINe37sPpkOueIqf_OE7opFth_cs8cjx3Llr2aVntMFFDAH2kf6TDuOsH7tk_5ZLHtxMGYMjwrzi_vaOzye8XqHTu90WtzABEIvNux-LyMG8-7OoPSBekoToWSGlKzylY8WE-GRL95afkjhnX2UTk4V_i21qdZ2DopQpSKd4qVPkTx9qmlK0HEMd32BPycFqOebXYW1lC5SAKVbm1e7LcsGlvKZGI2lHGyfPnhwMiC4U07RIE01fa5YB1sahb5PTCWYNCOGELUakm2lkyBb9ggI8W24ecpGqTlv6AgdXsgkvPmsHXzV0NcY8W9vrBKOAlpKEZ8wceI_dOqTW5-uymIBSd8Lm8s1R-x-5lJHngNeC4E-fHc5uw0xoPMIkSQlmuyIqsnObP8z1WKxVc3wPjD-ihMdWO1kEtBfjMhcA0_ShJXpOiE_X4tNEVqQMu-y06fWRSR53urHpEdacvhSdK6lMwuz9ZTQfVvL8VqLVKH1FcszrxnxeyW05X19yMwfgkqtlsvgWTd6tTeA1jhJK2xHNkXB46t8CVxkH4mYFwAooobquzUPwEf7lWeMledpgC53J2Yo4ljoBQT00bNhO8Z1viXPadrAkN9ghZnTca17MG55XLcdF6Z_BfE2PiB9R7uyDy8HXugfb-phEPFyHlitlwKffDODFMoCevn15Aqk78dkP-JSdqbkZlA5AWOqQxz6XXrYTpnpNEr9o_kqC_5nN5SlBxP53mHLIUUpXryIjt9vRW3h1mu8bmNwSWXerD9y3M4k4naIJh64aLv6_OCtbDEqn_Kla7TTxuVBaoiSC3jvDVbx0gNcpIL-Y--lejX-af0QVBUBs5b0ogUCOBJweHpytZ75ixtUglw9aMffQZHeIfFRIQKsYhu0cV9FD_45mRv9iVRhDiOKmibQnEXpLPWkcKq8Jpx1mRElEgxOugp81lufZrA205AZGIGhQTH2pcyEDfHdzBkha2Lz5DEKI3lTtclMC-VYPKCteQs5RR5UqdR4MyajUHMnq5I8svYQihIh_CHnktcMI7IpYxI7VMe0kjieUZIfI4pXHG2NSmKgdd2_Vdli1q2P3nVrhWPJLNemohCjx0ibW5h3hKC4rzf5phGa0_h3QX_n3E1LS5gFFc1uwpKhduSUzFccwmOkWV1twVP2e7xoixk4NYdMwOjy9m3jTF54MMzaacYB36OaCfhaoe2cgrojdmEIdz64k_O6I7WmnSq8eSsCiBXxtjeHmOLWL5hxLOKnOeLu4dTsVfQdT1sIbHfcJc_8MXohaO2FoddDn6xCgMkUU4PfNwBw3X9Q8gGFwleA5ncWc-B3LMgpWodF6-2gZ0W5vUZVaEV_e2e_-QpeRhBL5SixBBpSNiAjdWntNhfbzAK4VueA4TrWFVUKXFNGdWWmnXE8bio45Y5o8UegE4Mj37q03Z-r76CvSJp_fnSpn1QhiAnS7RY5pO8ZY_beKSQYqtdsuDUuj0H5zluRNHL9wtsiKrlv6ElpkwACCGFGdyn97y3K3YlXhJ8nqKZ8Gp4mL9XG3-1hkAxBOzHvV5HFV_4Do37gbYeMuMHy1JHOho1q1-XTl9yvrWLf9A9yqAMh8m-QfE7OS1AmtMtXhzs-t5BGvt3oMRfErZDKZgRK2y0FpJfX4z6x035bwQbcMS-vDU0ohx-OTdDv379iqYSuRYRrusch_3kf2zQY8G6v4NAqVAK7ZTiLSfWg6-tFPTMiwFCCqHQuxPscVfB-3IE6VFERLoNOAu4plq5ud6AONODthkVaGBfKKxKF2j7YuDjwtmYS4kc0VHbon3jBTTkDTHwp2CyBdQcsRuh63JrkLWGg_tfBdIQ11Vq2I1RvLnbQBwcOWuxXm1Z0nrWDFTr7X8q5hkQOo9-3DUq_KXhDLZDVojszdRfxWAa8zr9kP-qYMKnD_vCeKMmKlyOTURLgGqdQipNCKvAsG7qzwKtM&cid=CAASEuRo0Nz4afzYy2R0kOJdJtGJTQ&rfl=1%2Chttps%253A%252F%252Fwww.suarasurabaya.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 14:43:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63113
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Aug 2022 14:43:09 GMT
container.html
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DA93 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.suarasurabaya.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.suarasurabaya.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 01 Sep 2021 08:15:01 GMT
expires
Thu, 01 Sep 2022 08:15:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 81CA 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-hNBDg0zcYn_SknQEwAQ&v=APEucNWCrojH3ldRpPSKzzO7crHhWZq9i-QX_zvKUqx8CyzteBeGo2ADSgopYh7niHvsnEa9Tg1s4Qaf3HDRhuFFJElBWcTO31lRYILOQcUDExheuSjxQf9eBNPLuzpJWcU7VKovUlcxFc1KfhvKZxJ80c0CMIK2gI4dJ00JGeunNQAJGh6w_Mk
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CK-hNBDg0zcYn_SknQEwAQ&v=APEucNWCrojH3ldRpPSKzzO7crHhWZq9i-QX_zvKUqx8CyzteBeGo2ADSgopYh7niHvsnEa9Tg1s4Qaf3HDRhuFFJElBWcTO31lRYILOQcUDExheuSjxQf9eBNPLuzpJWcU7VKovUlcxFc1KfhvKZxJ80c0CMIK2gI4dJ00JGeunNQAJGh6w_Mk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkW2zEsxSqxXoMrZJQfkb4iIEKkQZ1dmSFkWRiZWr8p2EfxelYKY6n7wUFlQCk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 01 Sep 2021 08:15:02 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame CDAC 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_cO9Cv56D3sGpW0C7VVmHSI4WH0ai7gXrSxoNm5y6ZN8dEa7FI30UjEciRJ9m4GV7hexrKTL25cTfLk7-NTKAcStymCRBkSveZvc52VagkdtQdB2hbx4crjsXTOl3a6c92QOU2Vi93w9hccwoJJB4_LscYw&dbm_d=AKAmf-BuUbLcz45lprPvM5jJQ3iaBk2Xv10wq4aKpj5_L1FnI5JJ5-6ikb9uc_CXu6DiJVbHJ04uboNSBCEeEIgr79telNgRTec-T0r1qLXx292OJmpqv5o4P9Tv7zeozEkyBnU7GxLgacFk-zHRVjuvY1N6cH5_ut4UkbWNFwUIJw0tB3q2iyMToKa2oy-580f-ytUVIfl3z6YcZsiiIfQbxhKBWqHoflI0XFHMPmvsUqPFt6Rh44t2uayoPCYaFXEZwzJcgoPei9oxj91xucl4f1wL4gI-3QDhgUk_VS4HurD5LkPesckwkDy2PAdDx9cRKgLo0BPVpEGn0TulkcTBZVMw8dF9nFZ2vjsixLNnxcSvrZXBSN1ko5daxmcuiWklKO6XkIH2sY_UXge759uT_AHoyXI-WxYl-96S3xCBlUrgqq7XSMivkzMztSQjQIRdZuPER8H0aBnb95w_Ybjk_llplJ-JKz-TjDMPtv6-A9DX8aO7syML-kLgX24eEepiCrtRuNPHgGSKgxZC69EEHSB43ojqQLVWeK19q_NJlMo6AzHyPZmQqPTcXU7_rizlx_TaZ-DlzaDB0utLfwe-pPC0eOXUozHXvcVqdoxdD5c_VdA-bOXYYmrDIfQkJ0LdhTZ3OTZ1AeMYNQPwScvzMNs6a1-RsmlNk-QcUldekpgJTRAuLJVmSsP49wXwJCZZeyn3zsf1ZzsSi57mM7OOFNSCbd4y_BMbAXzXnHG1cnz0XXFCw5W2vviXYKPZRB82d5NCeiqcw7z10yExTnNkl8fzfztdG4ObiQe7HVKR7WMJ-vxE1j4EyQc3-tQvrO_7oNbLWJYtAe2UIEMIBvelGNReqvuyIjXAncbAwrB0ZXN5yhxNRRDueDr_mh1vU3nRfK5rJ5Qh0T0X5si4Y9VQB-HJ8TerMCq1erwbmGsHbK1RLUhAewZru_fFCeuqtucRhhkLGaEFM6EdFbfW7Y0W5d8_b9bOaDKpTZtLomOt7WiCdvi31rtEpIbVy0Kgds6dZdIiv33v0qSCgGtEdGjhs0q8D_YkmOnuq9Quxw6Q5IM1q5CmGpD9tH9-MzcAAunvwcojOKnqHmYUr3GqyuLLISCz28IqI8TWZA1bD8jj9OqT1hg0-W-AARVwyMYQP_al7nqzSrEgGF7D9S2Xv5YP0EZAefPVbky3hELdmQdWP3laoB8fMtBrbgpk5tVi6Duu73r83WtdbWdPW4qZ1uPNMLBvzOWo1TEvq-4GcGI8JDhQ_gkp8XQCkNwL8T6VUjwlRC5V6gwQWdsqZbPGmluO0-mXCMIVS9roEMH3snHhmgaQtSh6cd2HTYlSBBC4NL7DtGhhGv63QI-3C6UCbnDDq1GYSHfeVsLHvDMpiTjEwV993YGBo027jX03klCux2cX8swhcs6W8PjriMGzQa3GRnTQLyHdTA7YKnsw69BftjR_DNk0qjkAWpUH-LxpxCi2oYVXFnoqBH-IBayTnlnPQ7tURpfxxM9Z64T9VtwBL6SX-HVX5ThdBpB4voWduDfX5fgg5EOkox9w95EHWsinnLbkC9UF44mMZx553z-7KUOtlVg25Ino-sJJmBBlixP8RaaKUN2L3mnsw_6Hh0D4LIWk4Wg9j0eTZaRwZOoiSf6iXWwYjk9YIg-09aHnHfbDhsED59pY9sA8dJk7C-L7u_YqWndgAT-eKzToM-svSrSR377lWLyFpzCxqtzOOryW4Xiwy4NcJdPDivdcWv4rTd4vfa-YbDSEhcoYjQsW-E7EBlPVmYNkOkkA9-5-5A52Wuz7hoexLMjO7liv_2vCBtMJxVO-_2Wl4AAEBOruYxDUwXxqGBX_T9S7i0ZST7_GKDLx_4ceNGDPum8cSdcNIbf3dYBmc__p7GdCB3FhUAj_zAQzHXlVfLoQuAjMot0UE5rR2A5SP8u07akdHEU0Z2FGm8nnrl2b4k8TPSlqqqDvDAeqGVfCdBW4UMcwD_IFKx-THp2er00VH_EwrHjbQSXHMWGQ2OY_gV6BF-tHPTa4P_FhiftkIm5ULWSP06ZjiZY71oLqNw4QdZ9xRedVQUVbJqXnmaFMMCagi9jssRFuwgjZJyfbDSk9nt0K_pP-rIC4F7fUgVFYiNcAZmvonuitEY6NhKfBsLEhs01Zt5SNTRWw2-z1ZTs1-HwpV2JklXf11FOEECg9KxoLRklVZiJ-wamIrRc0DkvV-kPyQ4OWp8bO-5ZVTGlPYoZHU1NqvowwUHlRAxtQVa6zV7oLahKZEv9LKKbxv9NYQxwly42f0lH7fC5EYuowqXSVFalCh7NJOehp9zox0z75TikcfTxLxyTjiEQDD6gtbODpQhS0F3g6VNMMgQXMzASroiCqgY0J2H89v1vHI92eKg7pL825M24CSw3Sl5ZmYDNBwu8YesAVQFWdZR0cbPoB_fP2m8jXxyjW3SIgmwFnDa6wBsb_QbIgljol-ku277dwucTqEEuTn8KGNZyZTbjbRla-usy253FQKzicaie7WiF7dJm72WYWvrNC0pOHkedW-phMdP4uOUGfaaoVubEML8KQ1AnlLJiA0lh0g5F8BQNHWUb3aCCU7UjvghpQBgnhZIxCUcnhDJdEHZANGOrZasV3leW_oQ_SPp7qBT51HHFwcch1Fpza93MRwHj31EdRvIMtupGvrDsss_7ZFkEfm1Zs89XODWN1ewU3DdskO3iA-UToBqfAmZ2M32vyxma5lRPbGdT0xasePeJY5BelfeXuCzqkiiUjmCHZweVVdmL9kUchcQWlzQiVt36vBZmu12hZIYqqSsrXOA3QB7eP3PAr0gym-3TKmAK4b5XKgZ19VQkq_sgVKkN6wDtTOGHjY68JC_5KRsm3M55GHSFELgJaGNgn1PmaI68nJnhUuHRC5oLLPkF5MuT_XQPxaGNfoIxqbhGJyOgeKCjM1Xetm-SSXmzSo08iTDF0uNIGhMSyykmDcIRa5BhOgAEyt9z_mslqT-tPt5QEBU3moh6hV7Zf38in1VzJ0qx5oaPsKXU9LVeS4nHgx69DLctqQM5iS4ICGuAKppF13qbKF_Gs2WFXFw9UDIbB8izyXY-RAXuPN-dx-xCTd1WXaFSNA-_JiRxkoIP1AemzkEKMHK2Uteeyt9UNjUZRQ1tAiMk_J7zMPyxCT7mRKvf040jbuy3DGDp-VvGYEj-Vy8xgvAVCBMig91yATZ1c1_0MYsVAxvVqPEaV26q4hw&cid=CAASFeRoayn7UW7DxRQakEV7_sbJYR7tyQ&rfl=1%2Chttps%253A%252F%252Fwww.suarasurabaya.net%252F%240
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e479e6be6f6467a3250627bb8b9d0b682ec486f91b4f4a3d4c56226d7f44b2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CDAC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AGFwFtOVwck7gQo-ydyuGrsfnmr1lEbIvDbR--6XQilQBjjAxC4c7wW2bnQ1Yx-U37GDbIbg7XyAxPjILgJXBH3zSyfLOW3i0QL00kHxjVrgFtjec
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame CDAC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:05:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
543
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 08:05:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CDAC 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:02 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Wed, 01 Sep 2021 08:15:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame CDAC 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 07:57:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1032
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 07:57:50 GMT
l
www.google.com/ads/measurement/ Frame CDAC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRHyjuK4Ajk7copTYXBKcqVEfZ_bj4yvW4waNhXDsohzISAVparzrj2nWHkLqjH_e9OQQ9PgTKshQNku40Nmbbp2nsofQ
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5479 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYhdbZlQEwAQ&v=APEucNWzJMqpC58rDsRtPLvEtNdeNGY04kOFxaoTJmoAe6HqwJFeRo09CsKN8ZpuMszKFb-9MjF9WnDjhxywOnEoCY2pPVNugnw29mjhp2Vytc11Qx2RRZvaMdYu3Asq1ZTdAT1003xDs_Z8T3VIFp03u_Wl3M690XUwo_xqLKHfYs3wNBKS4eI
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsYhdbZlQEwAQ&v=APEucNWzJMqpC58rDsRtPLvEtNdeNGY04kOFxaoTJmoAe6HqwJFeRo09CsKN8ZpuMszKFb-9MjF9WnDjhxywOnEoCY2pPVNugnw29mjhp2Vytc11Qx2RRZvaMdYu3Asq1ZTdAT1003xDs_Z8T3VIFp03u_Wl3M690XUwo_xqLKHfYs3wNBKS4eI
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkW2zEsxSqxXoMrZJQfkb4iIEKkQZ1dmSFkWRiZWr8p2EfxelYKY6n7wUFlQCk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 01 Sep 2021 08:15:02 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame E4C6 		25 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AaO7P4Tk4nLIW3awZWwsJxeVjJr3LWOm1rn95_uyhC-4cqgFVyMKZfoWRUynD7ByQsjFMlzMCX9nf_-ZKLaLMzVPfqGROOAdDXmT40MHLXyjeyuVib3b4FcV6l6xaSPNFJzqJig2iJWuBEJFXNE30otXFAlA&cry=1&dbm_d=AKAmf-B_x4MVdDXUJ0qS63Ci7SHe6-RN7SPOmwLAwroQKVboBTLWbJmcr1e_LDenGSc-ShzukAwjkV2-wJZgwaLU5dVgQdeD5qYfL3jS31o-d0h1DkMbGVkyGfS1elYbCWWJBAudNYp92b5HpqDKkB31x0YwExsYa-W5VbRM7SIfIMjrEG-JpF83umDRPXU6odEx-FeJtlnoLFh3drhTuWIJQleDDPx-QbCzEMsHc3iSLAiyb0klnj5dXhWmQJLAyA6uXonFJcoHhz5BGMpjpe3EgDI75CRdTV-n2va3mqgDRA1t4iEc3fiSbB_lLz_gyAIn2jFk8k-Bnw3-iqznjhsi-dz3OSCX1gsqRp9CMoILQwXxOxw5wyhPyNq2rcelFZgptbawIPPtOZWfMyzjxlRylb-4YqRcWGnNKZH58UnHY7WeKaJTMpzZgSpt-gjKn6YOkG_sh3gkGMla1Me432H2-yt_ORL4MNoOmjb5GLrxdEU_T0hZ8pspDEoayWkUBrMbcVYFrCjxme_l-YNtDUV7mDhWydKMlsC7rPWNCqaWc-dfhvzIv5JWykJbfbXDeDA-zCUbn8k_xbQKjGxqObX4iiOMJvCNMvws8GkinK5_yWG8YSQ-aPN0EQENAj0GKl9jLmK_LyurrX6HTWZY0NgSot2lNxVNUwxcvHkLvHsY0fPG-S9lOl97PuTEn-idm6kovYIqWJ99ldjKS0KwVEdMgr211t0IlUcGVIKoiMHp68CpvgJMq9lPBwTZE-7Te3l4QVGAOaTvFdN2snITguUlGslhTZly8blLdJug510ayVM7t0cqYDbcHKipeoDl2Os2uQqf4W_qBShSiRGFcT7i5MG9aCodNSbJc-i91BPwNSTXvyk6VuAND0-NhFFMNxYYeiYKKtFT-0K2Bz-nuiLvLle051gWxaLKXmBINH1U27ndY8S0h4GLCus7c65g0UU8kwd6vOVKLou8cVnletzNVYZCB8m9X2VZGEaM7gO-_F1lv76cmYvZJb1kfSV8p9DFuCajxgM2T4UOS-VJQLseEJV0C-PbiJhE9SMwvwKS2prZz8HAJOxyS5e_Wj-0rVKIC1cs0KlBo_6kziFZnu9Bv2KUaARhlni4BB8Ul0pwzMu-7-TvYESAJk_xhAaTyeHH-y4pKOzufDWY-dedNpIbVjzG3mntq3lQLPqedPILlPcdOqHi4Eq0__dzNPVxtaA93rnA8pn5HaaP_93A9pdzYYkVkBeKiBAvY3DRZnygZQ1rMHbcVhWB40IIJfZlCDGQSWX3V4BF1yHcOLCk1cRYDYp2oShagmkdK0Y3n2PeRUMzKTyYGeAMYy1sQGelZu8oQl3yNLYjwKyzzqO2SZw-wRy0uC7gPNG0dsCd3SYgTqk2NnXp17wBe8EzNiKs71QcibpfCJjsTlsrz-Qw_y2brGFhU0CTGxgoQJKF7x0ckDd7wbD1hf9GNw9yO3P15ZuB2-eg1OIoxvQ0S73x98BuQtSEkcUSvig2EbMwCZcrGB6BIIKxDCHQJ9gOerhVeWJVmlhCxCOzv5bpkmakw6P93nN5zFMSexsBv9QKZgJ56dhOpT7RtvNLorkYKSy2qf-kuR4T_u3Y7VGWkRrw3wRGUJA1ZtcMM6MslWk8xL6eTPx5CXpNsjT785DG_I7PdWqGhhgGF5biSTx0Bm8gH42WqSP4RftcraCKtOCuQlQgJf9CmZ6OFV-G5SidFo3QVVE4v3aDQzsx1pFOqiRxOqsG0LON4Ic6EmRV4zB93LCADA9zy3HR6uzzzx2o461PSPydBb4uOvtQBFe-bWWMj9gH6R8ZOI_ng9a_hMuNyZWqNc2c3LzyjanSuUMtzAnXkjGtazKni7UB-nSU0ZcSf56GIurPLeQXT9FTyVV6F2psJ7xJSvM-9rLqQnrFuuH4CYr3TjIX5Z5UokMEIB3F1nZR_x8rz732vka8xzk6Eo_ICPUk2mq5Ta98NTSMaRdMbk1ySJkLPumNwSSfdkTu2G3NeB55tahktaXl1PJAZI6RJlx8mtFnMHY8TeA7Y7-UkzKSTo5fSNhiyLg34pFI2tSrLoEAnorCfvl1tgKqQuDo4wOzPrfVsbdBRR4OPqlERitEVpFtkiWh8Wc1HBaEMEnkOpBhUv2iTIKC6k9FHmCd6UkatGpS1cxIB7o_byXdJnGG7WYV76G2EHp83LAU0lwFBzn1aPaT9i-91Zmq5d4LL6h-zk9_L-IjY0dpWaxWAnfuQcWcj71qazB6GG1SVOBh_EVG7YAOLKPwnJ7I9p-tRSz7co0YoYz2RtArqdeUEF3T9JfFaykJU6rSEFxxOxjEFGaV5hAWuFtYE1MJVicGD0szOs_FTbFmdWdm431uxFetifh-Bo6LsagVVLh4qxPdHoHha9Wr2pNwzrScQ57cq3tYcJsmfEr9SHTmLm4nk0zOWnY8lhEHRkDwagR_Wj5vHnt48sLvcdOeypN1UFog4-laaHrGHuf_S2Srsi8HkhuJ3WMo1XKbCLkN2x1_ScJAjXBBSpWjUqKBuv5RabOR5zEbPb_Wl-METfIP5v1eRgHAUD-qm0Oc_qLVojclgF40fCm9wuvikvMbJqQlAchc_s6fPSPJovkTR4AkTSSNkJlEU4EP9BLabMYsymoSbyaHzoqHHjvJ7Wa9LQdyGlP4FHwiZ6V_8A0x0Yepe0xzmUlJMtlts-3O62x4n31EcxyJSqi6mex4P5moK2wMm1M4FN9cpUTYhvRjeR0eyfo5PLbohhLK_danvaPjJA2FJ69v4XiAhSiBcMzTEigvSQwZ-fQGWbAMmWf7RSe5AS9F7mgdi9nSkbXiMxNOn1ZbxCE3UJgyHeShpagE6XTjHE--6JExYcW1utQjuLdi92m3sEt9SsnIcUhWZeXdNOtiBhqXvBfPE_6EcNFLgk7m3SBXnexgf1b1f8CHQP8BhB_XPL7LlRg8-G4AbO2HzF_BrW-yMZKFkblLch9aFwuLgOF-bjrqn6WZb64fQfjuhZBzl3d9L5dXVh-xBIs9YKyqjb6DX-Ofw_DD_moAwiwvjGN_JK19N6jwuLn1XVidjDMBJO0QY30zsJvTDAbeK5VS_ejJSGNGtAUXB0dNJrUdgj7_My_Ppmb0HBQGnhJ3Xv-WemQjDozoB4J54IRupSUJ87vXvheUy5Sh9O7I-f82DoEcpi7pL-hbhifyKPt-i3QIj4uCIctHdkNIJgY2VquPtsygaiyYUeEg5-8jw715ER0fdtaE08rK4UjV1aN8j5I7Gpl0QHAn4vU3&cid=CAASFeRokhbE1EoCv3R3zOKcAGIEccdsoA&rfl=1%2Chttps%253A%252F%252Fwww.suarasurabaya.net%252F%240
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab73998071222737d6316492ded236210cb6ca3854bc857e6784e3fd51eff842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12990
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E4C6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AukAH-pUZ0y--9kk3-qzRxuMNxcbI071UQckmqM74W6SJmyZIRctecqH4kDS3WwzeBHbCB5CyZzFQOFsHN-i2I_5jmEs8kW5EhPJGwSMlRqdgAzWU
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame E4C6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:05:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
543
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 08:05:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E4C6 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:02 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Wed, 01 Sep 2021 08:15:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame E4C6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 07:57:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1032
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 07:57:50 GMT
l
www.google.com/ads/measurement/ Frame E4C6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJvLJ9YlVYgTlFbN7DcmYnl1IUsZJHX1dtLNJOvwmspkb7GisXNCdzhYTSTB4clmvpeB3EgV9nXc9cwBTRsTQuT5uneg
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
5imww12akvzn
hal9000.redintelligence.net/zone/ Frame 3EB5 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/5imww12akvzn?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCa0IBhTYvYcbRIqjR7_UPzvOaiAPisNzwX56J1vuJC_AuEAEg9Ov2K2CRhICA_BfIAQmpAjlSz2UbzLM-qAMBqgTYAU_QL_GwRcqK1bW33DcwbP9DRZa-lwf1EJfD1Ns9tz_ES_SGYl4Ne_GSE7xI7Dn4m8o7VgeOWbyoPrBcVkYIvJD7V_LBQMyZcE2jpQetmIybU5aX3Qt4Jq5lgEf0o6QHR6ZIexJI96xjxeXkX6QxewxvJEGyNNxnpELS50SWIdOjomNHO_KmUR4dRGNWbW0Q8q1IHhzOx138h7nkJZeP9rGgk2AYQ-6gqESzOy7krIW-6E-wapOIBKXM4rUqHYPeV5vgPzTgcgYopl-GOwC7G9hHXHtSIYnjcsAE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE7XWuQzQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRo0Nz4afzYy2R0kOJdJtGJTQ%26sig%3DAOD64_0oa9KkbfhOk818PHkTcvvF49SV0w%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-AERrIVMyOy-vcRN8HN_N7cCpGBCFpxJhSR3Vlkl4yuR-mo_5ePZ1BGzGg02veTYkP8gp5dYLgo680Ry2iXHaVu-vlhlBkI9OAaz_kKQpSUFwqAakk4EQ55rfR9kA9IW03YvGwtfETK-owPTm_3u86TGYqa_Q%26cry%3D1%26dbm_d%3DAKAmf-Aw-EptmaOE7mKYRoVJcOaKNesLeKoJFgK2hFcEaGRiPIgMVaeG-Qb0keX_yMgYQaP3p6RbGtEB_o0O-glb6cTKRjVjSzkTJ89w1O33y4dlOoykXZ5eUnIUWsoLj5AVc1uQhM6bIa7GgJWWe2B3g9AkHLlzD3Fmd3aSzTfBXSDR2RtCyQqUDyo0O4ZvN5LSCVhqmq8sd1ckfBRVzUi-ECC7mT0dCx645Far739snSnf4vWjYjVVXnnYdq_I8qlItC4kyOT21wko_MXcn0qwBOSuG_AztPEETLQMY_4uRUl2AGyqTZ4niDy0DH35eJtAdRpf43YJYs6b4XNYYbQNhQktShgZ0iYoT_kivDSRo_xAyAYJVzpQuE3idpu_7xPg_E511Um0bsYFda0wfs25fzO85_syEhJB5GiH036j2msxoG1PN5l87dMPx5wSjnQ--kiEkZKz%26adurl%3D
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
93411259d4153b3638aa32ead001d6c4bcae4cede2bd750e24fb1a58d6a1d8a2

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 08:15:02 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3919
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 057E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 31 Aug 2021 14:43:09 GMT
expires
Wed, 31 Aug 2022 14:43:09 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
63113
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
current
dclk-match.dotomi.com/match/bounce/ Frame 3F3A 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHYeCG9tRHdA5Cicl_VkIxk&google_cver=1&google_push=AYg5qPJ2xaOJmj0ey1_rGvq6hK_R10z84Liw91SfQyfBcMxpROGFhJZC5bWh1Nzt52NYsIR8f9DbpzfQQIuIu9gzuKe0huCUvYgh
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 3F3A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKMCIyyIy755EmaQg1AyMOc&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKMCIyyIy755EmaQg1AyMOc&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OGpscVh5YzQxTWxsb0c1&google_gid=CAESEKMCIyyIy755EmaQg1AyMOc&google_cver=1&google_push=AYg5qPLVcVTvHRe8mU6ZcMPG4LECz4MqsbIzX5bM-ZTuudB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OGpscVh5YzQxTWxsb0c1&google_gid=CAESEKMCIyyIy755EmaQg1AyMOc&google_cver=1&google_push=AYg5qPLVcVTvHRe8mU6ZcMPG4LECz4MqsbIzX5bM-ZTuudBTYRhJaOn6qVnemAZG7qaJc8LI0qDIAZ5dPcxOaxa7kvKcLVFaHWkO
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 08:15:02 GMT
Server
PingMatch/v2.0.30-669-g517f080#rel-ec2-master i-0670be21af8977517@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OGpscVh5YzQxTWxsb0c1&google_gid=CAESEKMCIyyIy755EmaQg1AyMOc&google_cver=1&google_push=AYg5qPLVcVTvHRe8mU6ZcMPG4LECz4MqsbIzX5bM-ZTuudBTYRhJaOn6qVnemAZG7qaJc8LI0qDIAZ5dPcxOaxa7kvKcLVFaHWkO
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 3F3A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESECf74Q4mtHCJVYb2QzQTX38&google_cver=1&google_push=AYg5qPIM671SOICJlfyh52dq5koZnApbfEd10eXAkocLdxgRFPkWnjEzuOjck2VTIRLbRzzaKhFRqilZZ6qb1L9d6l2V4PGd-QcG&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECf74Q4mtHCJVYb2QzQTX38&google_cver=1&google_push=AYg5qPIM671SOICJlfyh52dq5koZnApbfEd10eXAkocLdxgRFPkWnjEzuOjck2VTIRLbRzzaKhFRqilZZ6qb1L9d6l2V4PGd-Qc...
43 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECf74Q4mtHCJVYb2QzQTX38&google_cver=1&google_push=AYg5qPIM671SOICJlfyh52dq5koZnApbfEd10eXAkocLdxgRFPkWnjEzuOjck2VTIRLbRzzaKhFRqilZZ6qb1L9d6l2V4PGd-QcG&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIM671SOICJlfyh52dq5koZnApbfEd10eXAkocLdxgRFPkWnjEzuOjck2VTIRLbRzzaKhFRqilZZ6qb1L9d6l2V4PGd-QcG%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
687d0c6b7c4fc272-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
392
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
687d0c69394bc272-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECf74Q4mtHCJVYb2QzQTX38&google_cver=1&google_push=AYg5qPIM671SOICJlfyh52dq5koZnApbfEd10eXAkocLdxgRFPkWnjEzuOjck2VTIRLbRzzaKhFRqilZZ6qb1L9d6l2V4PGd-QcG&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIM671SOICJlfyh52dq5koZnApbfEd10eXAkocLdxgRFPkWnjEzuOjck2VTIRLbRzzaKhFRqilZZ6qb1L9d6l2V4PGd-QcG%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 3F3A 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEELXg5nxPp0dD0HgGIQlEJY&google_cver=1&google_push=AYg5qPIqC1JkqCQAIk-3wJeyBwZuIwBf86AYLyOpGUUyZwM6DYa-AaNCiCD1dta2x2TY0j3ouAec1sHK9wI4KGkND67RClQajCI0
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dot.gif
s0.2mdn.net/ Frame 3F3A 		43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEHZK0yS1ruV_DTd7TNh5VuA&google_cver=1&google_push=AYg5qPLmht4bwnOVVVPHPCF07y_CHM1sNysJnPkADTaWTzuZa9zHiINaPnlJ5QpDhlKzMFJ-rHUDuqzJ53eYf3P9382VBkr1Y9kG
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Thu, 02 Sep 2021 08:15:02 GMT
pixel
cm.g.doubleclick.net/ Frame 3F3A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMqoZ42JwnJb6THwnMzVkxY&google_cver=1&google_push=AYg5qPK1q_7TRMxESM3WPYobhHvswEbswTTHcroX7dr54gPAJMK0H6Uqnxl9et7AnEtLlpBP2Ix...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxODRYRVEtUC1DUk5W&google_push=AYg5qPK1q_7TRMxESM3WPYobhHvswEbswTTHcroX7dr54gPAJMK0H6Uqnxl9et7AnEtLlpBP2IxtdHwInW2X-iuMaNDlgw85c_oY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxODRYRVEtUC1DUk5W&google_push=AYg5qPK1q_7TRMxESM3WPYobhHvswEbswTTHcroX7dr54gPAJMK0H6Uqnxl9et7AnEtLlpBP2IxtdHwInW2X-iuMaNDlgw85c_oY
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxODRYRVEtUC1DUk5W&google_push=AYg5qPK1q_7TRMxESM3WPYobhHvswEbswTTHcroX7dr54gPAJMK0H6Uqnxl9et7AnEtLlpBP2IxtdHwInW2X-iuMaNDlgw85c_oY
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3F3A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMofy6TOawF51kMFPm2Fi0g&google_cver=1&google_push=AYg5qPLTpo-U9kly5QxZdyCkhupXANnYvz1QZjmHjpf__k4qvLh__czGfy7ymAXPHbsKSY4zWj...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMofy6TOawF51kMFPm2Fi0g&google_cver=1&google_push=AYg5qPLTpo-U9kly5QxZdyCkhupXANnYvz1QZjmHjpf__k4qvLh__czGfy7ymAXPHbsKSY4zWj...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1YVC42Z0l0RTJ1R09RTU15azc5ZXFGNTkwUzhjLl9Rcn5B&google_push=AYg5qPLTpo-U9kly5QxZdyCkhupXANnYvz1QZjmHjpf__k4qvLh__czGf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1YVC42Z0l0RTJ1R09RTU15azc5ZXFGNTkwUzhjLl9Rcn5B&google_push=AYg5qPLTpo-U9kly5QxZdyCkhupXANnYvz1QZjmHjpf__k4qvLh__czGfy7ymAXPHbsKSY4zWjxL1T70C9nPZS0pS9WX2T9mfiXB
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 01 Sep 2021 08:15:02 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1YVC42Z0l0RTJ1R09RTU15azc5ZXFGNTkwUzhjLl9Rcn5B&google_push=AYg5qPLTpo-U9kly5QxZdyCkhupXANnYvz1QZjmHjpf__k4qvLh__czGfy7ymAXPHbsKSY4zWjxL1T70C9nPZS0pS9WX2T9mfiXB
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 3F3A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ILxb2_4vgyvQRBz8x9cmEO3P2ti_2gJJFdvHVOqfmU2pXkdb1bnWoFSf8tCnvtUn3Ux_mHfg
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 5D20 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210823_RC00/outstream.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 19:09:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47105
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Aug 2022 19:09:57 GMT
file.mp4
r3---sn-4g5e6nss.c.2mdn.net/videoplayback/id/e1977ab951bd825d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765940201/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 5D20
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/e1977ab951bd825d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765940201/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
  • https://r3---sn-4g5e6nss.c.2mdn.net/videoplayback/id/e1977ab951bd825d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765940201/sparams/acao,ctier,expire,id,ip,ipbits,i...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nss.c.2mdn.net/videoplayback/id/e1977ab951bd825d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765940201/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5C11A5915CAC7AB933B1373BE0886429998F2B20.1C9ADB9E6F486BAA8058E18E0073C17E122B4FAD/key/cms1/cms_redirect/yes/mh/Ov/mip/2a01:4f8:121:131a::2/mm/42/mn/sn-4g5e6nss/ms/onc/mt/1630483027/mv/u/mvi/3/pl/52/file/file.mp4
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:5e::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 08:15:02 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
6647160
Last-Modified
Thu, 20 May 2021 06:30:00 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Wed, 01 Sep 2021 08:15:02 GMT

Redirect headers

date
Wed, 01 Sep 2021 08:15:02 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
652
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r3---sn-4g5e6nss.c.2mdn.net/videoplayback/id/e1977ab951bd825d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765940201/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5C11A5915CAC7AB933B1373BE0886429998F2B20.1C9ADB9E6F486BAA8058E18E0073C17E122B4FAD/key/cms1/cms_redirect/yes/mh/Ov/mip/2a01:4f8:121:131a::2/mm/42/mn/sn-4g5e6nss/ms/onc/mt/1630483027/mv/u/mvi/3/pl/52/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 65C3 		499 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1Z21PTAB&v=APEucNWfFUKTJGSWth97065uQDVLIgJxO6HZM2H9pteLxQQc6bSDqVXayvXRnpj9MxAIdzJWp58u4oXaaUCPFHhMvY6M6KWdfud-sn-kFBiltqt5lb80tNQDztfppHFgPqmjmN3RETOrLMC74jY-YVWZixC9lapp_LuU94jCpEISMbC8SXrKH7s
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsY1Z21PTAB&v=APEucNWfFUKTJGSWth97065uQDVLIgJxO6HZM2H9pteLxQQc6bSDqVXayvXRnpj9MxAIdzJWp58u4oXaaUCPFHhMvY6M6KWdfud-sn-kFBiltqt5lb80tNQDztfppHFgPqmjmN3RETOrLMC74jY-YVWZixC9lapp_LuU94jCpEISMbC8SXrKH7s
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkW2zEsxSqxXoMrZJQfkb4iIEKkQZ1dmSFkWRiZWr8p2EfxelYKY6n7wUFlQCk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 01 Sep 2021 08:15:02 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame DA93 		25 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BOs6fb5jDIyNjkSsch8_I-jYCmCsV7IcrV5Dkf9daAQJQusr87-FP9IOkX9xWn9tlytJjIBK6IOs0Ge8-u8KdIXCDAARTzzZr29lyOz6bQmcXdPOdjR1ZmSRuCen30jZYxbBywew54HlP9G0L2ZTGFmjZ4FQ&cry=1&dbm_d=AKAmf-AM3gnaAR7XXGvNRWOGfMw26v7vG0wnFEYrEoL6EB6Hs2kugX9E_DHMdNlZWVztBisx2OQmxAQjK6SvYz9vhaRhgK2zHyijEz0vSA7LQH2ImXCTtI9_WNR8sqwYPkLdYeJqYrNw4EvWY8pPwK07krEZ-rx3vZK9OIHhWG_1hkj9AX3m37kXcSKcFy9n5UK1ohJ0aDU-pX_Cj7PKqAxZirhKJ1LQSrRmtZvkpOtYQn6MvQ_LiA20kEXldIfHgh3Yte_CmJaG0nDWQPmEChsAo69U7M3yyIwgqnC0EtM5omYFcsEQLQfy6rugg1KcczUn_ki8s8a-vGgHUTD95z1P29Fq4k9T2w84kAEAK4rsmVRv1ps_Df6oofgIpzF1xtjlcg84wE8Ps8VBE3yXN272rPiBylBujwSZ0hvi7mXE4x5q7OOgN5MfQf5OPjmYM3mTO8lU6VV0OXLhbYM5OzRLAL05xuXJBi50EiIa731hY_snOEHpD9f0GUkBfUDJFbaagv2Y_xA3v2fc_PTRdrXv4j_FJakrL188mReVcUJsyzJdv28oU2N_hT4zz0Rp8XZktiVgagiAG038SsSMwNuj3OSLtsp7H0AHogAYlE_B6TwKsQKZr7ySQGj0JuYY4Xg5hPZxygOUu5dKbDJ2BYJQ5f2Tcvg5hMbuUfTx8b_Y4Y3okeQZ7p90HYNZjCCCTWmCNpB59At7z93dLlJdHtGrl7N0Py4tgDxf55cxmUoUKDVDx9V2GpRgCwTPXRfVM5lYAxKsutnaNQE1kFzGBfo619GlCdUiv8jX_koSFDGJkg_Pk2KGB3IwlR7b63he9vDjvtz2huO983t6UX6jl67DsFBWiKaE0-6GP1WwusJKiFmHfAXdMYa1e7PTeITqdLbjQbiG8-qARspqcDYuZOMl7qqB0WBGiqhfvm7C4UpnGYTgDyx7bcm5SVGvL7VhozR-4DRiD3IgEMTVRgTXVI07VRkp5AuAVzQKhedno0-355-zRtKoOHiZckIEnMW6rNt54-5QgbAXKAiNo61SCkPnJwQ9WdJc35g81CbV3ZNg9A7KyK5EzcizL39N3uX71nSfvL_n9ZV3_pW3VI0FHc4YAuwkLfskPmw0mww2Z1aKonQPxjBUepVWqGm74It1Pesl951tSox1f0z3S8SkVMDnSmsnxErgSTzJb8Q9dI5ShfCrEB5LXhf32u9azVjEP_PZ6px0fINX8JTpArVVFCjTjn5hABLPr7ChEZdBLxf5rgSz6kozfH9_01IULfW2iGgmowwUcyklv5z6twWlV2doyvV4J-5a9FDrNEVuF0JDHxb6qVasPSMpdwTVPUx-qohVc9J-AVMciW1OUiV9rp46NIMNkd0TjQzfQW6hx-rrCkjIsuw5VlclXqeCMvnlX9xcaCmv8E4tqQQxMFf_qHkRxAOXXRUvOh1Vjoi4lyWS0r7vXQvDUIlwzjaOikQoayMYcItw-njcdvqLNu_Ucbce5bjM2vcJ1m8vJOrD6K-RI3b20XgEN9mqaNpWqa2PuYGZyELyiYTjxRE4dN_gerocuvlopjBldjaPDLZvGJLlTfui_3wFKUCev75w4z63L_0MgauPdx4AITQO8UKdWyaHlRaMtWtmH4LdSz6QNcefC3G9wxoaJpQB1fudc-C-HuS9c5qM3kwT-_hrTrRx_-8CDJAjr9djgKfNJNdb0ICkeo74nlIND9skYssNxhmGgZk-jXc_6Keq4Z7G0_NkMXzuWX28rz0jylHF-7VHokFousNSXeOmFZ-QODwA7PxNU-OO86IK5-UpiOySVp2SGCY-6VQE3hehclTf-UXVOS8CGfKxt8F4Af9zF-D8wfBTygK8VXNPS0nAdMQcgi2aETMT8-GI_RAF9yTJiiJyAMT_N2CitGrYAbjpIA5mgSMbPWoluztlos9iKkdZyeVHYYOGi1fKE_wN83DVwlsaLEUZmHq8zbhk1d2bIrpYlNKl9OvHkAPeGnAWS_mS9j847DdFGa8GpmajKwzibKtCaHtHwY5rJO8DbgpHZddM8EFCjLKebaiKknUlq3wMlBMDzvOrZ7WXW3IBfJ2UMiK2to9YVkf70pZJ0n6wyB4ExiSxUTBCVMnMHj-gKNH15bMQ6VSj86v1MBttJjvatp00v4Wn6LRkXRznul_Uf51XH0YJueMFziSyKIf1nmVAdBmKyGrAotKTqhFJTnE24E7rXKYaRAMloZbEQbmN3APVo2dpoaqRA5Rv_elbjypq538H5uIxnH8RsSYlCTU3OyI6pz0vq3OTuNo8rS9U_6b8We7V-TeXgMNgzDZ1lY4VJZDIMSIYZtM4yaWGVj4o5Slecl4qyauGUGGUYh_92g0ufj9b1GkJY9k4OBSiQ9H_grkMiBE4mvdUR2IbK1XCSsxnklH5oQ05r-rFz6PAjNLiNFZKd3T17GPzc66YL91GOJJ6xQZiykMMUqRX_pLi96UZz7iq5LdYJwytJevfFCyjLvLR-wEqFN9_SBhTW1vEaTS1_gg46omTXfKRseWCYO6YN6rO-7zUpR5rX1e0j0gi87ta3HOAdWxVnjSeiUe5wTfwlUhy_AKVzhB3O8Tylc8LQdTCPe9ByY5Y463nRTnjpGOKyvgxtd0U6GCJgH6IWGk18JkBCSqHRaM2oyyYVaztOkJdoAMTNSEBAb5pvAcwKrLyGGvF2NRWtOaNK0eYYwbFCaDkGBgoTosj0nD5TO1XZYLV0C3vUq5hh0iTJdLR0SRJ3bdXE8DWudihvTGHJA2XS8ZIHo1YzxLaqId9pWzwa6tytGQBJo6ulyHdoHMvm_tGfZGaQYEg1Nqcscpi8fQKohKj6fX0QhymB3_kiQf5ba2Wt0Qr4WW_2DNzBqtmxIMQ77tnmOC4tudJDpHLLgjthbyOHAsU-TSt9iboq_3JXpqHQB183nwEZ1gkVf4EQJI2d0Bo_Uua1gaU7COZD7lAwdmjaIYcxF9niYnoM9wAL24ausVoTqpY-PJRZ9b0PRlE9MoXHhAsTiTBfA9iW56TMMP5iBUoKXaJSi7W4QpxP_gMkQNUrFeJCY2BEosWzwNIDfBhMq0s6ak9Pq1mxuZ_jgRCeS5wRGGZ-ahh_uKz_7HIS9F-q62oNryCsB0ELkwQgvn-KBJZtAHBqMdoUv5OWRfRJqzkaE7uBWZ5BJf5z_7XAvebfbe49BzdDSwjZzXDRqx44bKMN9cipEJwjMjSsgpJd8BRs8RUJoNNor3RxF-aZ6RLwhl7WZlbHzVSp-9DwCtZpZF5xFgC&cid=CAASFeRo-rUev7yOOt93k1ZD4KnbERc4dQ&rfl=1%2Chttps%253A%252F%252Fwww.suarasurabaya.net%252F%240
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3fce42aa8f27816dc5eb7df7648f04c0bc9cb2ee3636c383edf3a3b57b28ee04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12962
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DA93 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BY2nYsIJNu5-6TAicWWTPxZc_HOJ0A0jhjw2bW2c3Uj_XijUKhvfuJwVvnA8SKdljeUFE9Y-NlowFcAS8e_FIU_wpsuksHZAB2zXWD1tsiINxNb0w
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame DA93 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:05:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
543
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 08:05:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DA93 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:02 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1630322985459792"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37796
x-xss-protection
0
expires
Wed, 01 Sep 2021 08:15:02 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame DA93 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 07:57:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1032
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 07:57:50 GMT
l
www.google.com/ads/measurement/ Frame DA93 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRdwXB-AeIbyk7RKs9Ptki27DppMdIruM8QM-fSwYIY6oEG6cMiYDuyOCAy7xRirC_Pr5EC3Qfd5c0yUdSh6GR2iHtjpA
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame E4C6 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AaO7P4Tk4nLIW3awZWwsJxeVjJr3LWOm1rn95_uyhC-4cqgFVyMKZfoWRUynD7ByQsjFMlzMCX9nf_-ZKLaLMzVPfqGROOAdDXmT40MHLXyjeyuVib3b4FcV6l6xaSPNFJzqJig2iJWuBEJFXNE30otXFAlA&cry=1&dbm_d=AKAmf-B_x4MVdDXUJ0qS63Ci7SHe6-RN7SPOmwLAwroQKVboBTLWbJmcr1e_LDenGSc-ShzukAwjkV2-wJZgwaLU5dVgQdeD5qYfL3jS31o-d0h1DkMbGVkyGfS1elYbCWWJBAudNYp92b5HpqDKkB31x0YwExsYa-W5VbRM7SIfIMjrEG-JpF83umDRPXU6odEx-FeJtlnoLFh3drhTuWIJQleDDPx-QbCzEMsHc3iSLAiyb0klnj5dXhWmQJLAyA6uXonFJcoHhz5BGMpjpe3EgDI75CRdTV-n2va3mqgDRA1t4iEc3fiSbB_lLz_gyAIn2jFk8k-Bnw3-iqznjhsi-dz3OSCX1gsqRp9CMoILQwXxOxw5wyhPyNq2rcelFZgptbawIPPtOZWfMyzjxlRylb-4YqRcWGnNKZH58UnHY7WeKaJTMpzZgSpt-gjKn6YOkG_sh3gkGMla1Me432H2-yt_ORL4MNoOmjb5GLrxdEU_T0hZ8pspDEoayWkUBrMbcVYFrCjxme_l-YNtDUV7mDhWydKMlsC7rPWNCqaWc-dfhvzIv5JWykJbfbXDeDA-zCUbn8k_xbQKjGxqObX4iiOMJvCNMvws8GkinK5_yWG8YSQ-aPN0EQENAj0GKl9jLmK_LyurrX6HTWZY0NgSot2lNxVNUwxcvHkLvHsY0fPG-S9lOl97PuTEn-idm6kovYIqWJ99ldjKS0KwVEdMgr211t0IlUcGVIKoiMHp68CpvgJMq9lPBwTZE-7Te3l4QVGAOaTvFdN2snITguUlGslhTZly8blLdJug510ayVM7t0cqYDbcHKipeoDl2Os2uQqf4W_qBShSiRGFcT7i5MG9aCodNSbJc-i91BPwNSTXvyk6VuAND0-NhFFMNxYYeiYKKtFT-0K2Bz-nuiLvLle051gWxaLKXmBINH1U27ndY8S0h4GLCus7c65g0UU8kwd6vOVKLou8cVnletzNVYZCB8m9X2VZGEaM7gO-_F1lv76cmYvZJb1kfSV8p9DFuCajxgM2T4UOS-VJQLseEJV0C-PbiJhE9SMwvwKS2prZz8HAJOxyS5e_Wj-0rVKIC1cs0KlBo_6kziFZnu9Bv2KUaARhlni4BB8Ul0pwzMu-7-TvYESAJk_xhAaTyeHH-y4pKOzufDWY-dedNpIbVjzG3mntq3lQLPqedPILlPcdOqHi4Eq0__dzNPVxtaA93rnA8pn5HaaP_93A9pdzYYkVkBeKiBAvY3DRZnygZQ1rMHbcVhWB40IIJfZlCDGQSWX3V4BF1yHcOLCk1cRYDYp2oShagmkdK0Y3n2PeRUMzKTyYGeAMYy1sQGelZu8oQl3yNLYjwKyzzqO2SZw-wRy0uC7gPNG0dsCd3SYgTqk2NnXp17wBe8EzNiKs71QcibpfCJjsTlsrz-Qw_y2brGFhU0CTGxgoQJKF7x0ckDd7wbD1hf9GNw9yO3P15ZuB2-eg1OIoxvQ0S73x98BuQtSEkcUSvig2EbMwCZcrGB6BIIKxDCHQJ9gOerhVeWJVmlhCxCOzv5bpkmakw6P93nN5zFMSexsBv9QKZgJ56dhOpT7RtvNLorkYKSy2qf-kuR4T_u3Y7VGWkRrw3wRGUJA1ZtcMM6MslWk8xL6eTPx5CXpNsjT785DG_I7PdWqGhhgGF5biSTx0Bm8gH42WqSP4RftcraCKtOCuQlQgJf9CmZ6OFV-G5SidFo3QVVE4v3aDQzsx1pFOqiRxOqsG0LON4Ic6EmRV4zB93LCADA9zy3HR6uzzzx2o461PSPydBb4uOvtQBFe-bWWMj9gH6R8ZOI_ng9a_hMuNyZWqNc2c3LzyjanSuUMtzAnXkjGtazKni7UB-nSU0ZcSf56GIurPLeQXT9FTyVV6F2psJ7xJSvM-9rLqQnrFuuH4CYr3TjIX5Z5UokMEIB3F1nZR_x8rz732vka8xzk6Eo_ICPUk2mq5Ta98NTSMaRdMbk1ySJkLPumNwSSfdkTu2G3NeB55tahktaXl1PJAZI6RJlx8mtFnMHY8TeA7Y7-UkzKSTo5fSNhiyLg34pFI2tSrLoEAnorCfvl1tgKqQuDo4wOzPrfVsbdBRR4OPqlERitEVpFtkiWh8Wc1HBaEMEnkOpBhUv2iTIKC6k9FHmCd6UkatGpS1cxIB7o_byXdJnGG7WYV76G2EHp83LAU0lwFBzn1aPaT9i-91Zmq5d4LL6h-zk9_L-IjY0dpWaxWAnfuQcWcj71qazB6GG1SVOBh_EVG7YAOLKPwnJ7I9p-tRSz7co0YoYz2RtArqdeUEF3T9JfFaykJU6rSEFxxOxjEFGaV5hAWuFtYE1MJVicGD0szOs_FTbFmdWdm431uxFetifh-Bo6LsagVVLh4qxPdHoHha9Wr2pNwzrScQ57cq3tYcJsmfEr9SHTmLm4nk0zOWnY8lhEHRkDwagR_Wj5vHnt48sLvcdOeypN1UFog4-laaHrGHuf_S2Srsi8HkhuJ3WMo1XKbCLkN2x1_ScJAjXBBSpWjUqKBuv5RabOR5zEbPb_Wl-METfIP5v1eRgHAUD-qm0Oc_qLVojclgF40fCm9wuvikvMbJqQlAchc_s6fPSPJovkTR4AkTSSNkJlEU4EP9BLabMYsymoSbyaHzoqHHjvJ7Wa9LQdyGlP4FHwiZ6V_8A0x0Yepe0xzmUlJMtlts-3O62x4n31EcxyJSqi6mex4P5moK2wMm1M4FN9cpUTYhvRjeR0eyfo5PLbohhLK_danvaPjJA2FJ69v4XiAhSiBcMzTEigvSQwZ-fQGWbAMmWf7RSe5AS9F7mgdi9nSkbXiMxNOn1ZbxCE3UJgyHeShpagE6XTjHE--6JExYcW1utQjuLdi92m3sEt9SsnIcUhWZeXdNOtiBhqXvBfPE_6EcNFLgk7m3SBXnexgf1b1f8CHQP8BhB_XPL7LlRg8-G4AbO2HzF_BrW-yMZKFkblLch9aFwuLgOF-bjrqn6WZb64fQfjuhZBzl3d9L5dXVh-xBIs9YKyqjb6DX-Ofw_DD_moAwiwvjGN_JK19N6jwuLn1XVidjDMBJO0QY30zsJvTDAbeK5VS_ejJSGNGtAUXB0dNJrUdgj7_My_Ppmb0HBQGnhJ3Xv-WemQjDozoB4J54IRupSUJ87vXvheUy5Sh9O7I-f82DoEcpi7pL-hbhifyKPt-i3QIj4uCIctHdkNIJgY2VquPtsygaiyYUeEg5-8jw715ER0fdtaE08rK4UjV1aN8j5I7Gpl0QHAn4vU3&cid=CAASFeRokhbE1EoCv3R3zOKcAGIEccdsoA&rfl=1%2Chttps%253A%252F%252Fwww.suarasurabaya.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:10:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9263
x-xss-protection
0
server
cafe
etag
16747441857000454541
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 08:10:51 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E4C6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AaO7P4Tk4nLIW3awZWwsJxeVjJr3LWOm1rn95_uyhC-4cqgFVyMKZfoWRUynD7ByQsjFMlzMCX9nf_-ZKLaLMzVPfqGROOAdDXmT40MHLXyjeyuVib3b4FcV6l6xaSPNFJzqJig2iJWuBEJFXNE30otXFAlA&cry=1&dbm_d=AKAmf-B_x4MVdDXUJ0qS63Ci7SHe6-RN7SPOmwLAwroQKVboBTLWbJmcr1e_LDenGSc-ShzukAwjkV2-wJZgwaLU5dVgQdeD5qYfL3jS31o-d0h1DkMbGVkyGfS1elYbCWWJBAudNYp92b5HpqDKkB31x0YwExsYa-W5VbRM7SIfIMjrEG-JpF83umDRPXU6odEx-FeJtlnoLFh3drhTuWIJQleDDPx-QbCzEMsHc3iSLAiyb0klnj5dXhWmQJLAyA6uXonFJcoHhz5BGMpjpe3EgDI75CRdTV-n2va3mqgDRA1t4iEc3fiSbB_lLz_gyAIn2jFk8k-Bnw3-iqznjhsi-dz3OSCX1gsqRp9CMoILQwXxOxw5wyhPyNq2rcelFZgptbawIPPtOZWfMyzjxlRylb-4YqRcWGnNKZH58UnHY7WeKaJTMpzZgSpt-gjKn6YOkG_sh3gkGMla1Me432H2-yt_ORL4MNoOmjb5GLrxdEU_T0hZ8pspDEoayWkUBrMbcVYFrCjxme_l-YNtDUV7mDhWydKMlsC7rPWNCqaWc-dfhvzIv5JWykJbfbXDeDA-zCUbn8k_xbQKjGxqObX4iiOMJvCNMvws8GkinK5_yWG8YSQ-aPN0EQENAj0GKl9jLmK_LyurrX6HTWZY0NgSot2lNxVNUwxcvHkLvHsY0fPG-S9lOl97PuTEn-idm6kovYIqWJ99ldjKS0KwVEdMgr211t0IlUcGVIKoiMHp68CpvgJMq9lPBwTZE-7Te3l4QVGAOaTvFdN2snITguUlGslhTZly8blLdJug510ayVM7t0cqYDbcHKipeoDl2Os2uQqf4W_qBShSiRGFcT7i5MG9aCodNSbJc-i91BPwNSTXvyk6VuAND0-NhFFMNxYYeiYKKtFT-0K2Bz-nuiLvLle051gWxaLKXmBINH1U27ndY8S0h4GLCus7c65g0UU8kwd6vOVKLou8cVnletzNVYZCB8m9X2VZGEaM7gO-_F1lv76cmYvZJb1kfSV8p9DFuCajxgM2T4UOS-VJQLseEJV0C-PbiJhE9SMwvwKS2prZz8HAJOxyS5e_Wj-0rVKIC1cs0KlBo_6kziFZnu9Bv2KUaARhlni4BB8Ul0pwzMu-7-TvYESAJk_xhAaTyeHH-y4pKOzufDWY-dedNpIbVjzG3mntq3lQLPqedPILlPcdOqHi4Eq0__dzNPVxtaA93rnA8pn5HaaP_93A9pdzYYkVkBeKiBAvY3DRZnygZQ1rMHbcVhWB40IIJfZlCDGQSWX3V4BF1yHcOLCk1cRYDYp2oShagmkdK0Y3n2PeRUMzKTyYGeAMYy1sQGelZu8oQl3yNLYjwKyzzqO2SZw-wRy0uC7gPNG0dsCd3SYgTqk2NnXp17wBe8EzNiKs71QcibpfCJjsTlsrz-Qw_y2brGFhU0CTGxgoQJKF7x0ckDd7wbD1hf9GNw9yO3P15ZuB2-eg1OIoxvQ0S73x98BuQtSEkcUSvig2EbMwCZcrGB6BIIKxDCHQJ9gOerhVeWJVmlhCxCOzv5bpkmakw6P93nN5zFMSexsBv9QKZgJ56dhOpT7RtvNLorkYKSy2qf-kuR4T_u3Y7VGWkRrw3wRGUJA1ZtcMM6MslWk8xL6eTPx5CXpNsjT785DG_I7PdWqGhhgGF5biSTx0Bm8gH42WqSP4RftcraCKtOCuQlQgJf9CmZ6OFV-G5SidFo3QVVE4v3aDQzsx1pFOqiRxOqsG0LON4Ic6EmRV4zB93LCADA9zy3HR6uzzzx2o461PSPydBb4uOvtQBFe-bWWMj9gH6R8ZOI_ng9a_hMuNyZWqNc2c3LzyjanSuUMtzAnXkjGtazKni7UB-nSU0ZcSf56GIurPLeQXT9FTyVV6F2psJ7xJSvM-9rLqQnrFuuH4CYr3TjIX5Z5UokMEIB3F1nZR_x8rz732vka8xzk6Eo_ICPUk2mq5Ta98NTSMaRdMbk1ySJkLPumNwSSfdkTu2G3NeB55tahktaXl1PJAZI6RJlx8mtFnMHY8TeA7Y7-UkzKSTo5fSNhiyLg34pFI2tSrLoEAnorCfvl1tgKqQuDo4wOzPrfVsbdBRR4OPqlERitEVpFtkiWh8Wc1HBaEMEnkOpBhUv2iTIKC6k9FHmCd6UkatGpS1cxIB7o_byXdJnGG7WYV76G2EHp83LAU0lwFBzn1aPaT9i-91Zmq5d4LL6h-zk9_L-IjY0dpWaxWAnfuQcWcj71qazB6GG1SVOBh_EVG7YAOLKPwnJ7I9p-tRSz7co0YoYz2RtArqdeUEF3T9JfFaykJU6rSEFxxOxjEFGaV5hAWuFtYE1MJVicGD0szOs_FTbFmdWdm431uxFetifh-Bo6LsagVVLh4qxPdHoHha9Wr2pNwzrScQ57cq3tYcJsmfEr9SHTmLm4nk0zOWnY8lhEHRkDwagR_Wj5vHnt48sLvcdOeypN1UFog4-laaHrGHuf_S2Srsi8HkhuJ3WMo1XKbCLkN2x1_ScJAjXBBSpWjUqKBuv5RabOR5zEbPb_Wl-METfIP5v1eRgHAUD-qm0Oc_qLVojclgF40fCm9wuvikvMbJqQlAchc_s6fPSPJovkTR4AkTSSNkJlEU4EP9BLabMYsymoSbyaHzoqHHjvJ7Wa9LQdyGlP4FHwiZ6V_8A0x0Yepe0xzmUlJMtlts-3O62x4n31EcxyJSqi6mex4P5moK2wMm1M4FN9cpUTYhvRjeR0eyfo5PLbohhLK_danvaPjJA2FJ69v4XiAhSiBcMzTEigvSQwZ-fQGWbAMmWf7RSe5AS9F7mgdi9nSkbXiMxNOn1ZbxCE3UJgyHeShpagE6XTjHE--6JExYcW1utQjuLdi92m3sEt9SsnIcUhWZeXdNOtiBhqXvBfPE_6EcNFLgk7m3SBXnexgf1b1f8CHQP8BhB_XPL7LlRg8-G4AbO2HzF_BrW-yMZKFkblLch9aFwuLgOF-bjrqn6WZb64fQfjuhZBzl3d9L5dXVh-xBIs9YKyqjb6DX-Ofw_DD_moAwiwvjGN_JK19N6jwuLn1XVidjDMBJO0QY30zsJvTDAbeK5VS_ejJSGNGtAUXB0dNJrUdgj7_My_Ppmb0HBQGnhJ3Xv-WemQjDozoB4J54IRupSUJ87vXvheUy5Sh9O7I-f82DoEcpi7pL-hbhifyKPt-i3QIj4uCIctHdkNIJgY2VquPtsygaiyYUeEg5-8jw715ER0fdtaE08rK4UjV1aN8j5I7Gpl0QHAn4vU3&cid=CAASFeRokhbE1EoCv3R3zOKcAGIEccdsoA&rfl=1%2Chttps%253A%252F%252Fwww.suarasurabaya.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 14:43:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63113
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Aug 2022 14:43:09 GMT
html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame CDAC 		169 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 16:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59842
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Sep 2021 16:05:57 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/elements/html/ Frame CDAC 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_cO9Cv56D3sGpW0C7VVmHSI4WH0ai7gXrSxoNm5y6ZN8dEa7FI30UjEciRJ9m4GV7hexrKTL25cTfLk7-NTKAcStymCRBkSveZvc52VagkdtQdB2hbx4crjsXTOl3a6c92QOU2Vi93w9hccwoJJB4_LscYw&dbm_d=AKAmf-BuUbLcz45lprPvM5jJQ3iaBk2Xv10wq4aKpj5_L1FnI5JJ5-6ikb9uc_CXu6DiJVbHJ04uboNSBCEeEIgr79telNgRTec-T0r1qLXx292OJmpqv5o4P9Tv7zeozEkyBnU7GxLgacFk-zHRVjuvY1N6cH5_ut4UkbWNFwUIJw0tB3q2iyMToKa2oy-580f-ytUVIfl3z6YcZsiiIfQbxhKBWqHoflI0XFHMPmvsUqPFt6Rh44t2uayoPCYaFXEZwzJcgoPei9oxj91xucl4f1wL4gI-3QDhgUk_VS4HurD5LkPesckwkDy2PAdDx9cRKgLo0BPVpEGn0TulkcTBZVMw8dF9nFZ2vjsixLNnxcSvrZXBSN1ko5daxmcuiWklKO6XkIH2sY_UXge759uT_AHoyXI-WxYl-96S3xCBlUrgqq7XSMivkzMztSQjQIRdZuPER8H0aBnb95w_Ybjk_llplJ-JKz-TjDMPtv6-A9DX8aO7syML-kLgX24eEepiCrtRuNPHgGSKgxZC69EEHSB43ojqQLVWeK19q_NJlMo6AzHyPZmQqPTcXU7_rizlx_TaZ-DlzaDB0utLfwe-pPC0eOXUozHXvcVqdoxdD5c_VdA-bOXYYmrDIfQkJ0LdhTZ3OTZ1AeMYNQPwScvzMNs6a1-RsmlNk-QcUldekpgJTRAuLJVmSsP49wXwJCZZeyn3zsf1ZzsSi57mM7OOFNSCbd4y_BMbAXzXnHG1cnz0XXFCw5W2vviXYKPZRB82d5NCeiqcw7z10yExTnNkl8fzfztdG4ObiQe7HVKR7WMJ-vxE1j4EyQc3-tQvrO_7oNbLWJYtAe2UIEMIBvelGNReqvuyIjXAncbAwrB0ZXN5yhxNRRDueDr_mh1vU3nRfK5rJ5Qh0T0X5si4Y9VQB-HJ8TerMCq1erwbmGsHbK1RLUhAewZru_fFCeuqtucRhhkLGaEFM6EdFbfW7Y0W5d8_b9bOaDKpTZtLomOt7WiCdvi31rtEpIbVy0Kgds6dZdIiv33v0qSCgGtEdGjhs0q8D_YkmOnuq9Quxw6Q5IM1q5CmGpD9tH9-MzcAAunvwcojOKnqHmYUr3GqyuLLISCz28IqI8TWZA1bD8jj9OqT1hg0-W-AARVwyMYQP_al7nqzSrEgGF7D9S2Xv5YP0EZAefPVbky3hELdmQdWP3laoB8fMtBrbgpk5tVi6Duu73r83WtdbWdPW4qZ1uPNMLBvzOWo1TEvq-4GcGI8JDhQ_gkp8XQCkNwL8T6VUjwlRC5V6gwQWdsqZbPGmluO0-mXCMIVS9roEMH3snHhmgaQtSh6cd2HTYlSBBC4NL7DtGhhGv63QI-3C6UCbnDDq1GYSHfeVsLHvDMpiTjEwV993YGBo027jX03klCux2cX8swhcs6W8PjriMGzQa3GRnTQLyHdTA7YKnsw69BftjR_DNk0qjkAWpUH-LxpxCi2oYVXFnoqBH-IBayTnlnPQ7tURpfxxM9Z64T9VtwBL6SX-HVX5ThdBpB4voWduDfX5fgg5EOkox9w95EHWsinnLbkC9UF44mMZx553z-7KUOtlVg25Ino-sJJmBBlixP8RaaKUN2L3mnsw_6Hh0D4LIWk4Wg9j0eTZaRwZOoiSf6iXWwYjk9YIg-09aHnHfbDhsED59pY9sA8dJk7C-L7u_YqWndgAT-eKzToM-svSrSR377lWLyFpzCxqtzOOryW4Xiwy4NcJdPDivdcWv4rTd4vfa-YbDSEhcoYjQsW-E7EBlPVmYNkOkkA9-5-5A52Wuz7hoexLMjO7liv_2vCBtMJxVO-_2Wl4AAEBOruYxDUwXxqGBX_T9S7i0ZST7_GKDLx_4ceNGDPum8cSdcNIbf3dYBmc__p7GdCB3FhUAj_zAQzHXlVfLoQuAjMot0UE5rR2A5SP8u07akdHEU0Z2FGm8nnrl2b4k8TPSlqqqDvDAeqGVfCdBW4UMcwD_IFKx-THp2er00VH_EwrHjbQSXHMWGQ2OY_gV6BF-tHPTa4P_FhiftkIm5ULWSP06ZjiZY71oLqNw4QdZ9xRedVQUVbJqXnmaFMMCagi9jssRFuwgjZJyfbDSk9nt0K_pP-rIC4F7fUgVFYiNcAZmvonuitEY6NhKfBsLEhs01Zt5SNTRWw2-z1ZTs1-HwpV2JklXf11FOEECg9KxoLRklVZiJ-wamIrRc0DkvV-kPyQ4OWp8bO-5ZVTGlPYoZHU1NqvowwUHlRAxtQVa6zV7oLahKZEv9LKKbxv9NYQxwly42f0lH7fC5EYuowqXSVFalCh7NJOehp9zox0z75TikcfTxLxyTjiEQDD6gtbODpQhS0F3g6VNMMgQXMzASroiCqgY0J2H89v1vHI92eKg7pL825M24CSw3Sl5ZmYDNBwu8YesAVQFWdZR0cbPoB_fP2m8jXxyjW3SIgmwFnDa6wBsb_QbIgljol-ku277dwucTqEEuTn8KGNZyZTbjbRla-usy253FQKzicaie7WiF7dJm72WYWvrNC0pOHkedW-phMdP4uOUGfaaoVubEML8KQ1AnlLJiA0lh0g5F8BQNHWUb3aCCU7UjvghpQBgnhZIxCUcnhDJdEHZANGOrZasV3leW_oQ_SPp7qBT51HHFwcch1Fpza93MRwHj31EdRvIMtupGvrDsss_7ZFkEfm1Zs89XODWN1ewU3DdskO3iA-UToBqfAmZ2M32vyxma5lRPbGdT0xasePeJY5BelfeXuCzqkiiUjmCHZweVVdmL9kUchcQWlzQiVt36vBZmu12hZIYqqSsrXOA3QB7eP3PAr0gym-3TKmAK4b5XKgZ19VQkq_sgVKkN6wDtTOGHjY68JC_5KRsm3M55GHSFELgJaGNgn1PmaI68nJnhUuHRC5oLLPkF5MuT_XQPxaGNfoIxqbhGJyOgeKCjM1Xetm-SSXmzSo08iTDF0uNIGhMSyykmDcIRa5BhOgAEyt9z_mslqT-tPt5QEBU3moh6hV7Zf38in1VzJ0qx5oaPsKXU9LVeS4nHgx69DLctqQM5iS4ICGuAKppF13qbKF_Gs2WFXFw9UDIbB8izyXY-RAXuPN-dx-xCTd1WXaFSNA-_JiRxkoIP1AemzkEKMHK2Uteeyt9UNjUZRQ1tAiMk_J7zMPyxCT7mRKvf040jbuy3DGDp-VvGYEj-Vy8xgvAVCBMig91yATZ1c1_0MYsVAxvVqPEaV26q4hw&cid=CAASFeRoayn7UW7DxRQakEV7_sbJYR7tyQ&rfl=1%2Chttps%253A%252F%252Fwww.suarasurabaya.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 08:13:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame CDAC 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_cO9Cv56D3sGpW0C7VVmHSI4WH0ai7gXrSxoNm5y6ZN8dEa7FI30UjEciRJ9m4GV7hexrKTL25cTfLk7-NTKAcStymCRBkSveZvc52VagkdtQdB2hbx4crjsXTOl3a6c92QOU2Vi93w9hccwoJJB4_LscYw&dbm_d=AKAmf-BuUbLcz45lprPvM5jJQ3iaBk2Xv10wq4aKpj5_L1FnI5JJ5-6ikb9uc_CXu6DiJVbHJ04uboNSBCEeEIgr79telNgRTec-T0r1qLXx292OJmpqv5o4P9Tv7zeozEkyBnU7GxLgacFk-zHRVjuvY1N6cH5_ut4UkbWNFwUIJw0tB3q2iyMToKa2oy-580f-ytUVIfl3z6YcZsiiIfQbxhKBWqHoflI0XFHMPmvsUqPFt6Rh44t2uayoPCYaFXEZwzJcgoPei9oxj91xucl4f1wL4gI-3QDhgUk_VS4HurD5LkPesckwkDy2PAdDx9cRKgLo0BPVpEGn0TulkcTBZVMw8dF9nFZ2vjsixLNnxcSvrZXBSN1ko5daxmcuiWklKO6XkIH2sY_UXge759uT_AHoyXI-WxYl-96S3xCBlUrgqq7XSMivkzMztSQjQIRdZuPER8H0aBnb95w_Ybjk_llplJ-JKz-TjDMPtv6-A9DX8aO7syML-kLgX24eEepiCrtRuNPHgGSKgxZC69EEHSB43ojqQLVWeK19q_NJlMo6AzHyPZmQqPTcXU7_rizlx_TaZ-DlzaDB0utLfwe-pPC0eOXUozHXvcVqdoxdD5c_VdA-bOXYYmrDIfQkJ0LdhTZ3OTZ1AeMYNQPwScvzMNs6a1-RsmlNk-QcUldekpgJTRAuLJVmSsP49wXwJCZZeyn3zsf1ZzsSi57mM7OOFNSCbd4y_BMbAXzXnHG1cnz0XXFCw5W2vviXYKPZRB82d5NCeiqcw7z10yExTnNkl8fzfztdG4ObiQe7HVKR7WMJ-vxE1j4EyQc3-tQvrO_7oNbLWJYtAe2UIEMIBvelGNReqvuyIjXAncbAwrB0ZXN5yhxNRRDueDr_mh1vU3nRfK5rJ5Qh0T0X5si4Y9VQB-HJ8TerMCq1erwbmGsHbK1RLUhAewZru_fFCeuqtucRhhkLGaEFM6EdFbfW7Y0W5d8_b9bOaDKpTZtLomOt7WiCdvi31rtEpIbVy0Kgds6dZdIiv33v0qSCgGtEdGjhs0q8D_YkmOnuq9Quxw6Q5IM1q5CmGpD9tH9-MzcAAunvwcojOKnqHmYUr3GqyuLLISCz28IqI8TWZA1bD8jj9OqT1hg0-W-AARVwyMYQP_al7nqzSrEgGF7D9S2Xv5YP0EZAefPVbky3hELdmQdWP3laoB8fMtBrbgpk5tVi6Duu73r83WtdbWdPW4qZ1uPNMLBvzOWo1TEvq-4GcGI8JDhQ_gkp8XQCkNwL8T6VUjwlRC5V6gwQWdsqZbPGmluO0-mXCMIVS9roEMH3snHhmgaQtSh6cd2HTYlSBBC4NL7DtGhhGv63QI-3C6UCbnDDq1GYSHfeVsLHvDMpiTjEwV993YGBo027jX03klCux2cX8swhcs6W8PjriMGzQa3GRnTQLyHdTA7YKnsw69BftjR_DNk0qjkAWpUH-LxpxCi2oYVXFnoqBH-IBayTnlnPQ7tURpfxxM9Z64T9VtwBL6SX-HVX5ThdBpB4voWduDfX5fgg5EOkox9w95EHWsinnLbkC9UF44mMZx553z-7KUOtlVg25Ino-sJJmBBlixP8RaaKUN2L3mnsw_6Hh0D4LIWk4Wg9j0eTZaRwZOoiSf6iXWwYjk9YIg-09aHnHfbDhsED59pY9sA8dJk7C-L7u_YqWndgAT-eKzToM-svSrSR377lWLyFpzCxqtzOOryW4Xiwy4NcJdPDivdcWv4rTd4vfa-YbDSEhcoYjQsW-E7EBlPVmYNkOkkA9-5-5A52Wuz7hoexLMjO7liv_2vCBtMJxVO-_2Wl4AAEBOruYxDUwXxqGBX_T9S7i0ZST7_GKDLx_4ceNGDPum8cSdcNIbf3dYBmc__p7GdCB3FhUAj_zAQzHXlVfLoQuAjMot0UE5rR2A5SP8u07akdHEU0Z2FGm8nnrl2b4k8TPSlqqqDvDAeqGVfCdBW4UMcwD_IFKx-THp2er00VH_EwrHjbQSXHMWGQ2OY_gV6BF-tHPTa4P_FhiftkIm5ULWSP06ZjiZY71oLqNw4QdZ9xRedVQUVbJqXnmaFMMCagi9jssRFuwgjZJyfbDSk9nt0K_pP-rIC4F7fUgVFYiNcAZmvonuitEY6NhKfBsLEhs01Zt5SNTRWw2-z1ZTs1-HwpV2JklXf11FOEECg9KxoLRklVZiJ-wamIrRc0DkvV-kPyQ4OWp8bO-5ZVTGlPYoZHU1NqvowwUHlRAxtQVa6zV7oLahKZEv9LKKbxv9NYQxwly42f0lH7fC5EYuowqXSVFalCh7NJOehp9zox0z75TikcfTxLxyTjiEQDD6gtbODpQhS0F3g6VNMMgQXMzASroiCqgY0J2H89v1vHI92eKg7pL825M24CSw3Sl5ZmYDNBwu8YesAVQFWdZR0cbPoB_fP2m8jXxyjW3SIgmwFnDa6wBsb_QbIgljol-ku277dwucTqEEuTn8KGNZyZTbjbRla-usy253FQKzicaie7WiF7dJm72WYWvrNC0pOHkedW-phMdP4uOUGfaaoVubEML8KQ1AnlLJiA0lh0g5F8BQNHWUb3aCCU7UjvghpQBgnhZIxCUcnhDJdEHZANGOrZasV3leW_oQ_SPp7qBT51HHFwcch1Fpza93MRwHj31EdRvIMtupGvrDsss_7ZFkEfm1Zs89XODWN1ewU3DdskO3iA-UToBqfAmZ2M32vyxma5lRPbGdT0xasePeJY5BelfeXuCzqkiiUjmCHZweVVdmL9kUchcQWlzQiVt36vBZmu12hZIYqqSsrXOA3QB7eP3PAr0gym-3TKmAK4b5XKgZ19VQkq_sgVKkN6wDtTOGHjY68JC_5KRsm3M55GHSFELgJaGNgn1PmaI68nJnhUuHRC5oLLPkF5MuT_XQPxaGNfoIxqbhGJyOgeKCjM1Xetm-SSXmzSo08iTDF0uNIGhMSyykmDcIRa5BhOgAEyt9z_mslqT-tPt5QEBU3moh6hV7Zf38in1VzJ0qx5oaPsKXU9LVeS4nHgx69DLctqQM5iS4ICGuAKppF13qbKF_Gs2WFXFw9UDIbB8izyXY-RAXuPN-dx-xCTd1WXaFSNA-_JiRxkoIP1AemzkEKMHK2Uteeyt9UNjUZRQ1tAiMk_J7zMPyxCT7mRKvf040jbuy3DGDp-VvGYEj-Vy8xgvAVCBMig91yATZ1c1_0MYsVAxvVqPEaV26q4hw&cid=CAASFeRoayn7UW7DxRQakEV7_sbJYR7tyQ&rfl=1%2Chttps%253A%252F%252Fwww.suarasurabaya.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:10:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9263
x-xss-protection
0
server
cafe
etag
16747441857000454541
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 08:10:51 GMT
rum
dsum-sec.casalemedia.com/ Frame 81CA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOCLbC0XQDUQUbbTsHWBjd0&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOCLbC0XQDUQUbbTsHWBjd0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-hNBDg0zcYn_SknQEwAQ&v=APEucNWCrojH3ldRpPSKzzO7crHhWZq9i-QX_zvKUqx8CyzteBeGo2ADSgopYh7niHvsnEa9Tg1s4Qaf3HDRhuFFJElBWcTO31lRYILOQcUDExheuSjxQf9eBNPLuzpJWcU7VKovUlcxFc1KfhvKZxJ80c0CMIK2gI4dJ00JGeunNQAJGh6w_Mk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 08:15:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 01 Sep 2021 08:15:02 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOCLbC0XQDUQUbbTsHWBjd0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 81CA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YS82hseYsp-kANP0R9S4YgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOCLbC0XQDUQUbbTsHWBjd0&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOCLbC0XQDUQUbbTsHWBjd0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-hNBDg0zcYn_SknQEwAQ&v=APEucNWCrojH3ldRpPSKzzO7crHhWZq9i-QX_zvKUqx8CyzteBeGo2ADSgopYh7niHvsnEa9Tg1s4Qaf3HDRhuFFJElBWcTO31lRYILOQcUDExheuSjxQf9eBNPLuzpJWcU7VKovUlcxFc1KfhvKZxJ80c0CMIK2gI4dJ00JGeunNQAJGh6w_Mk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 08:15:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 01 Sep 2021 08:15:03 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOCLbC0XQDUQUbbTsHWBjd0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 81CA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJgBPrYaajVHWXnJbxYu_mo&google_cver=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJgBPrYaajVHWXnJbxYu_mo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-hNBDg0zcYn_SknQEwAQ&v=APEucNWCrojH3ldRpPSKzzO7crHhWZq9i-QX_zvKUqx8CyzteBeGo2ADSgopYh7niHvsnEa9Tg1s4Qaf3HDRhuFFJElBWcTO31lRYILOQcUDExheuSjxQf9eBNPLuzpJWcU7VKovUlcxFc1KfhvKZxJ80c0CMIK2gI4dJ00JGeunNQAJGh6w_Mk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 08:15:02 GMT
X-Proxy-Origin
159.48.55.5; 159.48.55.5; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ecc68bc3-1da9-49c8-94d4-166db311e4d1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJgBPrYaajVHWXnJbxYu_mo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 81CA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyNzkwNzUxOTE0NjQyMjQyOQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyNzkwNzUxOTE0NjQyMjQyOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-hNBDg0zcYn_SknQEwAQ&v=APEucNWCrojH3ldRpPSKzzO7crHhWZq9i-QX_zvKUqx8CyzteBeGo2ADSgopYh7niHvsnEa9Tg1s4Qaf3HDRhuFFJElBWcTO31lRYILOQcUDExheuSjxQf9eBNPLuzpJWcU7VKovUlcxFc1KfhvKZxJ80c0CMIK2gI4dJ00JGeunNQAJGh6w_Mk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 08:15:02 GMT
X-Proxy-Origin
159.48.55.5; 159.48.55.5; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
dbd4196e-0c56-4ff1-9781-02e1491a06c1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyNzkwNzUxOTE0NjQyMjQyOQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 6728 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/H0ZEmIz7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8727
date
Thu, 26 Aug 2021 04:09:29 GMT
expires
Fri, 26 Aug 2022 04:09:29 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
533133
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sd
us-u.openx.net/w/1.0/ Frame 5479
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKsjXIBLXH-GfFt6F-KSVwk&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKsjXIBLXH-GfFt6F-KSVwk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYhdbZlQEwAQ&v=APEucNWzJMqpC58rDsRtPLvEtNdeNGY04kOFxaoTJmoAe6HqwJFeRo09CsKN8ZpuMszKFb-9MjF9WnDjhxywOnEoCY2pPVNugnw29mjhp2Vytc11Qx2RRZvaMdYu3Asq1ZTdAT1003xDs_Z8T3VIFp03u_Wl3M690XUwo_xqLKHfYs3wNBKS4eI
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:03 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKsjXIBLXH-GfFt6F-KSVwk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5479
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWM1NWRkZTEtY2UxMi0yZTI4LWYwZjktMGE0MTYxMjQzNWU3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWM1NWRkZTEtY2UxMi0yZTI4LWYwZjktMGE0MTYxMjQzNWU3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYhdbZlQEwAQ&v=APEucNWzJMqpC58rDsRtPLvEtNdeNGY04kOFxaoTJmoAe6HqwJFeRo09CsKN8ZpuMszKFb-9MjF9WnDjhxywOnEoCY2pPVNugnw29mjhp2Vytc11Qx2RRZvaMdYu3Asq1ZTdAT1003xDs_Z8T3VIFp03u_Wl3M690XUwo_xqLKHfYs3wNBKS4eI
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 01 Sep 2021 08:15:03 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWM1NWRkZTEtY2UxMi0yZTI4LWYwZjktMGE0MTYxMjQzNWU3
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 5479
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEOCI9EpZlncjQtiRlzy1M-I&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEOCI9EpZlncjQtiRlzy1M-I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYhdbZlQEwAQ&v=APEucNWzJMqpC58rDsRtPLvEtNdeNGY04kOFxaoTJmoAe6HqwJFeRo09CsKN8ZpuMszKFb-9MjF9WnDjhxywOnEoCY2pPVNugnw29mjhp2Vytc11Qx2RRZvaMdYu3Asq1ZTdAT1003xDs_Z8T3VIFp03u_Wl3M690XUwo_xqLKHfYs3wNBKS4eI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:03 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 01 Sep 2021 08:15:03 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEOCI9EpZlncjQtiRlzy1M-I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 5479 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYhdbZlQEwAQ&v=APEucNWzJMqpC58rDsRtPLvEtNdeNGY04kOFxaoTJmoAe6HqwJFeRo09CsKN8ZpuMszKFb-9MjF9WnDjhxywOnEoCY2pPVNugnw29mjhp2Vytc11Qx2RRZvaMdYu3Asq1ZTdAT1003xDs_Z8T3VIFp03u_Wl3M690XUwo_xqLKHfYs3wNBKS4eI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:03 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 01 Sep 2021 08:15:03 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7238 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 31 Aug 2021 14:43:09 GMT
expires
Wed, 31 Aug 2022 14:43:09 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
63113
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request.php
hal900014.redintelligence.net/ Frame 3EB5
Redirect Chain
  • https://hal900014.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=1c02290ea9&subid=&uid=bb613eb8c8606447&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900014.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=1c02290ea9&subid=&uid=bb613eb8c8606447&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=1c02290ea9&subid=&uid=bb613eb8c8606447&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCa0IBhTYvYcbRIqjR7_UPzvOaiAPisNzwX56J1vuJC_AuEAEg9Ov2K2CRhICA_BfIAQmpAjlSz2UbzLM-qAMBqgTYAU_QL_GwRcqK1bW33DcwbP9DRZa-lwf1EJfD1Ns9tz_ES_SGYl4Ne_GSE7xI7Dn4m8o7VgeOWbyoPrBcVkYIvJD7V_LBQMyZcE2jpQetmIybU5aX3Qt4Jq5lgEf0o6QHR6ZIexJI96xjxeXkX6QxewxvJEGyNNxnpELS50SWIdOjomNHO_KmUR4dRGNWbW0Q8q1IHhzOx138h7nkJZeP9rGgk2AYQ-6gqESzOy7krIW-6E-wapOIBKXM4rUqHYPeV5vgPzTgcgYopl-GOwC7G9hHXHtSIYnjcsAE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE7XWuQzQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRo0Nz4afzYy2R0kOJdJtGJTQ%26sig%3DAOD64_0oa9KkbfhOk818PHkTcvvF49SV0w%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-AERrIVMyOy-vcRN8HN_N7cCpGBCFpxJhSR3Vlkl4yuR-mo_5ePZ1BGzGg02veTYkP8gp5dYLgo680Ry2iXHaVu-vlhlBkI9OAaz_kKQpSUFwqAakk4EQ55rfR9kA9IW03YvGwtfETK-owPTm_3u86TGYqa_Q%26cry%3D1%26dbm_d%3DAKAmf-Aw-EptmaOE7mKYRoVJcOaKNesLeKoJFgK2hFcEaGRiPIgMVaeG-Qb0keX_yMgYQaP3p6RbGtEB_o0O-glb6cTKRjVjSzkTJ89w1O33y4dlOoykXZ5eUnIUWsoLj5AVc1uQhM6bIa7GgJWWe2B3g9AkHLlzD3Fmd3aSzTfBXSDR2RtCyQqUDyo0O4ZvN5LSCVhqmq8sd1ckfBRVzUi-ECC7mT0dCx645Far739snSnf4vWjYjVVXnnYdq_I8qlItC4kyOT21wko_MXcn0qwBOSuG_AztPEETLQMY_4uRUl2AGyqTZ4niDy0DH35eJtAdRpf43YJYs6b4XNYYbQNhQktShgZ0iYoT_kivDSRo_xAyAYJVzpQuE3idpu_7xPg_E511Um0bsYFda0wfs25fzO85_syEhJB5GiH036j2msxoG1PN5l87dMPx5wSjnQ--kiEkZKz%26adurl%3D&documentReferer=https%3A%2F%2Fwww.suarasurabaya.net%2F&ancestorOrigins=https%3A%2F%2Fwww.suarasurabaya.net&random=54030650472&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
8d34b1419d97caa5ba1b3d141799ae3d23377dd5a4f9113317c148110b5599b1

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 08:15:03 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
93811400051604900719590011704014
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1041
Expires
Wed, 01 Sep 2021 09:15:03 +0200

Redirect headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 08:15:02 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=1c02290ea9&subid=&uid=bb613eb8c8606447&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCa0IBhTYvYcbRIqjR7_UPzvOaiAPisNzwX56J1vuJC_AuEAEg9Ov2K2CRhICA_BfIAQmpAjlSz2UbzLM-qAMBqgTYAU_QL_GwRcqK1bW33DcwbP9DRZa-lwf1EJfD1Ns9tz_ES_SGYl4Ne_GSE7xI7Dn4m8o7VgeOWbyoPrBcVkYIvJD7V_LBQMyZcE2jpQetmIybU5aX3Qt4Jq5lgEf0o6QHR6ZIexJI96xjxeXkX6QxewxvJEGyNNxnpELS50SWIdOjomNHO_KmUR4dRGNWbW0Q8q1IHhzOx138h7nkJZeP9rGgk2AYQ-6gqESzOy7krIW-6E-wapOIBKXM4rUqHYPeV5vgPzTgcgYopl-GOwC7G9hHXHtSIYnjcsAE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE7XWuQzQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRo0Nz4afzYy2R0kOJdJtGJTQ%26sig%3DAOD64_0oa9KkbfhOk818PHkTcvvF49SV0w%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-AERrIVMyOy-vcRN8HN_N7cCpGBCFpxJhSR3Vlkl4yuR-mo_5ePZ1BGzGg02veTYkP8gp5dYLgo680Ry2iXHaVu-vlhlBkI9OAaz_kKQpSUFwqAakk4EQ55rfR9kA9IW03YvGwtfETK-owPTm_3u86TGYqa_Q%26cry%3D1%26dbm_d%3DAKAmf-Aw-EptmaOE7mKYRoVJcOaKNesLeKoJFgK2hFcEaGRiPIgMVaeG-Qb0keX_yMgYQaP3p6RbGtEB_o0O-glb6cTKRjVjSzkTJ89w1O33y4dlOoykXZ5eUnIUWsoLj5AVc1uQhM6bIa7GgJWWe2B3g9AkHLlzD3Fmd3aSzTfBXSDR2RtCyQqUDyo0O4ZvN5LSCVhqmq8sd1ckfBRVzUi-ECC7mT0dCx645Far739snSnf4vWjYjVVXnnYdq_I8qlItC4kyOT21wko_MXcn0qwBOSuG_AztPEETLQMY_4uRUl2AGyqTZ4niDy0DH35eJtAdRpf43YJYs6b4XNYYbQNhQktShgZ0iYoT_kivDSRo_xAyAYJVzpQuE3idpu_7xPg_E511Um0bsYFda0wfs25fzO85_syEhJB5GiH036j2msxoG1PN5l87dMPx5wSjnQ--kiEkZKz%26adurl%3D&documentReferer=https%3A%2F%2Fwww.suarasurabaya.net%2F&ancestorOrigins=https%3A%2F%2Fwww.suarasurabaya.net&random=54030650472&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Wed, 01 Sep 2021 09:15:02 +0200
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/ Frame DA93 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210830/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BOs6fb5jDIyNjkSsch8_I-jYCmCsV7IcrV5Dkf9daAQJQusr87-FP9IOkX9xWn9tlytJjIBK6IOs0Ge8-u8KdIXCDAARTzzZr29lyOz6bQmcXdPOdjR1ZmSRuCen30jZYxbBywew54HlP9G0L2ZTGFmjZ4FQ&cry=1&dbm_d=AKAmf-AM3gnaAR7XXGvNRWOGfMw26v7vG0wnFEYrEoL6EB6Hs2kugX9E_DHMdNlZWVztBisx2OQmxAQjK6SvYz9vhaRhgK2zHyijEz0vSA7LQH2ImXCTtI9_WNR8sqwYPkLdYeJqYrNw4EvWY8pPwK07krEZ-rx3vZK9OIHhWG_1hkj9AX3m37kXcSKcFy9n5UK1ohJ0aDU-pX_Cj7PKqAxZirhKJ1LQSrRmtZvkpOtYQn6MvQ_LiA20kEXldIfHgh3Yte_CmJaG0nDWQPmEChsAo69U7M3yyIwgqnC0EtM5omYFcsEQLQfy6rugg1KcczUn_ki8s8a-vGgHUTD95z1P29Fq4k9T2w84kAEAK4rsmVRv1ps_Df6oofgIpzF1xtjlcg84wE8Ps8VBE3yXN272rPiBylBujwSZ0hvi7mXE4x5q7OOgN5MfQf5OPjmYM3mTO8lU6VV0OXLhbYM5OzRLAL05xuXJBi50EiIa731hY_snOEHpD9f0GUkBfUDJFbaagv2Y_xA3v2fc_PTRdrXv4j_FJakrL188mReVcUJsyzJdv28oU2N_hT4zz0Rp8XZktiVgagiAG038SsSMwNuj3OSLtsp7H0AHogAYlE_B6TwKsQKZr7ySQGj0JuYY4Xg5hPZxygOUu5dKbDJ2BYJQ5f2Tcvg5hMbuUfTx8b_Y4Y3okeQZ7p90HYNZjCCCTWmCNpB59At7z93dLlJdHtGrl7N0Py4tgDxf55cxmUoUKDVDx9V2GpRgCwTPXRfVM5lYAxKsutnaNQE1kFzGBfo619GlCdUiv8jX_koSFDGJkg_Pk2KGB3IwlR7b63he9vDjvtz2huO983t6UX6jl67DsFBWiKaE0-6GP1WwusJKiFmHfAXdMYa1e7PTeITqdLbjQbiG8-qARspqcDYuZOMl7qqB0WBGiqhfvm7C4UpnGYTgDyx7bcm5SVGvL7VhozR-4DRiD3IgEMTVRgTXVI07VRkp5AuAVzQKhedno0-355-zRtKoOHiZckIEnMW6rNt54-5QgbAXKAiNo61SCkPnJwQ9WdJc35g81CbV3ZNg9A7KyK5EzcizL39N3uX71nSfvL_n9ZV3_pW3VI0FHc4YAuwkLfskPmw0mww2Z1aKonQPxjBUepVWqGm74It1Pesl951tSox1f0z3S8SkVMDnSmsnxErgSTzJb8Q9dI5ShfCrEB5LXhf32u9azVjEP_PZ6px0fINX8JTpArVVFCjTjn5hABLPr7ChEZdBLxf5rgSz6kozfH9_01IULfW2iGgmowwUcyklv5z6twWlV2doyvV4J-5a9FDrNEVuF0JDHxb6qVasPSMpdwTVPUx-qohVc9J-AVMciW1OUiV9rp46NIMNkd0TjQzfQW6hx-rrCkjIsuw5VlclXqeCMvnlX9xcaCmv8E4tqQQxMFf_qHkRxAOXXRUvOh1Vjoi4lyWS0r7vXQvDUIlwzjaOikQoayMYcItw-njcdvqLNu_Ucbce5bjM2vcJ1m8vJOrD6K-RI3b20XgEN9mqaNpWqa2PuYGZyELyiYTjxRE4dN_gerocuvlopjBldjaPDLZvGJLlTfui_3wFKUCev75w4z63L_0MgauPdx4AITQO8UKdWyaHlRaMtWtmH4LdSz6QNcefC3G9wxoaJpQB1fudc-C-HuS9c5qM3kwT-_hrTrRx_-8CDJAjr9djgKfNJNdb0ICkeo74nlIND9skYssNxhmGgZk-jXc_6Keq4Z7G0_NkMXzuWX28rz0jylHF-7VHokFousNSXeOmFZ-QODwA7PxNU-OO86IK5-UpiOySVp2SGCY-6VQE3hehclTf-UXVOS8CGfKxt8F4Af9zF-D8wfBTygK8VXNPS0nAdMQcgi2aETMT8-GI_RAF9yTJiiJyAMT_N2CitGrYAbjpIA5mgSMbPWoluztlos9iKkdZyeVHYYOGi1fKE_wN83DVwlsaLEUZmHq8zbhk1d2bIrpYlNKl9OvHkAPeGnAWS_mS9j847DdFGa8GpmajKwzibKtCaHtHwY5rJO8DbgpHZddM8EFCjLKebaiKknUlq3wMlBMDzvOrZ7WXW3IBfJ2UMiK2to9YVkf70pZJ0n6wyB4ExiSxUTBCVMnMHj-gKNH15bMQ6VSj86v1MBttJjvatp00v4Wn6LRkXRznul_Uf51XH0YJueMFziSyKIf1nmVAdBmKyGrAotKTqhFJTnE24E7rXKYaRAMloZbEQbmN3APVo2dpoaqRA5Rv_elbjypq538H5uIxnH8RsSYlCTU3OyI6pz0vq3OTuNo8rS9U_6b8We7V-TeXgMNgzDZ1lY4VJZDIMSIYZtM4yaWGVj4o5Slecl4qyauGUGGUYh_92g0ufj9b1GkJY9k4OBSiQ9H_grkMiBE4mvdUR2IbK1XCSsxnklH5oQ05r-rFz6PAjNLiNFZKd3T17GPzc66YL91GOJJ6xQZiykMMUqRX_pLi96UZz7iq5LdYJwytJevfFCyjLvLR-wEqFN9_SBhTW1vEaTS1_gg46omTXfKRseWCYO6YN6rO-7zUpR5rX1e0j0gi87ta3HOAdWxVnjSeiUe5wTfwlUhy_AKVzhB3O8Tylc8LQdTCPe9ByY5Y463nRTnjpGOKyvgxtd0U6GCJgH6IWGk18JkBCSqHRaM2oyyYVaztOkJdoAMTNSEBAb5pvAcwKrLyGGvF2NRWtOaNK0eYYwbFCaDkGBgoTosj0nD5TO1XZYLV0C3vUq5hh0iTJdLR0SRJ3bdXE8DWudihvTGHJA2XS8ZIHo1YzxLaqId9pWzwa6tytGQBJo6ulyHdoHMvm_tGfZGaQYEg1Nqcscpi8fQKohKj6fX0QhymB3_kiQf5ba2Wt0Qr4WW_2DNzBqtmxIMQ77tnmOC4tudJDpHLLgjthbyOHAsU-TSt9iboq_3JXpqHQB183nwEZ1gkVf4EQJI2d0Bo_Uua1gaU7COZD7lAwdmjaIYcxF9niYnoM9wAL24ausVoTqpY-PJRZ9b0PRlE9MoXHhAsTiTBfA9iW56TMMP5iBUoKXaJSi7W4QpxP_gMkQNUrFeJCY2BEosWzwNIDfBhMq0s6ak9Pq1mxuZ_jgRCeS5wRGGZ-ahh_uKz_7HIS9F-q62oNryCsB0ELkwQgvn-KBJZtAHBqMdoUv5OWRfRJqzkaE7uBWZ5BJf5z_7XAvebfbe49BzdDSwjZzXDRqx44bKMN9cipEJwjMjSsgpJd8BRs8RUJoNNor3RxF-aZ6RLwhl7WZlbHzVSp-9DwCtZpZF5xFgC&cid=CAASFeRo-rUev7yOOt93k1ZD4KnbERc4dQ&rfl=1%2Chttps%253A%252F%252Fwww.suarasurabaya.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:10:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9263
x-xss-protection
0
server
cafe
etag
16747441857000454541
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 15 Sep 2021 08:10:51 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DA93 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BOs6fb5jDIyNjkSsch8_I-jYCmCsV7IcrV5Dkf9daAQJQusr87-FP9IOkX9xWn9tlytJjIBK6IOs0Ge8-u8KdIXCDAARTzzZr29lyOz6bQmcXdPOdjR1ZmSRuCen30jZYxbBywew54HlP9G0L2ZTGFmjZ4FQ&cry=1&dbm_d=AKAmf-AM3gnaAR7XXGvNRWOGfMw26v7vG0wnFEYrEoL6EB6Hs2kugX9E_DHMdNlZWVztBisx2OQmxAQjK6SvYz9vhaRhgK2zHyijEz0vSA7LQH2ImXCTtI9_WNR8sqwYPkLdYeJqYrNw4EvWY8pPwK07krEZ-rx3vZK9OIHhWG_1hkj9AX3m37kXcSKcFy9n5UK1ohJ0aDU-pX_Cj7PKqAxZirhKJ1LQSrRmtZvkpOtYQn6MvQ_LiA20kEXldIfHgh3Yte_CmJaG0nDWQPmEChsAo69U7M3yyIwgqnC0EtM5omYFcsEQLQfy6rugg1KcczUn_ki8s8a-vGgHUTD95z1P29Fq4k9T2w84kAEAK4rsmVRv1ps_Df6oofgIpzF1xtjlcg84wE8Ps8VBE3yXN272rPiBylBujwSZ0hvi7mXE4x5q7OOgN5MfQf5OPjmYM3mTO8lU6VV0OXLhbYM5OzRLAL05xuXJBi50EiIa731hY_snOEHpD9f0GUkBfUDJFbaagv2Y_xA3v2fc_PTRdrXv4j_FJakrL188mReVcUJsyzJdv28oU2N_hT4zz0Rp8XZktiVgagiAG038SsSMwNuj3OSLtsp7H0AHogAYlE_B6TwKsQKZr7ySQGj0JuYY4Xg5hPZxygOUu5dKbDJ2BYJQ5f2Tcvg5hMbuUfTx8b_Y4Y3okeQZ7p90HYNZjCCCTWmCNpB59At7z93dLlJdHtGrl7N0Py4tgDxf55cxmUoUKDVDx9V2GpRgCwTPXRfVM5lYAxKsutnaNQE1kFzGBfo619GlCdUiv8jX_koSFDGJkg_Pk2KGB3IwlR7b63he9vDjvtz2huO983t6UX6jl67DsFBWiKaE0-6GP1WwusJKiFmHfAXdMYa1e7PTeITqdLbjQbiG8-qARspqcDYuZOMl7qqB0WBGiqhfvm7C4UpnGYTgDyx7bcm5SVGvL7VhozR-4DRiD3IgEMTVRgTXVI07VRkp5AuAVzQKhedno0-355-zRtKoOHiZckIEnMW6rNt54-5QgbAXKAiNo61SCkPnJwQ9WdJc35g81CbV3ZNg9A7KyK5EzcizL39N3uX71nSfvL_n9ZV3_pW3VI0FHc4YAuwkLfskPmw0mww2Z1aKonQPxjBUepVWqGm74It1Pesl951tSox1f0z3S8SkVMDnSmsnxErgSTzJb8Q9dI5ShfCrEB5LXhf32u9azVjEP_PZ6px0fINX8JTpArVVFCjTjn5hABLPr7ChEZdBLxf5rgSz6kozfH9_01IULfW2iGgmowwUcyklv5z6twWlV2doyvV4J-5a9FDrNEVuF0JDHxb6qVasPSMpdwTVPUx-qohVc9J-AVMciW1OUiV9rp46NIMNkd0TjQzfQW6hx-rrCkjIsuw5VlclXqeCMvnlX9xcaCmv8E4tqQQxMFf_qHkRxAOXXRUvOh1Vjoi4lyWS0r7vXQvDUIlwzjaOikQoayMYcItw-njcdvqLNu_Ucbce5bjM2vcJ1m8vJOrD6K-RI3b20XgEN9mqaNpWqa2PuYGZyELyiYTjxRE4dN_gerocuvlopjBldjaPDLZvGJLlTfui_3wFKUCev75w4z63L_0MgauPdx4AITQO8UKdWyaHlRaMtWtmH4LdSz6QNcefC3G9wxoaJpQB1fudc-C-HuS9c5qM3kwT-_hrTrRx_-8CDJAjr9djgKfNJNdb0ICkeo74nlIND9skYssNxhmGgZk-jXc_6Keq4Z7G0_NkMXzuWX28rz0jylHF-7VHokFousNSXeOmFZ-QODwA7PxNU-OO86IK5-UpiOySVp2SGCY-6VQE3hehclTf-UXVOS8CGfKxt8F4Af9zF-D8wfBTygK8VXNPS0nAdMQcgi2aETMT8-GI_RAF9yTJiiJyAMT_N2CitGrYAbjpIA5mgSMbPWoluztlos9iKkdZyeVHYYOGi1fKE_wN83DVwlsaLEUZmHq8zbhk1d2bIrpYlNKl9OvHkAPeGnAWS_mS9j847DdFGa8GpmajKwzibKtCaHtHwY5rJO8DbgpHZddM8EFCjLKebaiKknUlq3wMlBMDzvOrZ7WXW3IBfJ2UMiK2to9YVkf70pZJ0n6wyB4ExiSxUTBCVMnMHj-gKNH15bMQ6VSj86v1MBttJjvatp00v4Wn6LRkXRznul_Uf51XH0YJueMFziSyKIf1nmVAdBmKyGrAotKTqhFJTnE24E7rXKYaRAMloZbEQbmN3APVo2dpoaqRA5Rv_elbjypq538H5uIxnH8RsSYlCTU3OyI6pz0vq3OTuNo8rS9U_6b8We7V-TeXgMNgzDZ1lY4VJZDIMSIYZtM4yaWGVj4o5Slecl4qyauGUGGUYh_92g0ufj9b1GkJY9k4OBSiQ9H_grkMiBE4mvdUR2IbK1XCSsxnklH5oQ05r-rFz6PAjNLiNFZKd3T17GPzc66YL91GOJJ6xQZiykMMUqRX_pLi96UZz7iq5LdYJwytJevfFCyjLvLR-wEqFN9_SBhTW1vEaTS1_gg46omTXfKRseWCYO6YN6rO-7zUpR5rX1e0j0gi87ta3HOAdWxVnjSeiUe5wTfwlUhy_AKVzhB3O8Tylc8LQdTCPe9ByY5Y463nRTnjpGOKyvgxtd0U6GCJgH6IWGk18JkBCSqHRaM2oyyYVaztOkJdoAMTNSEBAb5pvAcwKrLyGGvF2NRWtOaNK0eYYwbFCaDkGBgoTosj0nD5TO1XZYLV0C3vUq5hh0iTJdLR0SRJ3bdXE8DWudihvTGHJA2XS8ZIHo1YzxLaqId9pWzwa6tytGQBJo6ulyHdoHMvm_tGfZGaQYEg1Nqcscpi8fQKohKj6fX0QhymB3_kiQf5ba2Wt0Qr4WW_2DNzBqtmxIMQ77tnmOC4tudJDpHLLgjthbyOHAsU-TSt9iboq_3JXpqHQB183nwEZ1gkVf4EQJI2d0Bo_Uua1gaU7COZD7lAwdmjaIYcxF9niYnoM9wAL24ausVoTqpY-PJRZ9b0PRlE9MoXHhAsTiTBfA9iW56TMMP5iBUoKXaJSi7W4QpxP_gMkQNUrFeJCY2BEosWzwNIDfBhMq0s6ak9Pq1mxuZ_jgRCeS5wRGGZ-ahh_uKz_7HIS9F-q62oNryCsB0ELkwQgvn-KBJZtAHBqMdoUv5OWRfRJqzkaE7uBWZ5BJf5z_7XAvebfbe49BzdDSwjZzXDRqx44bKMN9cipEJwjMjSsgpJd8BRs8RUJoNNor3RxF-aZ6RLwhl7WZlbHzVSp-9DwCtZpZF5xFgC&cid=CAASFeRo-rUev7yOOt93k1ZD4KnbERc4dQ&rfl=1%2Chttps%253A%252F%252Fwww.suarasurabaya.net%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 14:43:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63113
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Aug 2022 14:43:09 GMT
5imww12akvzn
hal9000.redintelligence.net/zone/ Frame E4C6 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/5imww12akvzn?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeu2AhTYvYbCCJJrF7_UPjayOgAbisNzwX_Pt7-n3DPAuEAEg9Ov2K2CRhICA_BfIAQmpAjlSz2UbzLM-qAMBqgTYAU_QTsquFnE9MA3cF38QloJWj1qT4ow3WNdbOVB9Zi6pxOPU4gx_ogYdzW91sXTk05s0_mMiGVUb9B3vMRTNCPYR6dG0_62BFBtPGgVchuGwBgS0ApjtzRWWtRk5FRgH6UH5r5p2CNUc5YBv0_gSZQl14WShrnT_8SCqVB46GjcSkLTcFc2KR1b0nzuHdJg56wNc_DmbrQiVEnImGVJNCMd0wMLbVKJWXzdN0k2fR-aMJmfmNzreUNw_JwknHfHm-wLCP4-cIASrl9EoA7PEOpNwNuSd5WTZk8AE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE7XWuQzQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRokhbE1EoCv3R3zOKcAGIEccdsoA%26sig%3DAOD64_3TtYVz_3ghZ-7dR_O5e8WzlmdkFg%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-Df4x2GbomhhDzD8v_IITvnoYGz4wCjVY7EG7fxnBf5K_K01SWf5QlMp4R8TFncDdzpz7DmmUTvlipF37EaeLDkjWKmseqvZbpqrpYbx0bDgtkfxEMlwRATrq9zUjrGlKlH00C-Q0AFzV0T3qRz7c5kqDUNSg%26cry%3D1%26dbm_d%3DAKAmf-B3KCjcM8I0h9vkPH3M1z7jDXEEXpJy8VcDm0d9n-UHt_1jNAT0UJ6s3RqeWJH6Qg_EHvs5JpUBzySIWevLcdm1QVzzF_hvzkuAGtYmzoqQf-708c43ub5KmCC6nK08eZuW0t8013EK-pSnWecQjyXR-pKk68axSeoITWte0BM5uvMSkadKjWX_n5WPv23_MGnnCWN7N9KeBfILR9dlT9WEOaahKZcHdKBdoLpdonuRdWc6k21WIcoockN9sJBmXIHCN7DfC6S86CFP2tqjvPi0eaChH8e8iBtr4uDNkoAbPOG55gZspV6anB-hqXq0MujOiZ3CHq4VhPXHJCN412ehu4Z2wlK9I_80PV3y5ILE5ydTjiuzYK_pcm1aeuwF6SwHlJkWYxmzydp9oAnb0z-qn_NrxAqXp_IFgJw1grpwFJL5NAsqwok7g6LIIW0ji_W2UOyrV3TJWELt_ql0LoVNqSKcQw%26adurl%3D
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
08085b7973ea30e5b854fc38ea84edafedb2367dc2ecaa640b242d9fa8b810e5

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 08:15:03 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3938
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/ Frame 5E0D 		8 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=bILBucNUMn&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e7a91c535d8b618c88df2d6f37bb2c0f37856e926aabc3a0f952a2dc790f76e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=bILBucNUMn&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1155
date
Wed, 01 Sep 2021 08:15:03 GMT
expires
Thu, 02 Sep 2021 08:15:03 GMT
cache-control
public, max-age=86400
last-modified
Mon, 16 Aug 2021 13:29:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame CDAC 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssgfXp_JYsf8YfbNBKkfROklkGnS2BlWvhDZll4ALG8aJux4Teotss_eI8jY9cUUUmeBNXpRTEhM4jorzn-oIoRUNsvQnPcVbsLaVs9wsw6NdP7B0yJ_h9in9wTOrfZBNZeURuDbYUDmzLscgLHx56HiSMVV0_djT8FlRJADpEamyV769dUsMveIQ6UNjHA9Js4sPw29cmSqlInEowMZzGmvS6x31CEfNtmwvpI3tMmfw5djtJ84ZjJZSEUJA1uRXWGn2e3D2E-kgZ2WtP-S-Zzc4rqnyPIniqVnnZM1EjcO2vbKtQi9Bd35vJ6ysx-rcADjHXke-VK_syGQAx8Jp4uZBri3pfze2b2ehq1qRF_OxAhzgTQx3rZ4ISMDZMGqHtwfbh8MdGW7C1vBSOzTN6h7A2m3rcdHiYoWFLFajUjbOIlREImKgGL7MTDXqsnTxREZB2Y38uWSoYgbqvCgGIIOKymv2JsLjVapPjgouFIzTrBfV_718rFVqkiv6LajziOM2V6J4sek7n-l95RmMYIoX-4V-zB8291y35z5d2ONOxWRE7Fm5q136GqnYMmqZ_AdaABQCOUerSutrvp7PcAmmt8XCxZ08bPya5CZq18KUdKKkEmL6FVSN4euFMsvitO-J5YF_8fgKIsuXTsLO7KF821dPrZDYc7fC_QTG6c0ROcXd-4pUUiQUOC_jcllCgdAStxuiJtINGdsKDTLbKp3aMfUu0fRMTi5vJml4jq_lxjMmopM8BxuliXmnvKQavWOTpoaeOIzM5X-6p6bTMmmD2_FYk3qYO2r1Cq8lT092O9AaX2XjYOuMBgedbsfdG8eLapuXyuOrBAkGhXzP1KdJ4QYxsD_rrkcpIpdsi9IUsWnWN2v8nVx-ndivIbiwvU7TLS-mkNxwI7iWkt1piNoKbIu8uiki0rCarT1fp6IRzxU9UUO032fXGSuM0jgotTmonCFKS8Xweg68PRoep9GaNYbTBLTmVbrnPq8EiQ8ChR72dGDYtNsy6izkswwaTMaf-H1Me9_9x6jaVqdkrnXsxd33MILYJV6ym5s3MHocMEfHbZS8VogbiGS8n6okDcYy0gbPgBRoOWGTRbfSoXE2WpOHmVWv6N8N9deCa4FoBPGmmS0pyKhtMRx8h1v51W6AHSv5epe2w9Zug5kXKInBryO_Crl7PdGkndFQZI2fcs-RIDWCbbhq2-AnyEs2SaCxAF5MrLv4gf8DFqzQp4scBYbEwZvNOkPdzhGd_A5132&sai=AMfl-YT2DbEL60R3lRk9av0Vcg49Mew6Pw0gLeAcUzTvyUzC47Lmgo4V953cupN3SElgN2jU1SuXBBGyrBRGxNjGzgFkIlES6ujVAD1b0ZnhYOqkqGE0kSmXpyp9bx55Z-OS30n3MOHQSwdTOMzh830P3kZo2P2zkx_NbYoF0FWVccCaSLY1OGkRL5B6kPVQAw&sig=Cg0ArKJSzF6iryzXKIpQEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=476&cbvp=1&cstd=430&cisv=r20210830.98584&adurl=
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 01 Sep 2021 08:15:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel.gif
opt.objectiveportal.com/ Frame CDAC 		35 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://opt.objectiveportal.com/pixel.gif?customer=WEH&brand=WEH&domain=NL&process=banner&campaignid=25026030&placementid=295706758&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.152.90 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.90.152.201.195.clients.your-server.de
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.objectiveportal.com objectiveportal.com
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:03 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
71c36966-8ed8-45f7-8d5d-ca7c47ea653c
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy
frame-ancestors *.objectiveportal.com objectiveportal.com
strict-transport-security
max-age=63072000; includeSubdomains
content-length
35
x-content-type-options
nosniff
file.mp4
r3---sn-4g5e6nss.c.2mdn.net/videoplayback/id/e1977ab951bd825d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765940201/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 5D20 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nss.c.2mdn.net/videoplayback/id/e1977ab951bd825d/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3765940201/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5C11A5915CAC7AB933B1373BE0886429998F2B20.1C9ADB9E6F486BAA8058E18E0073C17E122B4FAD/key/cms1/cms_redirect/yes/mh/Ov/mip/2a01:4f8:121:131a::2/mm/42/mn/sn-4g5e6nss/ms/onc/mt/1630483027/mv/u/mvi/3/pl/52/file/file.mp4
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:5e::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-6647159/6647160
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
6647160
expires
Wed, 01 Sep 2021 08:15:03 GMT
last-modified
Thu, 20 May 2021 06:30:00 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
client-protocol
quic
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CDAC 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 14:43:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Aug 2022 14:43:09 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FB53 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 31 Aug 2021 13:41:14 GMT
expires
Wed, 01 Sep 2021 13:41:14 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
66829
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame CDAC 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64af9243d5c5479fabc5bcc0ff707aee10532915ae423d01703eb0f48335360a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
partner
sync.search.spotxchange.com/ Frame 65C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOTEFbW8rJfNwZx6-2SlRS0&google_cver=1
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOTEFbW8rJfNwZx6-2SlRS0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1Z21PTAB&v=APEucNWfFUKTJGSWth97065uQDVLIgJxO6HZM2H9pteLxQQc6bSDqVXayvXRnpj9MxAIdzJWp58u4oXaaUCPFHhMvY6M6KWdfud-sn-kFBiltqt5lb80tNQDztfppHFgPqmjmN3RETOrLMC74jY-YVWZixC9lapp_LuU94jCpEISMbC8SXrKH7s
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 08:15:03 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
32
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOTEFbW8rJfNwZx6-2SlRS0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 65C3
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YjU3MDlhZDYtMGFmYy0xMWVjLTg4MjYtMTEzNzJmMWEwMzA2
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YjU3MDlhZDYtMGFmYy0xMWVjLTg4MjYtMTEzNzJmMWEwMzA2&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YjU3MDlhZDYtMGFmYy0xMWVjLTg4MjYtMTEzNzJmMWEwMzA2&google_tc=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1Z21PTAB&v=APEucNWfFUKTJGSWth97065uQDVLIgJxO6HZM2H9pteLxQQc6bSDqVXayvXRnpj9MxAIdzJWp58u4oXaaUCPFHhMvY6M6KWdfud-sn-kFBiltqt5lb80tNQDztfppHFgPqmjmN3RETOrLMC74jY-YVWZixC9lapp_LuU94jCpEISMbC8SXrKH7s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YjU3MDlhZDYtMGFmYy0xMWVjLTg4MjYtMTEzNzJmMWEwMzA2&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
336
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 65C3 		0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY1Z21PTAB&v=APEucNWfFUKTJGSWth97065uQDVLIgJxO6HZM2H9pteLxQQc6bSDqVXayvXRnpj9MxAIdzJWp58u4oXaaUCPFHhMvY6M6KWdfud-sn-kFBiltqt5lb80tNQDztfppHFgPqmjmN3RETOrLMC74jY-YVWZixC9lapp_LuU94jCpEISMbC8SXrKH7s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
pagead2.googlesyndication.com/bg/ Frame 057E 		35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 06:25:38 GMT
vary
Accept-Encoding
last-modified
Mon, 23 Aug 2021 08:38:00 GMT
server
sffe
x-content-type-options
nosniff
age
6565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35516
x-xss-protection
0
expires
Thu, 01 Sep 2022 06:25:38 GMT
Lato-Light.woff2
www.suarasurabaya.net/wp-content/themes/ss/dist/fonts/Lato/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.suarasurabaya.net/wp-content/themes/ss/dist/fonts/Lato/Lato-Light.woff2
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/wp-content/themes/ss/dist/css/fonts.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4c2248c2087eb5f44a46a67b8b4ce961d0fde9053dbfda30cf6af08a6c70e6

Request headers

sec-fetch-mode
cors
origin
https://www.suarasurabaya.net
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
:path
/wp-content/themes/ss/dist/fonts/Lato/Lato-Light.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/wp-content/themes/ss/dist/css/fonts.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.suarasurabaya.net
Referer
https://www.suarasurabaya.net/wp-content/themes/ss/dist/css/fonts.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11328412
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 19 Feb 2020 03:38:09 GMT
server
cloudflare
etag
W/"5e4cada1-6130"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMFdh4O9hob1FIwo4Hr7snBFjh3XTGIIFcqHpcdzh8EkqK2OvsTeEsC4LcoEDC0yeSrQUqzVxCPjhv8MmD2xHtWsdQg5bK24OE5lkk9VaXgeYwd9vkg5m9XMd6wxOGGTMcxiij0fr47kmp%2Bs5T0bjPz9Amw%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/x-woff
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
687d0c6d6f16177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Lato-Medium.woff2
www.suarasurabaya.net/wp-content/themes/ss/dist/fonts/Lato/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.suarasurabaya.net/wp-content/themes/ss/dist/fonts/Lato/Lato-Medium.woff2
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/wp-content/themes/ss/dist/css/fonts.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7326cdf64b4dd37acd22feb9fafb15e1eb2c6f6367752578166848a8c02d950

Request headers

sec-fetch-mode
cors
origin
https://www.suarasurabaya.net
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
:path
/wp-content/themes/ss/dist/fonts/Lato/Lato-Medium.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/wp-content/themes/ss/dist/css/fonts.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.suarasurabaya.net
Referer
https://www.suarasurabaya.net/wp-content/themes/ss/dist/css/fonts.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11328412
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 19 Feb 2020 03:38:09 GMT
server
cloudflare
etag
W/"5e4cada1-a490"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJ0Q4VXhoRdx%2BGs%2FBETiGKDaziR5ZDG2GR5IsUomSdPxyl9B5BHT%2F5eL93QgYE6slKmRkrgifQa6SWPk7OEAxaeCLra1OE6jE00S9cFVtZ3bXcHzM%2Fi8yTwCBg8hRGMSKdzGDSfNPuF90YZ%2BQVreZRwX7ik%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/x-woff
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
687d0c6d6f26177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Lato-Black.woff2
www.suarasurabaya.net/wp-content/themes/ss/dist/fonts/Lato/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.suarasurabaya.net/wp-content/themes/ss/dist/fonts/Lato/Lato-Black.woff2
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/wp-content/themes/ss/dist/css/fonts.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c16911984dce7909e91263930a1f34352a03476a6c58894a482f33aad91cd379

Request headers

sec-fetch-mode
cors
origin
https://www.suarasurabaya.net
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
:path
/wp-content/themes/ss/dist/fonts/Lato/Lato-Black.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/wp-content/themes/ss/dist/css/fonts.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.suarasurabaya.net
Referer
https://www.suarasurabaya.net/wp-content/themes/ss/dist/css/fonts.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
196980
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 19 Feb 2020 03:38:09 GMT
server
cloudflare
etag
W/"5e4cada1-6e7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8T7GvRJf1ML7AZgGj2p0M7mRbMnrQ7Yqihj%2F1IJ0zRprGko3m6bsXgHbjKG1LIj44e%2F59wlEZ%2BkRfZKp0CH%2BO1%2FwTFNXSRk%2FI5kjLv5ampskWnkNcLQT6xP1LFuAYlUq1BcUWJXpwZs%2FI%2FVcGXXO6kfWkZM%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/x-woff
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
687d0c6d6f2c177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
PicsArt_08-28-03.24.35-300x195.jpg
www.suarasurabaya.net/wp-content/uploads/2021/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/08/PicsArt_08-28-03.24.35-300x195.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66497af084f7a6648b0ab9108b9c0b8b16d059b044b8958cb0d08f966980e189

Request headers

:path
/wp-content/uploads/2021/08/PicsArt_08-28-03.24.35-300x195.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5091
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7874
last-modified
Sat, 28 Aug 2021 08:32:53 GMT
server
cloudflare
etag
"6129f4b5-1ec2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hegHX2TYU%2FlwphMQihTax0Fp%2B%2B8CbKKugH2ohl3uuT6sIClrh1PLTsdVGqoprkmal13G5V6DmTaM1sX4frVP8iX2kLtSZnJfPS39%2BDnDSwMooeYQ88Mk4FvMHYClYVLW3Vppg1T4bI3EWyX6JpN8LvZw7r8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec996177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
WhatsApp-Image-2021-08-27-at-09.16.02-2-300x195.jpeg
www.suarasurabaya.net/wp-content/uploads/2021/08/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/08/WhatsApp-Image-2021-08-27-at-09.16.02-2-300x195.jpeg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
368507c47866fe68f9314730bf99918c54f3c5bf84ffc14c107db02a74e3091b

Request headers

:path
/wp-content/uploads/2021/08/WhatsApp-Image-2021-08-27-at-09.16.02-2-300x195.jpeg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5090
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12977
last-modified
Fri, 27 Aug 2021 02:48:54 GMT
server
cloudflare
etag
"61285296-32b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjNIPLkkLEEn5PtW630zKQEZWKREXjUhHg8qP%2BzY%2Bd58XMDe%2FLVg4a4LNrwnwjTNmhCb2l%2B1zw6H%2FG6S6KS6L6Z8F7ojcnTeg0WOamj4d%2Fe6ki508RitOKGaG1qwgyCc%2FNbth4stEo4xOmA5zXNYAUEyZro%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec998177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ft-aplikasi-a-300x195.jpg
www.suarasurabaya.net/wp-content/uploads/2021/08/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/08/ft-aplikasi-a-300x195.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f4ea60f47b8142dc6c3ffb24623ee1638cfe6ac7257e8eb0766f199337ff80a

Request headers

:path
/wp-content/uploads/2021/08/ft-aplikasi-a-300x195.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5090
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
28567
last-modified
Wed, 25 Aug 2021 13:06:29 GMT
server
cloudflare
etag
"61264055-6f97"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5eBG8s5q3AKuu8j62ZMU7%2F70OskFAyyLegOWoW%2BkYKOuAf0jDQX3TqD9eZvilfJQD%2Fj%2FXc6jyHZB8tQDrrxy7AT5s8JdThEddHIkt2v43YB0fvljCi%2BR1kL%2FGQlyQk1ZfPMNl0%2FS73hr63PoR2EkRXdflU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec99c177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
the-internet-4899254_1280-840x493.jpg
www.suarasurabaya.net/wp-content/uploads/2021/09/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/09/the-internet-4899254_1280-840x493.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ea49458949066a47b8406f67710d464099cf9063cd0b82a60a8a23df4abf66e

Request headers

:path
/wp-content/uploads/2021/09/the-internet-4899254_1280-840x493.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:04 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
84523
last-modified
Wed, 01 Sep 2021 07:14:21 GMT
server
cloudflare
etag
"612f284d-14a2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qORwb5COqpQeHR6y%2BDfgoHjFPt6YAbXckJ4eODKYQ2mRVLsOd8rz3WXIgpcEc1wRQKrE70T2o%2BFkKxgp7jvfN3RSgh6QWTZ3Ids9MWN9BT3tWcxtyjC4xQePxBtrIQaYlFrVOZgyQBXBjYgIycq1kVwCcH8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec99d177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
WhatsApp-Image-2021-05-06-at-7.04.13-AM-2-300x195.jpeg
www.suarasurabaya.net/wp-content/uploads/2021/05/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/05/WhatsApp-Image-2021-05-06-at-7.04.13-AM-2-300x195.jpeg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f99e229c1b1eac75c1a77c0e146a1a1b8667a811bab7c40c3e0af0b15f7e1d1

Request headers

:path
/wp-content/uploads/2021/05/WhatsApp-Image-2021-05-06-at-7.04.13-AM-2-300x195.jpeg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:04 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
14474
last-modified
Thu, 06 May 2021 03:55:41 GMT
server
cloudflare
etag
"609368bd-388a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSwHOKCtJ7W6pt0LabJ1mdZirCeep5Ag%2BFCerogw7GmwGKNp7Iz2S21nHygpGcBYZyLYbIsb6mgxXD%2F0BublljsnjNBFyrYQ0a7S6QMFaIuXcUB9Pd9NsfSx4iKYN%2FKYIg2Ilv9ZtUuhOQzHUMTCf1r9nnc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec9a1177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
dr-Wiku-paspor-kesehatan-300x195.jpg
www.suarasurabaya.net/wp-content/uploads/2020/09/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2020/09/dr-Wiku-paspor-kesehatan-300x195.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06e4a45f9887818196eb0dbce2dffe05c68cbb8f49679d20bd38ab50d3a3a91f

Request headers

:path
/wp-content/uploads/2020/09/dr-Wiku-paspor-kesehatan-300x195.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:04 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
16795
last-modified
Fri, 25 Sep 2020 03:30:27 GMT
server
cloudflare
etag
"5f6d6453-419b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGRtbMmsiAi32gMu27KWMWEJ8fkw%2BfSrG8rYLUcHUBylF1wrzK2CL0AwnmNPmCQdF8IlmIJxwQDCLpNpnMv4anaj3qzq8ajpW6tF6txhIX8bYa0f2F2ghUNpralsLctbU6wdkGnwOBzBElMNu1Dc0VRMAcg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec9a3177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
WhatsApp-Image-2021-01-03-at-21.41.03-300x195.jpeg
www.suarasurabaya.net/wp-content/uploads/2021/01/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/01/WhatsApp-Image-2021-01-03-at-21.41.03-300x195.jpeg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99beb3e9f546eaf7124e2604b4e073296ab34880a73b8b8fa87807f38c214e17

Request headers

:path
/wp-content/uploads/2021/01/WhatsApp-Image-2021-01-03-at-21.41.03-300x195.jpeg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:04 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7103
last-modified
Sun, 03 Jan 2021 14:42:05 GMT
server
cloudflare
etag
"5ff1d7bd-1bbf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iulKpceAF6r3FauJSoTcepqqATpifQ6WEG8PEoOf9Dk%2BV1j8z8ulhBACKbq5oYgMPrVghPYqSev1cPkiA04i%2FI%2BfYHj2L%2FcwJ0aP0ECIcBfl9EGCTA0ibvr4RY9qfUTN50VW01cnN59AixVgXsO6KnmMzIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec9a5177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
kk208140_clip10.jpg
www.suarasurabaya.net/wp-content/uploads/2018/08/ 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2018/08/kk208140_clip10.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62a373269a959287a3869f19848ecadfe6a32d714d178e51e67db6fec9273f2d

Request headers

:path
/wp-content/uploads/2018/08/kk208140_clip10.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3454
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
120518
last-modified
Fri, 21 Feb 2020 08:33:17 GMT
server
cloudflare
etag
"5e4f95cd-1d6c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=09x3O0FAHJYEgOqC5i9UV2l3IikWfEGWWw35PbZ9EzPGToKF3VByz10zPd9junKmXQtvofCSQTgYJxXU4UMpjuxGl6fBN5kA8d%2BBsp5X1N89GDIZoY2WwSXJX03cXcWvrPa1bxSvmBh3cI1BddYwMUiWa14%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec9a7177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
afgan-300x195.jpg
www.suarasurabaya.net/wp-content/uploads/2021/08/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/08/afgan-300x195.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb43a1cf2bd2456a6e5fdeb40196b04769016398d0329f01a2644cb45aa836bf

Request headers

:path
/wp-content/uploads/2021/08/afgan-300x195.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:04 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
11858
last-modified
Sun, 29 Aug 2021 12:50:19 GMT
server
cloudflare
etag
"612b828b-2e52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S07Ys%2FYhCqRTLgMa1kZw70YsGnn8MlJeL2jNJKZ2lKUW%2FLOzL4WxX3vT6TreqUOKLfn%2BlXl%2B8CblCjJUiUpY%2BuDhV%2BG4o6qTJZDfieo0nZdyo1LbdEEGNQh0%2FMIE5Y9ua1I63aFAKmPfb2Tlydk7ByFTmGA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec9ab177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
81d5e466-6ffd-4f6c-b6aa-95802324e024-300x195.jpg
www.suarasurabaya.net/wp-content/uploads/2021/08/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/08/81d5e466-6ffd-4f6c-b6aa-95802324e024-300x195.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12c48143130b5cecb13504c3c16b024dc9e697282af675f317c9d579db84fd0

Request headers

:path
/wp-content/uploads/2021/08/81d5e466-6ffd-4f6c-b6aa-95802324e024-300x195.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5090
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
13181
last-modified
Tue, 31 Aug 2021 06:12:14 GMT
server
cloudflare
etag
"612dc83e-337d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ccm9EvD2xOFQgsEYyjiTDY2Bixgnn3yCk7kKbhXZ71tF8b8%2F%2B%2BfRG3O87ggnX7iPUlzW%2FSGVDX%2Ba6Xp6OTiUzLy7NMVbY6sNlx7zHC5PHTGpU59YmisSOGdnYGcLag7ZLw6GkIQmuqDhbR7H7POI5bfrN6s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec9ae177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
kk209385_clip10-300x195.jpg
www.suarasurabaya.net/wp-content/uploads/2018/09/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2018/09/kk209385_clip10-300x195.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
013c7766f5e0858a2ce2418a67a59ccdfbec44cec600bbd3a065e4570ce0cb2f

Request headers

:path
/wp-content/uploads/2018/09/kk209385_clip10-300x195.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5090
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
33035
last-modified
Fri, 21 Feb 2020 08:51:22 GMT
server
cloudflare
etag
"5e4f9a0a-810b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A41XAztABzSHfaGs2rGsQznofaZgs3sJ8n2TS60bS8IpcXYH2Fj7DpNXRKGuZ4XOF6GEMOMBG1a3bLazwuNm464oViD8Ru%2BjJLUd6EUSVUymSoydxEJGE0LS1fb5x2eaaMcLmkJZPYrUXiWCVa4X%2BlTcUbE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec9b2177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
401151f5-2f93-4443-98da-9a11458ea513-2.jpg
www.suarasurabaya.net/wp-content/uploads/2021/03/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/03/401151f5-2f93-4443-98da-9a11458ea513-2.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a2d6c3f1a66d61e2313d9a1236a1166cf5cb5d8c7bbd59f57915111cd1a0bbc

Request headers

:path
/wp-content/uploads/2021/03/401151f5-2f93-4443-98da-9a11458ea513-2.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5090
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
76312
last-modified
Mon, 01 Mar 2021 14:55:44 GMT
server
cloudflare
etag
"603d0070-12a18"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bj5Q8Qr0AXXMtxsZHCCAR%2FZgW9TkzQX8kK4ieZPoDIi4LeCpL8egEYmbu6NUhj5R34odO4Qb5xSauK81Q3OjaZHruiFOadzscOIZKIJhBynzdpGnKT%2FUYyMNEJRUCboY7lOhbDj6i5gA1qBEC%2FB9tHaVZbg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec9b5177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
egy-300x195.jpg
www.suarasurabaya.net/wp-content/uploads/2021/08/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/08/egy-300x195.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43ea2fe4226af0e72bb36a7f9929f7909f82e64a702ec9dfd739e64ff2752c8f

Request headers

:path
/wp-content/uploads/2021/08/egy-300x195.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5090
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
15295
last-modified
Tue, 31 Aug 2021 14:32:25 GMT
server
cloudflare
etag
"612e3d79-3bbf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=070vfFxbuzptmWZDIqUiWrNJZAj7bMOdkKgIwtmIvkkmuoKYWjNZJpQSaRjFJkmos35yl9EnI9GQLPcFk0T%2BAeBWjmY84KrfEkAY%2FCLxn%2BXL8HpJ%2BzwodLgBlK8CJ4Scbug3lxuzZ7s0Puc%2BCmIXSZDmez8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec9b8177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
quartararo-menang-300x195.jpg
www.suarasurabaya.net/wp-content/uploads/2021/08/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/08/quartararo-menang-300x195.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f4c87bb4a768967ce95363c0f8dac7912c6787ee757b2615fd514db1f59b07

Request headers

:path
/wp-content/uploads/2021/08/quartararo-menang-300x195.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5090
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12678
last-modified
Sun, 29 Aug 2021 13:50:44 GMT
server
cloudflare
etag
"612b90b4-3186"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8Oy68LhoXkiNDwNqV99tgoICntOtnxVa1elvxuS2Dgw3nzE4leYrbA%2BE3kjw7iyLNSNgt8AE3M%2FUVeUHcRnkDU3cIDeFFQEa6kxKQ94JilNcjLrmGP1cymsO%2Fv82gBlL%2F4sPKI1aLsE6Dr50wugK5yAkaM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec9bd177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
screen-6-300x195.jpg
www.suarasurabaya.net/wp-content/uploads/2021/08/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/08/screen-6-300x195.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
163866088acd49f64dbd0d7fbee1f7bc069c78ac2df899bd62cef7be69e32588

Request headers

:path
/wp-content/uploads/2021/08/screen-6-300x195.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5090
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
16076
last-modified
Sun, 29 Aug 2021 10:46:26 GMT
server
cloudflare
etag
"612b6582-3ecc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fta86nfkfaXXF6A2MebYABhAUQ%2BxKpdCnBni%2BvccMkEkAW%2BVIR3aVyznWHSDxp2B1hvmBVYsw2jHtM1pj6Qyeu%2FTSkkfipyhYsQGMEV6UJ1iAasv1gwImvV6jomJpn%2FjX9a26IcFghUZJmSP9b30ZaQSiKk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec9c2177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
WAJIB-PEDULI-LINDUNGI-03-2048x1189.jpg
www.suarasurabaya.net/wp-content/uploads/2021/09/ 		257 KB
257 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/09/WAJIB-PEDULI-LINDUNGI-03-2048x1189.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9706786e2e93e9b34a2b687e878720e58b8344446ba3e251e12ebb3fdab3275b

Request headers

:path
/wp-content/uploads/2021/09/WAJIB-PEDULI-LINDUNGI-03-2048x1189.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:04 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
262726
last-modified
Wed, 01 Sep 2021 07:22:24 GMT
server
cloudflare
etag
"612f2a30-40246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qk3rgk%2BxxD85zYjc2B9jutvkw15%2BDb7VxLE6tF2Wew6hHtEJBSdxLxXwFXwDNb49Op5KlBt1GGMhCd5yDd8oHd8oOdbhNXnoEKqT%2BMCnuHM57ssB2S2JsYkYOD%2BjGPbpFgx0QrCpE8EFr3ipIpOMotgoxDU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec9c7177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
LALISA-03-2048x1189.jpg
www.suarasurabaya.net/wp-content/uploads/2021/08/ 		145 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/08/LALISA-03-2048x1189.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04d041999fcc9cf32f78d2c4c45057dbd309fe7f3777a78138507f81bb376b1b

Request headers

:path
/wp-content/uploads/2021/08/LALISA-03-2048x1189.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:04 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
148100
last-modified
Tue, 31 Aug 2021 10:38:17 GMT
server
cloudflare
etag
"612e0699-24284"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bG88WgaG5pAIBMnLqklAl7sf5ODX5Bz2d%2BIiLvF0DKdVxHBoo7zl3OoUQz7uVxIWHQ5Txm7qjmacfR0AsfB5tjwxtAWYFCechE9vn1Q0eMsdEHX07Et4rbN6wDufRa3V9YS%2F5jVqqXX8A%2F1GyxzdXrOS21g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec9cb177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
E9HaFDiVIAgXAtd.jpg
www.suarasurabaya.net/wp-content/uploads/2021/08/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/08/E9HaFDiVIAgXAtd.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a532f400412067296a3430387103aaf61802324b873aaea94370549c545ba33

Request headers

:path
/wp-content/uploads/2021/08/E9HaFDiVIAgXAtd.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1139170
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
86240
last-modified
Thu, 19 Aug 2021 03:45:54 GMT
server
cloudflare
etag
"611dd3f2-150e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uBv9jTf0zQOB8nWK8OUjHWEJTa47OB1Jj3%2BCFOjclOHWxqvs5Pb2%2F8gv5pR3KvCwi4B9%2FX001YrNk1X2Yg3fZN6maAvkCf3DA%2Bu%2BPUBNKjmd24Yfo6JgVZSUqnFbWrfQ7UnBP44XkfzOZaKMm0IPEI06XU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec9cc177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
210803093937_foto-150x150.jpg
www.suarasurabaya.net/wp-content/uploads/2021/08/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/08/210803093937_foto-150x150.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f244875ae654429c44a2c79b0ff1aafce26ca4944c382aad81dddf4470501696

Request headers

:path
/wp-content/uploads/2021/08/210803093937_foto-150x150.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1139066
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
5216
last-modified
Tue, 03 Aug 2021 03:31:08 GMT
server
cloudflare
etag
"6108b87c-1460"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXIWmUFZ6CeZ%2FZ3BON9%2B6h%2BB8Ovzf%2Bq9L9YPXFXzu1GagJkhDNJWZVm6LmSraiedCWk8r44TWf5k2xlM2jS4z1gByCtcEsjAe5Nw2rXXHq7Rw1xQKbzXnZGjj2yBS4fdCPEhulsaqraebV6B8yoqVhP7%2F%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec9ce177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
221182240_10220665345292369_2034591821826066501_n-150x150.jpg
www.suarasurabaya.net/wp-content/uploads/2021/07/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/07/221182240_10220665345292369_2034591821826066501_n-150x150.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77e94003bb2529800a5b2996544645673810bd41dce5b8baa471d556f019cf1a

Request headers

:path
/wp-content/uploads/2021/07/221182240_10220665345292369_2034591821826066501_n-150x150.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
712602
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6290
last-modified
Mon, 26 Jul 2021 14:32:25 GMT
server
cloudflare
etag
"60fec779-1892"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ys3FM6jhoNGCPo57AOxnHybGvRRtgxYoppc%2FxvcGTdjRKVxCjXD7WW5jVEvPKwHuBx61TU12q9SbYs5fL8WvhYUJz7fCbmkn1CNX8xgSC1W5m9zLflyur%2FryrbdbTNg6u6TjAuR1pbW5bUkSvl3TG9O7Y9o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec9cf177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
E7CeDHgXIAMYB_4-1-150x150.jpg
www.suarasurabaya.net/wp-content/uploads/2021/07/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/07/E7CeDHgXIAMYB_4-1-150x150.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a13cf17a8165181837ab190bbd6d558670a2830ab98a731e81608b25cf80cb02

Request headers

:path
/wp-content/uploads/2021/07/E7CeDHgXIAMYB_4-1-150x150.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3169812
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7159
last-modified
Sat, 24 Jul 2021 05:40:58 GMT
server
cloudflare
etag
"60fba7ea-1bf7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQPaDyJRemSOeY1Fx5%2FvlVGRVXwrMz5BesjB2n76ojXycxrz8Ty%2B4XDZRZDY6TcF0pQjQMpVI4fyuB%2BZ6cIRy4LSAQ6wddlhPqEdVuwqbcaog3tZSiQCyPRzvtwTqbzpcV083eWAQPr0cP20DQzpAaVJThk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec9d1177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
dentist-4373290_960_720-150x150.jpg
www.suarasurabaya.net/wp-content/uploads/2021/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/08/dentist-4373290_960_720-150x150.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1c781b57d1eeea573ad563ede19bb1454b51bbbab3d5bfa9fd36fb76b45d402

Request headers

:path
/wp-content/uploads/2021/08/dentist-4373290_960_720-150x150.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5090
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4625
last-modified
Tue, 31 Aug 2021 14:15:52 GMT
server
cloudflare
etag
"612e3998-1211"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2r7%2BgptrZf%2FohSdDwFwJ64ZZPa6LFYQGfRdvAgK3maPApAgA37Eo6hqBXNSEhnvnC1T97vp8keGDldjN58QJBQtHq8We5AD7Filuxf%2B7VRFyuGnJcGlhW7PmevPo6dcz6wtT5cK9%2BdEMKiDwWBgVEu%2FjLD0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec9d3177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
PicsArt_08-31-04.15.27-150x150.jpg
www.suarasurabaya.net/wp-content/uploads/2021/08/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/08/PicsArt_08-31-04.15.27-150x150.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c72864476a61860a3c91b86e8d73f1922ad72dce0c5b0c0444f55bef964558b

Request headers

:path
/wp-content/uploads/2021/08/PicsArt_08-31-04.15.27-150x150.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5090
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3976
last-modified
Tue, 31 Aug 2021 09:15:56 GMT
server
cloudflare
etag
"612df34c-f88"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AS4En0bZO4HUfYUsvJ0HwSVsnGpprVpG5ad1DyhYswkjEe1iTtODt0dC9MZC1yfoFLGymINpz%2F5VTvhQ%2BdkIEZEJUGdmRLHF20x9D1yRB2iZXIOX2iWDFxbCR59Tus80B4GabMdH%2F%2FOssOkmgFct5iHtRHA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec9d4177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
mission-impossible-150x150.jpg
www.suarasurabaya.net/wp-content/uploads/2021/08/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/08/mission-impossible-150x150.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
454e51f60dd931fe1cfcf54f3ce84c3a656fcc63a70e7f069b04b270c8eb6992

Request headers

:path
/wp-content/uploads/2021/08/mission-impossible-150x150.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5090
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6374
last-modified
Tue, 31 Aug 2021 07:52:55 GMT
server
cloudflare
etag
"612ddfd7-18e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tH%2BgXjhEt3f5JBCmTu1AXbcmmc9EpHTz9q7nLjfQ2PIbFV7jYqCiC%2F0ulSySVxiwUa4MN9Gr2fBuiOmlXN95fntZhM6P6lUC35V5q555YROltsdnbkvS14dgdGGAZhzobSSfY1c%2FP%2FTVkUUM1fVojrdv%2FiY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec9d5177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
IMG-20210831-WA0023-150x150.jpg
www.suarasurabaya.net/wp-content/uploads/2021/08/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/08/IMG-20210831-WA0023-150x150.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34aaa83b8d7a3c436c6ac612203cae53f6d80bf26252601cd9a98873d18c6d8

Request headers

:path
/wp-content/uploads/2021/08/IMG-20210831-WA0023-150x150.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5090
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
5648
last-modified
Tue, 31 Aug 2021 07:36:07 GMT
server
cloudflare
etag
"612ddbe7-1610"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6yx8yD9cQIwNKXV5vix9vEIp9inO1WkP3LVPQh0OUMGCRmf3RvnWzMOL0TrDyWxuMgew7kWUVS1B7XUxnp2OYtmRARHMfXdJRrTboy0aToWHwbt8kzKiEzDJuqPnJF7vp4XeEbi1MwYi%2FnP8j1z16fqvlG8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ec9d6177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
WhatsApp-Image-2021-04-08-at-21.34.07.jpeg
www.suarasurabaya.net/wp-content/uploads/2021/04/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/04/WhatsApp-Image-2021-04-08-at-21.34.07.jpeg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f9cedc7bbf03e88d9eb90f26d40c19f96c334fe919c4236ce5e627dd213813c

Request headers

:path
/wp-content/uploads/2021/04/WhatsApp-Image-2021-04-08-at-21.34.07.jpeg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5090
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
68524
last-modified
Thu, 08 Apr 2021 14:35:50 GMT
server
cloudflare
etag
"606f14c6-10bac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMZb96kwpRxCrS5edScHfgu%2FWdfJS6Sql%2FViE1JFILSKHtCHj3c4Pl58bSgYX93mki5xnr%2Bkbh%2Bli8zUlPvG6IVozoD5U438rPI4nj8IvelTn%2FMfXjS%2FPyRiOQe%2BJ7Bp%2FxjkwX3IrT2uG9iHvOEg004DxXE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ed9e1177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
brt-juara.jpg
www.suarasurabaya.net/wp-content/uploads/2020/06/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2020/06/brt-juara.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e703af61e882f36760cbd831ae189e908a5dcdecdeac1efd6c802c87692b0d95

Request headers

:path
/wp-content/uploads/2020/06/brt-juara.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5090
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
36399
last-modified
Mon, 01 Jun 2020 08:01:26 GMT
server
cloudflare
etag
"5ed4b5d6-8e2f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AouyiKe8TdQa21Fe%2B8vROcRqyBOGh8LklZvV60hUIZPp68O9ve13XEvv3tbdBSTBM7lkvrVfodXqgWHH%2Bj5rJtH9m0cpaGlkpfMfwO9wvnRA520SfnjCJ2A1Id8IGMT59b29IOdOMOLRXYqU0mI%2FButyolI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ed9e3177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
DSCF8643-150x150.jpg
www.suarasurabaya.net/wp-content/uploads/2020/08/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2020/08/DSCF8643-150x150.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19722777142e8c3974351bbf511f9051977f33aa7cb5dc7aa420f96f14387fd6

Request headers

:path
/wp-content/uploads/2020/08/DSCF8643-150x150.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5090
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7017
last-modified
Sat, 08 Aug 2020 01:39:59 GMT
server
cloudflare
etag
"5f2e026f-1b69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvtJV28GJk7m5wiZTgb5qhsMtL6dErutp%2FkDQjtm6zTFLM2icZJlzk%2FyQN2GdAmupl8OV4TU%2BVXRMBXgiPravcOD1Pr4o7ZJPkK%2B3VU%2BC%2B5n%2BLjDG4ihhTdVvJfGtl2Eiyl978EH3MabMmkUOi2P307S5wQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ed9e5177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
hasil-bumi-2-150x150.jpg
www.suarasurabaya.net/wp-content/uploads/2020/08/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2020/08/hasil-bumi-2-150x150.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7efb2c1f712dd93e7879fead6f552336d2423b7e00bb703b59de66c5748acf17

Request headers

:path
/wp-content/uploads/2020/08/hasil-bumi-2-150x150.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5090
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7476
last-modified
Wed, 05 Aug 2020 08:37:49 GMT
server
cloudflare
etag
"5f2a6fdd-1d34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eFbvFHAb9%2Bb37jcO5FOWBBdsHzyhkgLSiHeZTHCdSLPOQXSPV7KhMJoT5mq%2B%2BHVhwxQ6iYA4y%2FI8y2a88KeLCp%2FJCAxP1sLaF0K6CqqB59rqu%2BLjP3nkLv7UjdjE93fzKQnPIxTAPveOvlkG1PXGieGUpw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6ed9e6177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
request.php
hal90007.redintelligence.net/ Frame E4C6 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90007.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=d9959c2939&subid=&uid=74ceb30830e0ffaa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeu2AhTYvYbCCJJrF7_UPjayOgAbisNzwX_Pt7-n3DPAuEAEg9Ov2K2CRhICA_BfIAQmpAjlSz2UbzLM-qAMBqgTYAU_QTsquFnE9MA3cF38QloJWj1qT4ow3WNdbOVB9Zi6pxOPU4gx_ogYdzW91sXTk05s0_mMiGVUb9B3vMRTNCPYR6dG0_62BFBtPGgVchuGwBgS0ApjtzRWWtRk5FRgH6UH5r5p2CNUc5YBv0_gSZQl14WShrnT_8SCqVB46GjcSkLTcFc2KR1b0nzuHdJg56wNc_DmbrQiVEnImGVJNCMd0wMLbVKJWXzdN0k2fR-aMJmfmNzreUNw_JwknHfHm-wLCP4-cIASrl9EoA7PEOpNwNuSd5WTZk8AE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE7XWuQzQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRokhbE1EoCv3R3zOKcAGIEccdsoA%26sig%3DAOD64_3TtYVz_3ghZ-7dR_O5e8WzlmdkFg%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-Df4x2GbomhhDzD8v_IITvnoYGz4wCjVY7EG7fxnBf5K_K01SWf5QlMp4R8TFncDdzpz7DmmUTvlipF37EaeLDkjWKmseqvZbpqrpYbx0bDgtkfxEMlwRATrq9zUjrGlKlH00C-Q0AFzV0T3qRz7c5kqDUNSg%26cry%3D1%26dbm_d%3DAKAmf-B3KCjcM8I0h9vkPH3M1z7jDXEEXpJy8VcDm0d9n-UHt_1jNAT0UJ6s3RqeWJH6Qg_EHvs5JpUBzySIWevLcdm1QVzzF_hvzkuAGtYmzoqQf-708c43ub5KmCC6nK08eZuW0t8013EK-pSnWecQjyXR-pKk68axSeoITWte0BM5uvMSkadKjWX_n5WPv23_MGnnCWN7N9KeBfILR9dlT9WEOaahKZcHdKBdoLpdonuRdWc6k21WIcoockN9sJBmXIHCN7DfC6S86CFP2tqjvPi0eaChH8e8iBtr4uDNkoAbPOG55gZspV6anB-hqXq0MujOiZ3CHq4VhPXHJCN412ehu4Z2wlK9I_80PV3y5ILE5ydTjiuzYK_pcm1aeuwF6SwHlJkWYxmzydp9oAnb0z-qn_NrxAqXp_IFgJw1grpwFJL5NAsqwok7g6LIIW0ji_W2UOyrV3TJWELt_ql0LoVNqSKcQw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.suarasurabaya.net%2F&ancestorOrigins=https%3A%2F%2Fwww.suarasurabaya.net&random=2734542229074&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/5imww12akvzn?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeu2AhTYvYbCCJJrF7_UPjayOgAbisNzwX_Pt7-n3DPAuEAEg9Ov2K2CRhICA_BfIAQmpAjlSz2UbzLM-qAMBqgTYAU_QTsquFnE9MA3cF38QloJWj1qT4ow3WNdbOVB9Zi6pxOPU4gx_ogYdzW91sXTk05s0_mMiGVUb9B3vMRTNCPYR6dG0_62BFBtPGgVchuGwBgS0ApjtzRWWtRk5FRgH6UH5r5p2CNUc5YBv0_gSZQl14WShrnT_8SCqVB46GjcSkLTcFc2KR1b0nzuHdJg56wNc_DmbrQiVEnImGVJNCMd0wMLbVKJWXzdN0k2fR-aMJmfmNzreUNw_JwknHfHm-wLCP4-cIASrl9EoA7PEOpNwNuSd5WTZk8AE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE7XWuQzQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRokhbE1EoCv3R3zOKcAGIEccdsoA%26sig%3DAOD64_3TtYVz_3ghZ-7dR_O5e8WzlmdkFg%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-Df4x2GbomhhDzD8v_IITvnoYGz4wCjVY7EG7fxnBf5K_K01SWf5QlMp4R8TFncDdzpz7DmmUTvlipF37EaeLDkjWKmseqvZbpqrpYbx0bDgtkfxEMlwRATrq9zUjrGlKlH00C-Q0AFzV0T3qRz7c5kqDUNSg%26cry%3D1%26dbm_d%3DAKAmf-B3KCjcM8I0h9vkPH3M1z7jDXEEXpJy8VcDm0d9n-UHt_1jNAT0UJ6s3RqeWJH6Qg_EHvs5JpUBzySIWevLcdm1QVzzF_hvzkuAGtYmzoqQf-708c43ub5KmCC6nK08eZuW0t8013EK-pSnWecQjyXR-pKk68axSeoITWte0BM5uvMSkadKjWX_n5WPv23_MGnnCWN7N9KeBfILR9dlT9WEOaahKZcHdKBdoLpdonuRdWc6k21WIcoockN9sJBmXIHCN7DfC6S86CFP2tqjvPi0eaChH8e8iBtr4uDNkoAbPOG55gZspV6anB-hqXq0MujOiZ3CHq4VhPXHJCN412ehu4Z2wlK9I_80PV3y5ILE5ydTjiuzYK_pcm1aeuwF6SwHlJkWYxmzydp9oAnb0z-qn_NrxAqXp_IFgJw1grpwFJL5NAsqwok7g6LIIW0ji_W2UOyrV3TJWELt_ql0LoVNqSKcQw%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
6aac2465db99ba39fc21fc2933e15e97946f4104a0045c25617b1f9ab268169e

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 08:15:03 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
84891000051578800719590011704007
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1046
Expires
Wed, 01 Sep 2021 09:15:03 +0200
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5958 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 31 Aug 2021 14:43:09 GMT
expires
Wed, 31 Aug 2022 14:43:09 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
63114
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
5imww12akvzn
hal9000.redintelligence.net/zone/ Frame DA93 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/5imww12akvzn?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCj6TqhTYvYbSCJJrF7_UPjayOgAbisNzwX56J1vuJC_AuEAEg9Ov2K2CRhICA_BfIAQmpAjlSz2UbzLM-qAMBqgTYAU_QFXxCVMimOvqHe9nrVYcjhgaUtF4dtUdHWeFuNfHklrr_Up73hBsuYpQ8SINhNGOFG1-YgziYe6hnh5L7-hLp3B-jkU6ngJjSD3W-KcmOuTohPbj1WmLDadcZTI5X9-MkUmxDoFsHN7W9U0gx_YnRoXRzJYB8umpCOIpdhLsKTu4w6EXRR8EpJf35kMnu1Ll34qS1hnOcSzPxiloaQIca9-DWusb8Tq5cedyCd_Ut48GerL-bYc89vbMo2rEJ7m-qOWNqHB5y4ESaVlYeH3hAajT8eVRSOsAE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE7XWuQzQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo-rUev7yOOt93k1ZD4KnbERc4dQ%26sig%3DAOD64_0j7cTRIxJbVO0doF68HEsLQIXr7w%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-BITPoeUGtDPTNDqaygYwRQ1chOrlWh6ptTYGavVXwpy73jaL4H4RlV3SKd6xruOmECs4kHUOtzyLcUP5dhK0r40NmX-54Qo1N3qFN-r1zSY3qI7V_9AS2cRjQDkdHFES7jUwt7jXU4fG4VueF1ve3NRageQg%26cry%3D1%26dbm_d%3DAKAmf-CfD7Bonteuy6jIz_EyZYJ-SlnR9a7sdCPgm59BiSLAknnTk6lZCI98OE6MO0BfB3tMsj0zaziaf10kdJ9SbqYXGG5YrVgIpL9nwASrGbJvrxYTVPWfpaa9MMy_p7LL2Lkt82TKMZVUoygOq3dnxMGwXlK7znieRpqTs7EucLU18iC7l6ncmPrWD8JdKqC_TZ3VvM47hLck0oKPp11-s6bb7yKT2ZM2oZf_4OsgZJFyU6cGix6PMqRUoXlkjBD850-BGZA_PYcIiPp9olFYf9mGXjOMPtFEIM4yj-q6vEqgvaJVZBBQMRBEL9Zjm5l6TrLupPxjQ529gnNV7oFea8huafoCkDFx5WoP5az1hyFwffmHYnrqfXHt52srRbASc4XYidN_fpeiarJjbtrFTHYoT0FqfAcCEjOxoVlyJ5WeWOk_ggl-F9LXxCBFtTAqu8s0SG0i%26adurl%3D
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
ead7d9ae37ae5bcfafb6cf25cf785492c727922875b71d9063d3d7105e6ec711

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 08:15:03 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3919
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
kampoeng_herbal1-150x150.jpg
www.suarasurabaya.net/wp-content/uploads/2020/08/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2020/08/kampoeng_herbal1-150x150.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
491f3e611903da352c8bff4b6684470583d68288169d2d2692dc4f17a5eab704

Request headers

:path
/wp-content/uploads/2020/08/kampoeng_herbal1-150x150.jpg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5090
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12533
last-modified
Tue, 04 Aug 2020 03:26:52 GMT
server
cloudflare
etag
"5f28d57c-30f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vajBcZ6vCL0xphGvbcPPwbN%2F46HqBw1bTjIEoEeGPAlaHcOPxS6o6q9NL3qPhacYlRY2MAJeTIOvscYKUVGxTUf%2BM7EzzOxIMxbOD2N3RMcfx4atmUahggAxnvr%2Ft2NkCGzGjAfjidVTSkorH4uEvNvJaLk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6fdb71177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
WhatsApp-Image-2020-07-29-at-8.55.54-PM-150x150.jpeg
www.suarasurabaya.net/wp-content/uploads/2020/07/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2020/07/WhatsApp-Image-2020-07-29-at-8.55.54-PM-150x150.jpeg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a57dd5255d05a44f7410064a03cc02489c49ac4951b68ee1397b1da7c2c94da

Request headers

:path
/wp-content/uploads/2020/07/WhatsApp-Image-2020-07-29-at-8.55.54-PM-150x150.jpeg
pragma
no-cache
cookie
__utma=137142706.538317931.1630484101.1630484101.1630484101.1; __utmc=137142706; __utmz=137142706.1630484101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=137142706.1.10.1630484101; __gads=ID=a5f3ea7764291235:T=1630484101:S=ALNI_MZJyR_fUeE-ySlAP9t_pfQSi1dMQg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5090
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
5710
last-modified
Thu, 30 Jul 2020 08:08:04 GMT
server
cloudflare
etag
"5f227fe4-164e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxVNtiwiwbdFG%2FFriyBv4YB%2FCqb%2FyIpT5XAagHrqyfA4s%2FxXrPRubJSgoONnluf04fYFgzCJAFWnTnncWUAqhcjLL8fSfS7ZFDP0MKYYTiPEH6dxFspYkglg79px1hr8ezaiHStj80JPtLYn7E4pvTaD0Tg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c6fdb77177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Cookie set cshow.php
www.zenaps.com/ Frame 7160
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2882174&v=8508&q=413151&r=235229&pref1=93811400051604900719590011704014&pv=1
  • https://www.zenaps.com/cshow.php?pvr=b5b13a50-0afc-11ec-bfe3-692d0dec5663&v=8508&r=235229&q=413151&s=2882174&viewref=93811400051604900719590011704014&pv=1
43 B
705 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.zenaps.com/cshow.php?pvr=b5b13a50-0afc-11ec-bfe3-692d0dec5663&v=8508&r=235229&q=413151&s=2882174&viewref=93811400051604900719590011704014&pv=1
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=1c02290ea9&subid=&uid=bb613eb8c8606447&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCa0IBhTYvYcbRIqjR7_UPzvOaiAPisNzwX56J1vuJC_AuEAEg9Ov2K2CRhICA_BfIAQmpAjlSz2UbzLM-qAMBqgTYAU_QL_GwRcqK1bW33DcwbP9DRZa-lwf1EJfD1Ns9tz_ES_SGYl4Ne_GSE7xI7Dn4m8o7VgeOWbyoPrBcVkYIvJD7V_LBQMyZcE2jpQetmIybU5aX3Qt4Jq5lgEf0o6QHR6ZIexJI96xjxeXkX6QxewxvJEGyNNxnpELS50SWIdOjomNHO_KmUR4dRGNWbW0Q8q1IHhzOx138h7nkJZeP9rGgk2AYQ-6gqESzOy7krIW-6E-wapOIBKXM4rUqHYPeV5vgPzTgcgYopl-GOwC7G9hHXHtSIYnjcsAE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE7XWuQzQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRo0Nz4afzYy2R0kOJdJtGJTQ%26sig%3DAOD64_0oa9KkbfhOk818PHkTcvvF49SV0w%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-AERrIVMyOy-vcRN8HN_N7cCpGBCFpxJhSR3Vlkl4yuR-mo_5ePZ1BGzGg02veTYkP8gp5dYLgo680Ry2iXHaVu-vlhlBkI9OAaz_kKQpSUFwqAakk4EQ55rfR9kA9IW03YvGwtfETK-owPTm_3u86TGYqa_Q%26cry%3D1%26dbm_d%3DAKAmf-Aw-EptmaOE7mKYRoVJcOaKNesLeKoJFgK2hFcEaGRiPIgMVaeG-Qb0keX_yMgYQaP3p6RbGtEB_o0O-glb6cTKRjVjSzkTJ89w1O33y4dlOoykXZ5eUnIUWsoLj5AVc1uQhM6bIa7GgJWWe2B3g9AkHLlzD3Fmd3aSzTfBXSDR2RtCyQqUDyo0O4ZvN5LSCVhqmq8sd1ckfBRVzUi-ECC7mT0dCx645Far739snSnf4vWjYjVVXnnYdq_I8qlItC4kyOT21wko_MXcn0qwBOSuG_AztPEETLQMY_4uRUl2AGyqTZ4niDy0DH35eJtAdRpf43YJYs6b4XNYYbQNhQktShgZ0iYoT_kivDSRo_xAyAYJVzpQuE3idpu_7xPg_E511Um0bsYFda0wfs25fzO85_syEhJB5GiH036j2msxoG1PN5l87dMPx5wSjnQ--kiEkZKz%26adurl%3D&documentReferer=https%3A%2F%2Fwww.suarasurabaya.net%2F&ancestorOrigins=https%3A%2F%2Fwww.suarasurabaya.net&random=54030650472&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Host
www.zenaps.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Content-Type
image/gif
Expires
0
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma
no-cache
Content-Length
43
Date
Wed, 01 Sep 2021 08:15:04 GMT
Connection
keep-alive
Set-Cookie
awpv8508=235229|1630484103|b5b13a50-0afc-11ec-bfe3-692d0dec5663;domain=.zenaps.com;path=/;expires=Thursday, 02-Sep-2021 08:15:03 UTC;Secure;SameSite=None AWSESS=413151:2882174;domain=.zenaps.com;path=/;Secure;SameSite=None
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default

Redirect headers

Location
https://www.zenaps.com/cshow.php?pvr=b5b13a50-0afc-11ec-bfe3-692d0dec5663&v=8508&r=235229&q=413151&s=2882174&viewref=93811400051604900719590011704014&pv=1
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Content-Length
0
Date
Wed, 01 Sep 2021 08:15:03 GMT
Connection
keep-alive
Set-Cookie
awpv8508=235229|1630484103|b5b13a50-0afc-11ec-bfe3-692d0dec5663;domain=.awin1.com;path=/;expires=Thursday, 02-Sep-2021 08:15:03 UTC;Secure;SameSite=None AWSESS=413151:2882174;domain=.awin1.com;path=/;Secure;SameSite=None
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default
/
ti.tradetracker.net/ Frame 3EB5 		442 B
921 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ti.tradetracker.net/?c=34211&amp;m=1888189&amp;a=70002&amp;r=93811400051604900719590011704014&amp;t=js&amp;wid=tt-1f14b5
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.25.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-25-216.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8dc16432c11577abc72ff74a689c6808b78c67271369d5fe7fc94b113b2246dc

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
cache-control
no-cache, must-revalidate
expires
Mon, 26 Jul 1997 05:00:00 GMT
server
nginx
content-type
text/javascript; charset=UTF-8
request_content.php
hal900014.redintelligence.net/ Frame E5C5 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/request_content.php?s=93811400051604900719590011704014&a=ab56e73f
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=1c02290ea9&subid=&uid=bb613eb8c8606447&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCa0IBhTYvYcbRIqjR7_UPzvOaiAPisNzwX56J1vuJC_AuEAEg9Ov2K2CRhICA_BfIAQmpAjlSz2UbzLM-qAMBqgTYAU_QL_GwRcqK1bW33DcwbP9DRZa-lwf1EJfD1Ns9tz_ES_SGYl4Ne_GSE7xI7Dn4m8o7VgeOWbyoPrBcVkYIvJD7V_LBQMyZcE2jpQetmIybU5aX3Qt4Jq5lgEf0o6QHR6ZIexJI96xjxeXkX6QxewxvJEGyNNxnpELS50SWIdOjomNHO_KmUR4dRGNWbW0Q8q1IHhzOx138h7nkJZeP9rGgk2AYQ-6gqESzOy7krIW-6E-wapOIBKXM4rUqHYPeV5vgPzTgcgYopl-GOwC7G9hHXHtSIYnjcsAE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE7XWuQzQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRo0Nz4afzYy2R0kOJdJtGJTQ%26sig%3DAOD64_0oa9KkbfhOk818PHkTcvvF49SV0w%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-AERrIVMyOy-vcRN8HN_N7cCpGBCFpxJhSR3Vlkl4yuR-mo_5ePZ1BGzGg02veTYkP8gp5dYLgo680Ry2iXHaVu-vlhlBkI9OAaz_kKQpSUFwqAakk4EQ55rfR9kA9IW03YvGwtfETK-owPTm_3u86TGYqa_Q%26cry%3D1%26dbm_d%3DAKAmf-Aw-EptmaOE7mKYRoVJcOaKNesLeKoJFgK2hFcEaGRiPIgMVaeG-Qb0keX_yMgYQaP3p6RbGtEB_o0O-glb6cTKRjVjSzkTJ89w1O33y4dlOoykXZ5eUnIUWsoLj5AVc1uQhM6bIa7GgJWWe2B3g9AkHLlzD3Fmd3aSzTfBXSDR2RtCyQqUDyo0O4ZvN5LSCVhqmq8sd1ckfBRVzUi-ECC7mT0dCx645Far739snSnf4vWjYjVVXnnYdq_I8qlItC4kyOT21wko_MXcn0qwBOSuG_AztPEETLQMY_4uRUl2AGyqTZ4niDy0DH35eJtAdRpf43YJYs6b4XNYYbQNhQktShgZ0iYoT_kivDSRo_xAyAYJVzpQuE3idpu_7xPg_E511Um0bsYFda0wfs25fzO85_syEhJB5GiH036j2msxoG1PN5l87dMPx5wSjnQ--kiEkZKz%26adurl%3D&documentReferer=https%3A%2F%2Fwww.suarasurabaya.net%2F&ancestorOrigins=https%3A%2F%2Fwww.suarasurabaya.net&random=54030650472&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
c322f64a426c423140e7f8f3f783e6e21fc1d7008fb4d783a10fcd37f252bf5e

Request headers

Host
hal900014.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=b12221b2b28f7959
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

Date
Wed, 01 Sep 2021 08:15:03 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Wed, 01 Sep 2021 09:15:03 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2381
Connection
close
Content-Type
text/html; charset=utf-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 50F6 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 31 Aug 2021 13:41:14 GMT
expires
Wed, 01 Sep 2021 13:41:14 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
66829
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 3EB5 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e32a968b8f7761842b2f6a18969c99ce5841ad43dd5f991d9565e369189c73fc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame 5D20 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~kt184wzu&c=2424795546783&slotId=1212397773391.5&qqid=CIWovs2q3fICFajouwgdzrkGMQ&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=987&mt=video%2Fmp4&vs=640x360&vmfc=18&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C46%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210823_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.34.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qro02s27-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:04 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bAXmr16l8Fcjh6Ak7G9tUyWjpKdXOe8Oma2-jj8o2SE.js
pagead2.googlesyndication.com/bg/ Frame 6728 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/bAXmr16l8Fcjh6Ak7G9tUyWjpKdXOe8Oma2-jj8o2SE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c05e6af5ea5f0572387a024ec6f6d5325a3a4a75739ef0e99adbe8e3f28d921
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 06:29:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
6330
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13290
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 08:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Sep 2022 06:29:33 GMT
jsf.css
s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/ Frame 5E0D 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/jsf.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=bILBucNUMn&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c2e11ce19bb3fa29abc4828c4973a1d9fc61aded50f1733e3b35e5b762beefe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=bILBucNUMn&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 08:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1589
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 13:29:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Sep 2021 08:24:23 GMT
Enabler_01_246.js
s0.2mdn.net/879366/ Frame 5E0D 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=bILBucNUMn&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=bILBucNUMn&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 04:50:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12253
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40237
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Sep 2021 04:50:50 GMT
feedImport.js
s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/ Frame 5E0D 		11 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/feedImport.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=bILBucNUMn&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc5d4cf6e18131d2611ce0231aac8ac54c6a196f6c9c44239e4b232811404d69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=bILBucNUMn&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 08:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 13:29:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Sep 2021 08:24:23 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 5E0D 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=bILBucNUMn&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=bILBucNUMn&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Sep 2021 08:15:03 GMT
slides.js
s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/ Frame 5E0D 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/slides.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=bILBucNUMn&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b2fac768e98473072a0c26694d23f7b2c5f90673ba1e0ffc5c4dd89be32072e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=bILBucNUMn&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 17:33:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52911
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2651
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 13:29:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Sep 2021 17:33:12 GMT
swipeHandler.js
s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/ Frame 5E0D 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/swipeHandler.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=bILBucNUMn&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
408e3f3a32fccfc6b1716c3979cd5dcb1bc1139dbb0fe9066a34a9c7b56dedb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=bILBucNUMn&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 08:24:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1944
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 13:29:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Sep 2021 08:24:24 GMT
swipe.svg
s0.2mdn.net/creatives/assets/4008410/ Frame 5E0D 		38 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4008410/swipe.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=bILBucNUMn&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da38b17bcd33d8afdfb2ba334966431117fd9717ef7bd752c0102e5340243d15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=bILBucNUMn&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:00:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
850
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28531
x-xss-protection
0
last-modified
Tue, 19 Jan 2021 11:46:14 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Sep 2021 08:15:54 GMT
brt6564_pict1-1-150x150.jpg
www.suarasurabaya.net/wp-content/uploads/2021/08/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.suarasurabaya.net/wp-content/uploads/2021/08/brt6564_pict1-1-150x150.jpg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:358c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c985a69489f2a59488d369d05a029b228327da71d731a38ffe947276eefe9a8b

Request headers

:path
/wp-content/uploads/2021/08/brt6564_pict1-1-150x150.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.suarasurabaya.net
referer
https://www.suarasurabaya.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5091
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6037
last-modified
Fri, 27 Aug 2021 20:55:18 GMT
server
cloudflare
etag
"61295136-1795"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuNQ4EPFPDrQ1ji%2BcEAJd9iRP8d1dM%2BBF4Y8eQO0b6tEkcK1G5WMcAKD7COiKtWTkeehOx590yqSWMT%2BeMhqQGUQRQDBSKn0yI2l%2FdfKLD%2Fc4%2BvbtL54iIkTPUyqeUt2BZT2Fk%2BPyQU3gIRdDrvVBnpoJi8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
687d0c73c941177a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 96D6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 31 Aug 2021 14:43:09 GMT
expires
Wed, 31 Aug 2022 14:43:09 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
63114
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
pagead2.googlesyndication.com/bg/ Frame 7238 		35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 06:25:38 GMT
vary
Accept-Encoding
last-modified
Mon, 23 Aug 2021 08:38:00 GMT
server
sffe
x-content-type-options
nosniff
age
6565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35516
x-xss-protection
0
expires
Thu, 01 Sep 2022 06:25:38 GMT
Cookie set cshow.php
www.zenaps.com/ Frame B7E9
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2824569&v=9247&q=407742&r=235229&pref1=84891000051578800719590011704007&pv=1
  • https://www.zenaps.com/cshow.php?pvr=b5dd2c50-0afc-11ec-bfe3-692d0dec5663&v=9247&r=235229&q=407742&s=2824569&viewref=84891000051578800719590011704007&pv=1
43 B
705 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.zenaps.com/cshow.php?pvr=b5dd2c50-0afc-11ec-bfe3-692d0dec5663&v=9247&r=235229&q=407742&s=2824569&viewref=84891000051578800719590011704007&pv=1
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=d9959c2939&subid=&uid=74ceb30830e0ffaa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeu2AhTYvYbCCJJrF7_UPjayOgAbisNzwX_Pt7-n3DPAuEAEg9Ov2K2CRhICA_BfIAQmpAjlSz2UbzLM-qAMBqgTYAU_QTsquFnE9MA3cF38QloJWj1qT4ow3WNdbOVB9Zi6pxOPU4gx_ogYdzW91sXTk05s0_mMiGVUb9B3vMRTNCPYR6dG0_62BFBtPGgVchuGwBgS0ApjtzRWWtRk5FRgH6UH5r5p2CNUc5YBv0_gSZQl14WShrnT_8SCqVB46GjcSkLTcFc2KR1b0nzuHdJg56wNc_DmbrQiVEnImGVJNCMd0wMLbVKJWXzdN0k2fR-aMJmfmNzreUNw_JwknHfHm-wLCP4-cIASrl9EoA7PEOpNwNuSd5WTZk8AE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE7XWuQzQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRokhbE1EoCv3R3zOKcAGIEccdsoA%26sig%3DAOD64_3TtYVz_3ghZ-7dR_O5e8WzlmdkFg%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-Df4x2GbomhhDzD8v_IITvnoYGz4wCjVY7EG7fxnBf5K_K01SWf5QlMp4R8TFncDdzpz7DmmUTvlipF37EaeLDkjWKmseqvZbpqrpYbx0bDgtkfxEMlwRATrq9zUjrGlKlH00C-Q0AFzV0T3qRz7c5kqDUNSg%26cry%3D1%26dbm_d%3DAKAmf-B3KCjcM8I0h9vkPH3M1z7jDXEEXpJy8VcDm0d9n-UHt_1jNAT0UJ6s3RqeWJH6Qg_EHvs5JpUBzySIWevLcdm1QVzzF_hvzkuAGtYmzoqQf-708c43ub5KmCC6nK08eZuW0t8013EK-pSnWecQjyXR-pKk68axSeoITWte0BM5uvMSkadKjWX_n5WPv23_MGnnCWN7N9KeBfILR9dlT9WEOaahKZcHdKBdoLpdonuRdWc6k21WIcoockN9sJBmXIHCN7DfC6S86CFP2tqjvPi0eaChH8e8iBtr4uDNkoAbPOG55gZspV6anB-hqXq0MujOiZ3CHq4VhPXHJCN412ehu4Z2wlK9I_80PV3y5ILE5ydTjiuzYK_pcm1aeuwF6SwHlJkWYxmzydp9oAnb0z-qn_NrxAqXp_IFgJw1grpwFJL5NAsqwok7g6LIIW0ji_W2UOyrV3TJWELt_ql0LoVNqSKcQw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.suarasurabaya.net%2F&ancestorOrigins=https%3A%2F%2Fwww.suarasurabaya.net&random=2734542229074&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Host
www.zenaps.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
awpv8508=235229|1630484103|b5b13a50-0afc-11ec-bfe3-692d0dec5663; AWSESS=413151:2882174
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Content-Type
image/gif
Expires
0
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma
no-cache
Content-Length
43
Date
Wed, 01 Sep 2021 08:15:04 GMT
Connection
keep-alive
Set-Cookie
awpv9247=235229|1630484104|b5dd2c50-0afc-11ec-bfe3-692d0dec5663;domain=.zenaps.com;path=/;expires=Saturday, 04-Sep-2021 08:15:04 UTC;Secure;SameSite=None AWSESS=407742:2824569;domain=.zenaps.com;path=/;Secure;SameSite=None
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default

Redirect headers

Location
https://www.zenaps.com/cshow.php?pvr=b5dd2c50-0afc-11ec-bfe3-692d0dec5663&v=9247&r=235229&q=407742&s=2824569&viewref=84891000051578800719590011704007&pv=1
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Content-Length
0
Date
Wed, 01 Sep 2021 08:15:04 GMT
Connection
keep-alive
Set-Cookie
awpv9247=235229|1630484104|b5dd2c50-0afc-11ec-bfe3-692d0dec5663;domain=.awin1.com;path=/;expires=Saturday, 04-Sep-2021 08:15:04 UTC;Secure;SameSite=None AWSESS=407742:2824569;domain=.awin1.com;path=/;Secure;SameSite=None
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default
/
htlp.large.nl/ Frame 4B8E 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://htlp.large.nl/
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=d9959c2939&subid=&uid=74ceb30830e0ffaa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeu2AhTYvYbCCJJrF7_UPjayOgAbisNzwX_Pt7-n3DPAuEAEg9Ov2K2CRhICA_BfIAQmpAjlSz2UbzLM-qAMBqgTYAU_QTsquFnE9MA3cF38QloJWj1qT4ow3WNdbOVB9Zi6pxOPU4gx_ogYdzW91sXTk05s0_mMiGVUb9B3vMRTNCPYR6dG0_62BFBtPGgVchuGwBgS0ApjtzRWWtRk5FRgH6UH5r5p2CNUc5YBv0_gSZQl14WShrnT_8SCqVB46GjcSkLTcFc2KR1b0nzuHdJg56wNc_DmbrQiVEnImGVJNCMd0wMLbVKJWXzdN0k2fR-aMJmfmNzreUNw_JwknHfHm-wLCP4-cIASrl9EoA7PEOpNwNuSd5WTZk8AE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE7XWuQzQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRokhbE1EoCv3R3zOKcAGIEccdsoA%26sig%3DAOD64_3TtYVz_3ghZ-7dR_O5e8WzlmdkFg%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-Df4x2GbomhhDzD8v_IITvnoYGz4wCjVY7EG7fxnBf5K_K01SWf5QlMp4R8TFncDdzpz7DmmUTvlipF37EaeLDkjWKmseqvZbpqrpYbx0bDgtkfxEMlwRATrq9zUjrGlKlH00C-Q0AFzV0T3qRz7c5kqDUNSg%26cry%3D1%26dbm_d%3DAKAmf-B3KCjcM8I0h9vkPH3M1z7jDXEEXpJy8VcDm0d9n-UHt_1jNAT0UJ6s3RqeWJH6Qg_EHvs5JpUBzySIWevLcdm1QVzzF_hvzkuAGtYmzoqQf-708c43ub5KmCC6nK08eZuW0t8013EK-pSnWecQjyXR-pKk68axSeoITWte0BM5uvMSkadKjWX_n5WPv23_MGnnCWN7N9KeBfILR9dlT9WEOaahKZcHdKBdoLpdonuRdWc6k21WIcoockN9sJBmXIHCN7DfC6S86CFP2tqjvPi0eaChH8e8iBtr4uDNkoAbPOG55gZspV6anB-hqXq0MujOiZ3CHq4VhPXHJCN412ehu4Z2wlK9I_80PV3y5ILE5ydTjiuzYK_pcm1aeuwF6SwHlJkWYxmzydp9oAnb0z-qn_NrxAqXp_IFgJw1grpwFJL5NAsqwok7g6LIIW0ji_W2UOyrV3TJWELt_ql0LoVNqSKcQw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.suarasurabaya.net%2F&ancestorOrigins=https%3A%2F%2Fwww.suarasurabaya.net&random=2734542229074&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:800:b:a286:7800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6bb77d20dd85b4bfae78affeef6ee91869bffa0ef53ed9c8ab9c2a526d0180c5

Request headers

:method
GET
:authority
htlp.large.nl
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

content-type
text/html
content-length
2647
last-modified
Wed, 08 Jul 2020 09:51:56 GMT
x-amz-version-id
Za5k1aCF3b8ugAP1.Dh5UJVd_ViDWDOf
accept-ranges
bytes
server
AmazonS3
date
Wed, 01 Sep 2021 08:15:04 GMT
cache-control
max-age=10
etag
"81767a046d18dbeec7092a1dbdc70325"
x-cache
Hit from cloudfront
via
1.1 98652de9f742fc1df9de714d921e14c3.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
ktzbsasZ0jz6AGjIMP7X68vwqQuLOwUKfFunr5Z-uvHAj7jjP-5Vaw==
age
1
link.html
track.webgains.com/ Frame E4C6 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2685811&wgcampaignid=1519435&viewref=84891000051578800719590011704007&js=1&nw=1&cp=348166952
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
3cec3a0aaf12f5cdbb989ed5b5a278f5ebbb3e89069540b6342972ac03a9b359

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 08:15:04 GMT
Last-Modified
Wed, 01 Sep 2021 08:15:04 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1251
Expires
Mon, 26 Jul 1997 05:00:00 GMT
request_content.php
hal90007.redintelligence.net/ Frame 1992 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90007.redintelligence.net/request_content.php?s=84891000051578800719590011704007&a=074726b9
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=d9959c2939&subid=&uid=74ceb30830e0ffaa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCeu2AhTYvYbCCJJrF7_UPjayOgAbisNzwX_Pt7-n3DPAuEAEg9Ov2K2CRhICA_BfIAQmpAjlSz2UbzLM-qAMBqgTYAU_QTsquFnE9MA3cF38QloJWj1qT4ow3WNdbOVB9Zi6pxOPU4gx_ogYdzW91sXTk05s0_mMiGVUb9B3vMRTNCPYR6dG0_62BFBtPGgVchuGwBgS0ApjtzRWWtRk5FRgH6UH5r5p2CNUc5YBv0_gSZQl14WShrnT_8SCqVB46GjcSkLTcFc2KR1b0nzuHdJg56wNc_DmbrQiVEnImGVJNCMd0wMLbVKJWXzdN0k2fR-aMJmfmNzreUNw_JwknHfHm-wLCP4-cIASrl9EoA7PEOpNwNuSd5WTZk8AE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE7XWuQzQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRokhbE1EoCv3R3zOKcAGIEccdsoA%26sig%3DAOD64_3TtYVz_3ghZ-7dR_O5e8WzlmdkFg%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-Df4x2GbomhhDzD8v_IITvnoYGz4wCjVY7EG7fxnBf5K_K01SWf5QlMp4R8TFncDdzpz7DmmUTvlipF37EaeLDkjWKmseqvZbpqrpYbx0bDgtkfxEMlwRATrq9zUjrGlKlH00C-Q0AFzV0T3qRz7c5kqDUNSg%26cry%3D1%26dbm_d%3DAKAmf-B3KCjcM8I0h9vkPH3M1z7jDXEEXpJy8VcDm0d9n-UHt_1jNAT0UJ6s3RqeWJH6Qg_EHvs5JpUBzySIWevLcdm1QVzzF_hvzkuAGtYmzoqQf-708c43ub5KmCC6nK08eZuW0t8013EK-pSnWecQjyXR-pKk68axSeoITWte0BM5uvMSkadKjWX_n5WPv23_MGnnCWN7N9KeBfILR9dlT9WEOaahKZcHdKBdoLpdonuRdWc6k21WIcoockN9sJBmXIHCN7DfC6S86CFP2tqjvPi0eaChH8e8iBtr4uDNkoAbPOG55gZspV6anB-hqXq0MujOiZ3CHq4VhPXHJCN412ehu4Z2wlK9I_80PV3y5ILE5ydTjiuzYK_pcm1aeuwF6SwHlJkWYxmzydp9oAnb0z-qn_NrxAqXp_IFgJw1grpwFJL5NAsqwok7g6LIIW0ji_W2UOyrV3TJWELt_ql0LoVNqSKcQw%26adurl%3D&documentReferer=https%3A%2F%2Fwww.suarasurabaya.net%2F&ancestorOrigins=https%3A%2F%2Fwww.suarasurabaya.net&random=2734542229074&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
9e5c6fe5fd33cd28fcec0f0cd0595989bc601136b8aa03e19783c6f192326193

Request headers

Host
hal90007.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

Date
Wed, 01 Sep 2021 08:15:04 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Wed, 01 Sep 2021 09:15:04 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2060
Connection
close
Content-Type
text/html; charset=utf-8
cshow.php
www.zenaps.com/ Frame E4C6
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2898042&v=8361&q=383360&r=235229&pref1=84891000051578800719590011704007&pv=1
  • https://www.zenaps.com/cshow.php?pvr=b5ec95a0-0afc-11ec-a5ea-692d04ef6a29&v=8361&r=235229&q=383360&s=2898042&viewref=84891000051578800719590011704007&pv=1
43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zenaps.com/cshow.php?pvr=b5ec95a0-0afc-11ec-a5ea-692d04ef6a29&v=8361&r=235229&q=383360&s=2898042&viewref=84891000051578800719590011704007&pv=1
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 08:15:04 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 01 Sep 2021 08:15:04 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.zenaps.com/cshow.php?pvr=b5ec95a0-0afc-11ec-a5ea-692d04ef6a29&v=8361&r=235229&q=383360&s=2898042&viewref=84891000051578800719590011704007&pv=1
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B8D5 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 31 Aug 2021 13:41:14 GMT
expires
Wed, 01 Sep 2021 13:41:14 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
66830
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame E4C6 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f6c9374528d6a5c7706fcf66f1da12942e60293350c1166197ed6280688240d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
request.php
hal900018.redintelligence.net/ Frame DA93
Redirect Chain
  • https://hal900018.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=7b3818b768&subid=&uid=0a87c20b07faca32&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900018.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=7b3818b768&subid=&uid=0a87c20b07faca32&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=7b3818b768&subid=&uid=0a87c20b07faca32&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCj6TqhTYvYbSCJJrF7_UPjayOgAbisNzwX56J1vuJC_AuEAEg9Ov2K2CRhICA_BfIAQmpAjlSz2UbzLM-qAMBqgTYAU_QFXxCVMimOvqHe9nrVYcjhgaUtF4dtUdHWeFuNfHklrr_Up73hBsuYpQ8SINhNGOFG1-YgziYe6hnh5L7-hLp3B-jkU6ngJjSD3W-KcmOuTohPbj1WmLDadcZTI5X9-MkUmxDoFsHN7W9U0gx_YnRoXRzJYB8umpCOIpdhLsKTu4w6EXRR8EpJf35kMnu1Ll34qS1hnOcSzPxiloaQIca9-DWusb8Tq5cedyCd_Ut48GerL-bYc89vbMo2rEJ7m-qOWNqHB5y4ESaVlYeH3hAajT8eVRSOsAE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE7XWuQzQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo-rUev7yOOt93k1ZD4KnbERc4dQ%26sig%3DAOD64_0j7cTRIxJbVO0doF68HEsLQIXr7w%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-BITPoeUGtDPTNDqaygYwRQ1chOrlWh6ptTYGavVXwpy73jaL4H4RlV3SKd6xruOmECs4kHUOtzyLcUP5dhK0r40NmX-54Qo1N3qFN-r1zSY3qI7V_9AS2cRjQDkdHFES7jUwt7jXU4fG4VueF1ve3NRageQg%26cry%3D1%26dbm_d%3DAKAmf-CfD7Bonteuy6jIz_EyZYJ-SlnR9a7sdCPgm59BiSLAknnTk6lZCI98OE6MO0BfB3tMsj0zaziaf10kdJ9SbqYXGG5YrVgIpL9nwASrGbJvrxYTVPWfpaa9MMy_p7LL2Lkt82TKMZVUoygOq3dnxMGwXlK7znieRpqTs7EucLU18iC7l6ncmPrWD8JdKqC_TZ3VvM47hLck0oKPp11-s6bb7yKT2ZM2oZf_4OsgZJFyU6cGix6PMqRUoXlkjBD850-BGZA_PYcIiPp9olFYf9mGXjOMPtFEIM4yj-q6vEqgvaJVZBBQMRBEL9Zjm5l6TrLupPxjQ529gnNV7oFea8huafoCkDFx5WoP5az1hyFwffmHYnrqfXHt52srRbASc4XYidN_fpeiarJjbtrFTHYoT0FqfAcCEjOxoVlyJ5WeWOk_ggl-F9LXxCBFtTAqu8s0SG0i%26adurl%3D&documentReferer=https%3A%2F%2Fwww.suarasurabaya.net%2F&ancestorOrigins=https%3A%2F%2Fwww.suarasurabaya.net&random=317385306518&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
be51eaa80129222b8b6063936fb550bbb4bea5d2f109bb1cf24b8c0a6fbc29de

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 08:15:04 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
82942300047741800719590011704018
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1041
Expires
Wed, 01 Sep 2021 09:15:04 +0200

Redirect headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 08:15:04 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=7b3818b768&subid=&uid=0a87c20b07faca32&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCj6TqhTYvYbSCJJrF7_UPjayOgAbisNzwX56J1vuJC_AuEAEg9Ov2K2CRhICA_BfIAQmpAjlSz2UbzLM-qAMBqgTYAU_QFXxCVMimOvqHe9nrVYcjhgaUtF4dtUdHWeFuNfHklrr_Up73hBsuYpQ8SINhNGOFG1-YgziYe6hnh5L7-hLp3B-jkU6ngJjSD3W-KcmOuTohPbj1WmLDadcZTI5X9-MkUmxDoFsHN7W9U0gx_YnRoXRzJYB8umpCOIpdhLsKTu4w6EXRR8EpJf35kMnu1Ll34qS1hnOcSzPxiloaQIca9-DWusb8Tq5cedyCd_Ut48GerL-bYc89vbMo2rEJ7m-qOWNqHB5y4ESaVlYeH3hAajT8eVRSOsAE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE7XWuQzQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo-rUev7yOOt93k1ZD4KnbERc4dQ%26sig%3DAOD64_0j7cTRIxJbVO0doF68HEsLQIXr7w%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-BITPoeUGtDPTNDqaygYwRQ1chOrlWh6ptTYGavVXwpy73jaL4H4RlV3SKd6xruOmECs4kHUOtzyLcUP5dhK0r40NmX-54Qo1N3qFN-r1zSY3qI7V_9AS2cRjQDkdHFES7jUwt7jXU4fG4VueF1ve3NRageQg%26cry%3D1%26dbm_d%3DAKAmf-CfD7Bonteuy6jIz_EyZYJ-SlnR9a7sdCPgm59BiSLAknnTk6lZCI98OE6MO0BfB3tMsj0zaziaf10kdJ9SbqYXGG5YrVgIpL9nwASrGbJvrxYTVPWfpaa9MMy_p7LL2Lkt82TKMZVUoygOq3dnxMGwXlK7znieRpqTs7EucLU18iC7l6ncmPrWD8JdKqC_TZ3VvM47hLck0oKPp11-s6bb7yKT2ZM2oZf_4OsgZJFyU6cGix6PMqRUoXlkjBD850-BGZA_PYcIiPp9olFYf9mGXjOMPtFEIM4yj-q6vEqgvaJVZBBQMRBEL9Zjm5l6TrLupPxjQ529gnNV7oFea8huafoCkDFx5WoP5az1hyFwffmHYnrqfXHt52srRbASc4XYidN_fpeiarJjbtrFTHYoT0FqfAcCEjOxoVlyJ5WeWOk_ggl-F9LXxCBFtTAqu8s0SG0i%26adurl%3D&documentReferer=https%3A%2F%2Fwww.suarasurabaya.net%2F&ancestorOrigins=https%3A%2F%2Fwww.suarasurabaya.net&random=317385306518&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Wed, 01 Sep 2021 09:15:04 +0200
/
google2waycm.netmng.com/cm/ Frame FB53 		0
0
pixel
cm.g.doubleclick.net/ Frame FB53
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEIksSeMRb71OaQ8trHVGC2Q&google_cver=1&google_push=AYg5qPKcDcIiwb9Y3HA2_lju2ZwQIwVl8IoH5_GBJ-wqhyjZfwCoeQw8zw03tWfr19WCl-FecjOT-o2...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEIksSeMRb71OaQ8trHVGC2Q&google_cver=1&google_push=AYg5qPKcDcIiwb9Y3HA2_lju2ZwQIwVl8IoH5_GBJ-wqhyjZfwCoeQw8zw03tWfr19WCl...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=ETmPzUYxQXSRpnda4HydzGEvNog
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=ETmPzUYxQXSRpnda4HydzGEvNog
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:03 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=ETmPzUYxQXSRpnda4HydzGEvNog
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame FB53
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEKpVi-a8bIs1xwl-_dW-tNQ&google_cver=1&google_push=AYg5qPIU757CbNtIDi3iceaE-4gGEaEljV23GLt6BMZ3qgJjiopl2VkSZgbLOBjeiAR8vlIaKWKYH1gV6n1JUStR...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OlfoORF5RQyGYE5vwGJ3FQ2&google_push=AYg5qPIU757CbNtIDi3iceaE-4gGEaEljV23GLt6BMZ3qgJjiopl2VkSZgbLOBjeiAR8vlIaKWKYH1gV6n1JUStReHh2nYaS8NqD
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OlfoORF5RQyGYE5vwGJ3FQ2&google_push=AYg5qPIU757CbNtIDi3iceaE-4gGEaEljV23GLt6BMZ3qgJjiopl2VkSZgbLOBjeiAR8vlIaKWKYH1gV6n1JUStReHh2nYaS8NqD
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 01 Sep 2021 08:15:04 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OlfoORF5RQyGYE5vwGJ3FQ2&google_push=AYg5qPIU757CbNtIDi3iceaE-4gGEaEljV23GLt6BMZ3qgJjiopl2VkSZgbLOBjeiAR8vlIaKWKYH1gV6n1JUStReHh2nYaS8NqD
x-host
tde-deliveryengine-production-57bdbcf799-xjd5k
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame FB53
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPYMY2yR1uz9ykUjuyaBCJY&google_cver=1&google_push=AYg5qPL1SviqI3UFfbibDF9pcxD8f1zYJgHmqVmv6H6xIYzL0bWBlsS3ISwmchJVniRm1Q0vpt7xqDGk...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPYMY2yR1uz9ykUjuyaBCJY&google_cver=1&google_push=AYg5qPL1SviqI3UFfbibDF9pcxD8f1zYJgHmqVmv6H6xIYzL0bWBlsS3ISwmchJVniRm1Q0vpt7...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc0MzUyNDcyNDk4MjA5NTk2&google_push=AYg5qPL1SviqI3UFfbibDF9pcxD8f1zYJgHmqVmv6H6xIYzL0bWBlsS3ISwmchJVniRm1Q0vpt7xqDGk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc0MzUyNDcyNDk4MjA5NTk2&google_push=AYg5qPL1SviqI3UFfbibDF9pcxD8f1zYJgHmqVmv6H6xIYzL0bWBlsS3ISwmchJVniRm1Q0vpt7xqDGkenzt659BlGQZKRTkN1hw
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:04 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc0MzUyNDcyNDk4MjA5NTk2&google_push=AYg5qPL1SviqI3UFfbibDF9pcxD8f1zYJgHmqVmv6H6xIYzL0bWBlsS3ISwmchJVniRm1Q0vpt7xqDGkenzt659BlGQZKRTkN1hw
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame FB53
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7MOhdbefRZi-LIZbnsglDw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7MOhdbefRZi-LIZbnsglDw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIv5gKhnTiDMuLai-AvpTTkMrtXbIG-WjKqWBifC7_eEEwyN3_LlfY2wFHyunJYZtdzfcq2uq5IAO7AwmpPTb8CJPjh8m3f
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7MOhdbefRZi-LIZbnsglDw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIv5gKhnTiDMuLai-AvpTTkMrtXbIG-WjKqWBifC7_eEEwyN3_LlfY2wFHyunJYZtdzfcq2uq5IAO7AwmpPTb8CJPjh8m3f
date
Wed, 01 Sep 2021 08:15:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame FB53
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESED-4fVyRKXj8vKyvJdfs5s0&google_cver=1&google_push=AYg5qPIFg8jebvYG5J8NHJgI-8d-leYKtX2lqjpP1TN7-uVrHty8uP0XdcqN7JdsOkiB0yPw2N5BYD43lUcJd1nC...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIFg8jebvYG5J8NHJgI-8d-leYKtX2lqjpP1TN7-uVrHty8uP0XdcqN7JdsOkiB0yPw2N5BYD43lUcJd1nCuTc_TEeLV5_1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIFg8jebvYG5J8NHJgI-8d-leYKtX2lqjpP1TN7-uVrHty8uP0XdcqN7JdsOkiB0yPw2N5BYD43lUcJd1nCuTc_TEeLV5_1
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 01 Sep 2021 08:15:04 GMT
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIFg8jebvYG5J8NHJgI-8d-leYKtX2lqjpP1TN7-uVrHty8uP0XdcqN7JdsOkiB0yPw2N5BYD43lUcJd1nCuTc_TEeLV5_1
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
qLataQXoKioycBjkmQoTn6PLtRPKTcLv6pwBGdZgEQB9wq0G7CnvdA==
pixel
cm.g.doubleclick.net/ Frame FB53
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
  • https://sync.targeting.unrulymedia.com/csync/RX-d0cc4b7f-b93d-4e9b-a0d5-8191f99d8101-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPJM7wm2H89ASzLL8MrQw...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJM7wm2H89ASzLL8MrQwsoaA7iJVkaD0QF50smINX8YhdnSeCsxiSC7tMdRZF9JOtkN7yUXPNcTWJ9V1UH8O6QNcpaFic4l&google_hm=A9DMS3-5PU6boNWBkfmdgQE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJM7wm2H89ASzLL8MrQwsoaA7iJVkaD0QF50smINX8YhdnSeCsxiSC7tMdRZF9JOtkN7yUXPNcTWJ9V1UH8O6QNcpaFic4l&google_hm=A9DMS3-5PU6boNWBkfmdgQE
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJM7wm2H89ASzLL8MrQwsoaA7iJVkaD0QF50smINX8YhdnSeCsxiSC7tMdRZF9JOtkN7yUXPNcTWJ9V1UH8O6QNcpaFic4l&google_hm=A9DMS3-5PU6boNWBkfmdgQE
date
Wed, 01 Sep 2021 08:15:04 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd0cc4b7fb93d4e9ba0d58191f99d8101003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame FB53 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JU2GTPSWX6AzV9VTrAYd-MPa2Zyx4YTaM0l3PZaQbrlfvphYMsw-f36A8VBVJnR5DwGCyk
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
spinning-circles.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/ Frame 5E0D 		3 KB
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/spinning-circles.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/jsf.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
320bdb63f5150f35fa6b9f3de2f204ed2caea8d6207cdb82ebfafb1ee136f818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/jsf.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 08:24:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85840
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
471
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 13:29:06 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Sep 2021 08:24:24 GMT
Gibson-Regular.woff2
s0.2mdn.net/creatives/assets/4018236/ Frame 5E0D 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4018236/Gibson-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/jsf.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
314620316b791996fa0238a4ec9ec6fdfe87e76f66e7023b8057b713521be828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/jsf.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:03:15 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jan 2021 14:42:40 GMT
server
sffe
age
709
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10016
x-xss-protection
0
expires
Wed, 01 Sep 2021 08:18:15 GMT
e6244d1a4401c7fe26622998bffa5f86940922.png
static.tradetracker.net/nl/material_image/f1/ Frame 3EB5
Redirect Chain
  • https://ti.tradetracker.net/?c=34211&m=1888189&a=70002&r=93811400051604900719590011704014&t=html
  • https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:5800:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a82269bce61196e0aca1c36b304de3471e367a41179284996e6b06b2a3b3009a

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:14:25 GMT
via
1.1 fd4a8fa7c304171992e7f22fc8894905.cloudfront.net (CloudFront)
last-modified
Fri, 23 Apr 2021 10:05:11 GMT
server
nginx
age
177
etag
"60829bd7-6cf"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
1743
x-amz-cf-id
_yNVxUI9tdqWSKyxAx4OJwSLgr6I3_KhiqifmOadP1YRexu1WCu0JQ==

Redirect headers

location
https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png
date
Wed, 01 Sep 2021 08:15:04 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
css
fonts.googleapis.com/ Frame E5C5 		1 KB
526 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=93811400051604900719590011704014&a=ab56e73f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c1521286e7dd2d6f8c2262b15bca8867bcae973a83879accdd00e1cb9831e5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 06:44:56 GMT
server
ESF
date
Wed, 01 Sep 2021 08:15:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Sep 2021 08:15:04 GMT
/
hal9000.redintelligence.net/scale/ Frame E5C5 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/53619/creativesup/img220807_banners_megekko_affiliate_image_v2-1597759923086-min%20(2).jpg
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=93811400051604900719590011704014&a=ab56e73f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
7e82da32bf54e4d5e18a12b7d96f1bf4af3a3c4f426f2855739d362d8acb3146

Request headers

Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 08:15:04 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
11775
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame E5C5 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/58995/creativesup/1200x627.jpg
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=93811400051604900719590011704014&a=ab56e73f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
3c6fe11638286f598cb793418d72e7921c641da18914745a62a238855c230893

Request headers

Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 08:15:04 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
14633
Vary
Accept-Encoding
Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame CDAC 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssgfXp_JYsf8YfbNBKkfROklkGnS2BlWvhDZll4ALG8aJux4Teotss_eI8jY9cUUUmeBNXpRTEhM4jorzn-oIoRUNsvQnPcVbsLaVs9wsw6NdP7B0yJ_h9in9wTOrfZBNZeURuDbYUDmzLscgLHx56HiSMVV0_djT8FlRJADpEamyV769dUsMveIQ6UNjHA9Js4sPw29cmSqlInEowMZzGmvS6x31CEfNtmwvpI3tMmfw5djtJ84ZjJZSEUJA1uRXWGn2e3D2E-kgZ2WtP-S-Zzc4rqnyPIniqVnnZM1EjcO2vbKtQi9Bd35vJ6ysx-rcADjHXke-VK_syGQAx8Jp4uZBri3pfze2b2ehq1qRF_OxAhzgTQx3rZ4ISMDZMGqHtwfbh8MdGW7C1vBSOzTN6h7A2m3rcdHiYoWFLFajUjbOIlREImKgGL7MTDXqsnTxREZB2Y38uWSoYgbqvCgGIIOKymv2JsLjVapPjgouFIzTrBfV_718rFVqkiv6LajziOM2V6J4sek7n-l95RmMYIoX-4V-zB8291y35z5d2ONOxWRE7Fm5q136GqnYMmqZ_AdaABQCOUerSutrvp7PcAmmt8XCxZ08bPya5CZq18KUdKKkEmL6FVSN4euFMsvitO-J5YF_8fgKIsuXTsLO7KF821dPrZDYc7fC_QTG6c0ROcXd-4pUUiQUOC_jcllCgdAStxuiJtINGdsKDTLbKp3aMfUu0fRMTi5vJml4jq_lxjMmopM8BxuliXmnvKQavWOTpoaeOIzM5X-6p6bTMmmD2_FYk3qYO2r1Cq8lT092O9AaX2XjYOuMBgedbsfdG8eLapuXyuOrBAkGhXzP1KdJ4QYxsD_rrkcpIpdsi9IUsWnWN2v8nVx-ndivIbiwvU7TLS-mkNxwI7iWkt1piNoKbIu8uiki0rCarT1fp6IRzxU9UUO032fXGSuM0jgotTmonCFKS8Xweg68PRoep9GaNYbTBLTmVbrnPq8EiQ8ChR72dGDYtNsy6izkswwaTMaf-H1Me9_9x6jaVqdkrnXsxd33MILYJV6ym5s3MHocMEfHbZS8VogbiGS8n6okDcYy0gbPgBRoOWGTRbfSoXE2WpOHmVWv6N8N9deCa4FoBPGmmS0pyKhtMRx8h1v51W6AHSv5epe2w9Zug5kXKInBryO_Crl7PdGkndFQZI2fcs-RIDWCbbhq2-AnyEs2SaCxAF5MrLv4gf8DFqzQp4scBYbEwZvNOkPdzhGd_A5132&sai=AMfl-YT2DbEL60R3lRk9av0Vcg49Mew6Pw0gLeAcUzTvyUzC47Lmgo4V953cupN3SElgN2jU1SuXBBGyrBRGxNjGzgFkIlES6ujVAD1b0ZnhYOqkqGE0kSmXpyp9bx55Z-OS30n3MOHQSwdTOMzh830P3kZo2P2zkx_NbYoF0FWVccCaSLY1OGkRL5B6kPVQAw&sig=Cg0ArKJSzF6iryzXKIpQEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1811&vt=11&dtpt=1335&dett=3&cstd=430&cisv=r20210830.98584&adurl=
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 01 Sep 2021 08:15:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
google2waycm.netmng.com/cm/ Frame 50F6 		0
0
cm
a.rfihub.com/ Frame 50F6
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEBCDVgXEos5PKMUy2QTWGZc&google_cver=1&google_push=AYg5qPLlXVhDNozkQFjLgpxtuRK_PpZ_g-OFoDMDfVIJcWHx4EWie9XaOOWU5I83E50JIJY2NlEcm6NJItT8C4jHwo8XZ_d...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLlXVhDNozkQFjLgpxtuRK_PpZ_g-OFoDMDfVIJcWHx4EWie9XaOOWU5I83E50JIJY2NlEcm6NJItT8C4jHwo8XZ_dN6ag&google_hm=OTA5NjAwNTQ4...
  • https://a.rfihub.com/cm?pub=445&google_error=5
42 B
812 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.rfihub.com/cm?pub=445&google_error=5
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 08:15:05 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.rfihub.com/cm?pub=445&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 50F6
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESECf74Q4mtHCJVYb2QzQTX38&google_cver=1&google_push=AYg5qPLQWcuikuqnyOiEGOBQbeVUhLu-zBNJK42ICfCJzs9He69OAFcckiQXjuiW2pml9ariM--tMRVTOkwX7gZMJQAWRa18CxM&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECf74Q4mtHCJVYb2QzQTX38&google_cver=1&google_push=AYg5qPLQWcuikuqnyOiEGOBQbeVUhLu-zBNJK42ICfCJzs9He69OAFcckiQXjuiW2pml9ariM--tMRVTOkwX7gZMJQAWRa18CxM...
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECf74Q4mtHCJVYb2QzQTX38&google_cver=1&google_push=AYg5qPLQWcuikuqnyOiEGOBQbeVUhLu-zBNJK42ICfCJzs9He69OAFcckiQXjuiW2pml9ariM--tMRVTOkwX7gZMJQAWRa18CxM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLQWcuikuqnyOiEGOBQbeVUhLu-zBNJK42ICfCJzs9He69OAFcckiQXjuiW2pml9ariM--tMRVTOkwX7gZMJQAWRa18CxM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:05 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
687d0c780d4bc272-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:04 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1231
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
687d0c74e9a2c272-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECf74Q4mtHCJVYb2QzQTX38&google_cver=1&google_push=AYg5qPLQWcuikuqnyOiEGOBQbeVUhLu-zBNJK42ICfCJzs9He69OAFcckiQXjuiW2pml9ariM--tMRVTOkwX7gZMJQAWRa18CxM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLQWcuikuqnyOiEGOBQbeVUhLu-zBNJK42ICfCJzs9He69OAFcckiQXjuiW2pml9ariM--tMRVTOkwX7gZMJQAWRa18CxM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 50F6
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFyGup5YZlgQKYBKOIagxhA&google_cver=1&google_push=AYg5qPK1ZF6XzYHDfB5GU2MxdHDMaDmEwNXAHN2tzhKNOAIoayb6Z1R9KBylr7qNx9ccMCiQEebz0MbBlxCpNDZV...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OlfoORF5RQyGYE5vwGJ3FQ2&google_push=AYg5qPK1ZF6XzYHDfB5GU2MxdHDMaDmEwNXAHN2tzhKNOAIoayb6Z1R9KBylr7qNx9ccMCiQEebz0MbBlxCpNDZVy1LEntJoRw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OlfoORF5RQyGYE5vwGJ3FQ2&google_push=AYg5qPK1ZF6XzYHDfB5GU2MxdHDMaDmEwNXAHN2tzhKNOAIoayb6Z1R9KBylr7qNx9ccMCiQEebz0MbBlxCpNDZVy1LEntJoRw
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 01 Sep 2021 08:15:04 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OlfoORF5RQyGYE5vwGJ3FQ2&google_push=AYg5qPK1ZF6XzYHDfB5GU2MxdHDMaDmEwNXAHN2tzhKNOAIoayb6Z1R9KBylr7qNx9ccMCiQEebz0MbBlxCpNDZVy1LEntJoRw
x-host
tde-deliveryengine-production-57bdbcf799-xjd5k
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 50F6
Redirect Chain
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESED1L2UzCNnSYNxJOlzCCsO8&google_cver=1&google_push=AYg5qPIRYZQ42yalkhfVdF8Cy_UkMbRao6S6R69987rPWk3ZxfJFGXpSmsQs9...
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESED1L2UzCNnSYNxJOlzCCsO8&google_cver=1&google_push=AYg5qPIRYZQ42yalkhfVdF8Cy_UkMbRao6S6R69987rPWk3ZxfJFGXpSmsQs9...
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=exV04nzJ7D7_N063voyDrQ&google_push=AYg5qPIRYZQ42yalkhfVdF8Cy_UkMbRao6S6R69987rPWk3ZxfJFGXpSmsQs9XkB0sCRyDech-zz6QGpk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=exV04nzJ7D7_N063voyDrQ&google_push=AYg5qPIRYZQ42yalkhfVdF8Cy_UkMbRao6S6R69987rPWk3ZxfJFGXpSmsQs9XkB0sCRyDech-zz6QGpkSgiNTain9Vjq62_Yxs
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 01 Sep 2021 08:15:05 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=exV04nzJ7D7_N063voyDrQ&google_push=AYg5qPIRYZQ42yalkhfVdF8Cy_UkMbRao6S6R69987rPWk3ZxfJFGXpSmsQs9XkB0sCRyDech-zz6QGpkSgiNTain9Vjq62_Yxs
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
237
pixel
cm.g.doubleclick.net/ Frame 50F6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEC0A_-keiDnZfDvscQcTdmY&google_cver=1&google_push=AYg5qPKbYKlRYfKWIF5tOIcHSyfejT7kiAv7rXMDDDOEQ2ZkhGMF84btNDCLgoGh2oh7e2Vee0dy1p5VjlL_TrhZUCLp...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEC0A_-keiDnZfDvscQcTdmY&google_cver=1&google_push=AYg5qPKbYKlRYfKWIF5tOIcHSyfejT7kiAv7rXMDDDOEQ2ZkhGMF84btNDCLgoGh2oh7e2Vee0dy1p5VjlL_Tr...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKbYKlRYfKWIF5tOIcHSyfejT7kiAv7rXMDDDOEQ2ZkhGMF84btNDCLgoGh2oh7e2Vee0dy1p5VjlL_TrhZUCLpCUAb2Q&google_hm=SxU-p0QSToukONBlvF-EPg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKbYKlRYfKWIF5tOIcHSyfejT7kiAv7rXMDDDOEQ2ZkhGMF84btNDCLgoGh2oh7e2Vee0dy1p5VjlL_TrhZUCLpCUAb2Q&google_hm=SxU-p0QSToukONBlvF-EPg==
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKbYKlRYfKWIF5tOIcHSyfejT7kiAv7rXMDDDOEQ2ZkhGMF84btNDCLgoGh2oh7e2Vee0dy1p5VjlL_TrhZUCLpCUAb2Q&google_hm=SxU-p0QSToukONBlvF-EPg==
date
Wed, 01 Sep 2021 08:15:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 50F6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhj...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 50F6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LrWOyGnPIgvLCCGxmUTmXuHM0IAlAo2KHSWC_mffiNOWb4gDxJlfrOXW6T7xhyTBgisAMV
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
pagead2.googlesyndication.com/bg/ Frame 5958 		35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 06:25:38 GMT
vary
Accept-Encoding
last-modified
Mon, 23 Aug 2021 08:38:00 GMT
server
sffe
x-content-type-options
nosniff
age
6566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35516
x-xss-protection
0
expires
Thu, 01 Sep 2022 06:25:38 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CDAC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIjmnI13kXcMKFtb3Fi4k05iZBX270vjKIDWO_Wr1EeCAVz-z2Cv_Lgvp_iHbo75_ay9ikRLjtimt2fWc9E6sXtytjGJGKfqPVUloFeXebf7odgUmHZEwysNhlZA&sai=AMfl-YRBHWAyHU7E4_8dmFg7J7JecJT99QzUqMQ0vOFxotKaUGvzSO7OSdVYhm72hH03vw3YG5WF0eMTTb_5fJ0GP5cObghCSDjp7IORyoHDXGbibWy_qUaMH8RIAJRycQlt&sig=Cg0ArKJSzJcQwpX_x_tVEAE&cid=CAASFeRoayn7UW7DxRQakEV7_sbJYR7tyQ&id=lidar2&mcvt=1074&p=734,1055,1334,1355&asp=734,1055,1334,1355&mtos=0,1074,1074,1074,1074&tos=0,1074,0,0,0&v=20210830&bin=7&avms=nio&bs=0,0&mc=0.78&if=1&app=0&itpl=20&adk=3040989654&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630484102088&rpt=1081&isd=0&lsd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5E0D 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c52100316259c4ff463f4a38521372969a8b806224bdee043ba291903b22126c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Sep 2021 08:15:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4500
x-xss-protection
0
viewability
hal900014.redintelligence.net/ Frame E5C5 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/viewability?s=93811400051604900719590011704014&a=d4734703&vb=m
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=93811400051604900719590011704014&a=ab56e73f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal900014.redintelligence.net/request_content.php?s=93811400051604900719590011704014&a=ab56e73f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 08:15:04 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
ti.tradetracker.net/ Frame E5C5 		434 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ti.tradetracker.net/?c=558&amp;m=24180&amp;a=70002&amp;r=93811400051604900719590011704014&amp;t=js&amp;wid=tt-235ff2
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=93811400051604900719590011704014&a=ab56e73f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.25.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-25-216.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5b72ba3cc5f2388d72ccf6d66f199842cbc985baa5f089581075a104636f5cab

Request headers

Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:04 GMT
cache-control
no-cache, must-revalidate
expires
Mon, 26 Jul 1997 05:00:00 GMT
server
nginx
content-type
text/javascript; charset=UTF-8
css
fonts.googleapis.com/ Frame 1992 		1 KB
418 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=84891000051578800719590011704007&a=074726b9
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c1521286e7dd2d6f8c2262b15bca8867bcae973a83879accdd00e1cb9831e5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 06:41:03 GMT
server
ESF
date
Wed, 01 Sep 2021 08:15:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Sep 2021 08:15:04 GMT
/
hal9000.redintelligence.net/scale/ Frame 1992 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/60306/creativesup/1200x627.jpg
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=84891000051578800719590011704007&a=074726b9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
aa521d5854c64dafd76eb70846a7192c8d0046d81538341a33c2447f43d6b95a

Request headers

Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 08:15:04 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
13311
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 1992 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/57777/creativesup/1200x627.jpg
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=84891000051578800719590011704007&a=074726b9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
a94f5228ef6c0b93d79a8a324d543cd8ed38522d1ec61c98ecb9664aa43a5424

Request headers

Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 08:15:05 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
14082
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 1992 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/58593/creativesup/1200x627.jpg
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=84891000051578800719590011704007&a=074726b9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
60a76cf87f7b27fff6e60de8ac6256ccb9132526a55e8d19f91f33cd36b97fe6

Request headers

Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 08:15:05 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
15621
Vary
Accept-Encoding
Content-Type
image/png
logo_icon.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/ Frame 5E0D 		781 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/logo_icon.svg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e0c3388dc0cd74ee5f6a9d11d96a489a7c653649400fee9f830d2cdc0bdb8d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=bILBucNUMn&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 05:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11701
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
476
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 13:29:06 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Sep 2021 05:00:03 GMT
logo_wehkamp.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/ Frame 5E0D 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/logo_wehkamp.svg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fcf86c704309b49a15eff04d3568918453da2124d7995c80bd1480096dbc08d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=bILBucNUMn&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 08:25:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85801
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1145
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 13:29:06 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Sep 2021 08:25:03 GMT
1000x1000-socialpaid-display-category-intent-Autumn-1-10-wk35_1630364453626_1000x1000-socialpaid-display-category-intent-Autumn-1-10-wk35.jpeg
s0.2mdn.net/dynamic/2/10779688/images.wehkamp.nl/i/wehkamp/ Frame 5E0D 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10779688/images.wehkamp.nl/i/wehkamp/1000x1000-socialpaid-display-category-intent-Autumn-1-10-wk35_1630364453626_1000x1000-socialpaid-display-category-intent-Autumn-1-10-wk35.jpeg
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24278c239682539bb4fa62cb8d9fce149dcc976ce3f2873cadb4574effde46ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=bILBucNUMn&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 05:01:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 30 Aug 2021 23:00:56 GMT
server
sffe
age
98035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74373
x-xss-protection
0
expires
Wed, 31 Aug 2022 05:01:09 GMT
400-400-display-leeg-png_1620442864860_400-400-display-leeg-png.png
s0.2mdn.net/dynamic/2/10779688/images.wehkamp.nl/raw/wehkamp/ Frame 5E0D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10779688/images.wehkamp.nl/raw/wehkamp/400-400-display-leeg-png_1620442864860_400-400-display-leeg-png.png
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372a48f55cbbf0d9a2d1722a19e66960beff605158a3d22e959628e40831ec44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/index.html?e=69&leftOffset=0&topOffset=0&c=bILBucNUMn&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 05:01:21 GMT
x-content-type-options
nosniff
last-modified
Sat, 08 May 2021 03:01:08 GMT
server
sffe
age
530023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2063
x-xss-protection
0
expires
Fri, 26 Aug 2022 05:01:21 GMT
Gibson-Light.woff2
s0.2mdn.net/creatives/assets/4018236/ Frame 5E0D 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4018236/Gibson-Light.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/jsf.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8505830998b8fd36576fabb9edcad89de5a2d1fd091676d8683764290995867
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/jsf.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:03:41 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jan 2021 14:42:44 GMT
server
sffe
age
683
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9640
x-xss-protection
0
expires
Wed, 01 Sep 2021 08:18:41 GMT
Gibson-SemiBold.woff2
s0.2mdn.net/creatives/assets/4018236/ Frame 5E0D 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4018236/Gibson-SemiBold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/jsf.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b1d246693b8d76f17449020ead36b1488af1d16a198e8f0044a0ee0a5b290a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857944/20210816062906360/2021_wehkamp_awareness_300x600/wehkamp_awareness_300x600/jsf.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:03:41 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Jan 2021 14:42:36 GMT
server
sffe
age
683
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10044
x-xss-protection
0
expires
Wed, 01 Sep 2021 08:18:41 GMT
pvClk.min.js
analytics.webgains.io/ Frame E4C6 		60 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2685811&wgcampaignid=1519435&viewref=84891000051578800719590011704007&js=1&nw=1&cp=348166952
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c9417540513a50fdbf1fd9b96a4a0dc671ca4f51515bcc0cb455f439240dc719

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
6jV9xllBBvReasL7cLStTD0wUFnFkR4x
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
last-modified
Wed, 25 Aug 2021 13:00:28 GMT
server
AmazonS3
age
34209
etag
"1e896b5b88f12f78c9d3a64e93b0f453"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 31 Aug 2021 22:45:11 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
61524
x-amz-cf-id
ZWhZUkfgHhtggRDGtdyhthaTJmzCMt59yYZI27Xh3AyLT38hYcN9Ow==
link.html
track.webgains.com/ Frame E4C6 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1519435&viewref=45929500048961401096678011704014&wglinkid=2685811
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
a1228bc3c791388213864420c6e03b15f847aa80793dd6d507926a701ec3b9d6

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 01 Sep 2021 08:15:04 GMT
Last-Modified
Wed, 01 Sep 2021 08:15:04 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
3191
Expires
Mon, 26 Jul 1997 05:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame B8D5 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECNtu9aqcJcD-APKHADGzrg&google_cver=1&google_push=AYg5qPJLnzwedQPP_5bMnU1F2xlgELpRMZBpIaO2cb7cviCQNjJbYl6FBbMVlHUgtGG0FSlKG1tDBXKPnqrt8kk1f10pLlJD3tcDEA
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:04 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
google
match.adsrvr.org/track/cmf/ Frame B8D5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOJgEqMHM2KyX8mmq0kqxvs&google_cver=1&google_push=AYg5qPIGzPzK3NofLbZ3AkIQa8FRpLZPa5kmyj9miUQ6wgr670yOElHLYJJpz2jWLsbSp-j7Nfyk7eYshodAh161K8apNYRopAMnjw
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame B8D5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMUvcgYC7b9kHRz-neBRTDk&google_cver=1&google_push=AYg5qPJ0Ly8hHo4g2ZROFZH2HQD7ywJ0W3qqAxBDuiQyMfCT7ev2ep_ZtQnTt87tvIMiiHTSsJ-iYpiLU7MJ04EEepRb...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMUvcgYC7b9kHRz-neBRTDk&google_cver=1&google_push=AYg5qPJ0Ly8hHo4g2ZROFZH2HQD7ywJ0W3qqAxBDuiQyMfCT7ev2ep_ZtQnTt87tvIMiiHTSsJ-iYpiLU7MJ04...
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=6df6883d-aede-455b-9a09-f62c52b950a9&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJ0Ly8hHo4g2ZROFZH2HQD7ywJ0W3qqAxBDuiQyMfCT7ev2ep_ZtQnTt87tvIMiiHTSsJ-iYpiLU7MJ04EEepRbJ8O1GsLWQw&google_hm=SxU-p0QSToukONBlvF-EPg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJ0Ly8hHo4g2ZROFZH2HQD7ywJ0W3qqAxBDuiQyMfCT7ev2ep_ZtQnTt87tvIMiiHTSsJ-iYpiLU7MJ04EEepRbJ8O1GsLWQw&google_hm=SxU-p0QSToukONBlvF-EPg==
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJ0Ly8hHo4g2ZROFZH2HQD7ywJ0W3qqAxBDuiQyMfCT7ev2ep_ZtQnTt87tvIMiiHTSsJ-iYpiLU7MJ04EEepRbJ8O1GsLWQw&google_hm=SxU-p0QSToukONBlvF-EPg==
date
Wed, 01 Sep 2021 08:15:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame B8D5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEC25dT6rOmFCiYdrODy09fg&google_cver=1&google_push=AYg5qPJhX3hSIdFInXnRW8OqnAxUUjNU3yLoSZV4dD2P1uTcHVpnL5VML42cg_yBsJsAu8OU7T2pauhwqi57ssrXn6BWhM1...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJhX3hSIdFInXnRW8OqnAxUUjNU3yLoSZV4dD2P1uTcHVpnL5VML42cg_yBsJsAu8OU7T2pauhwqi57ssrXn6BWhM1YXgJE&google_hm=NjMxMzA4NTY4NTMyODM3MT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJhX3hSIdFInXnRW8OqnAxUUjNU3yLoSZV4dD2P1uTcHVpnL5VML42cg_yBsJsAu8OU7T2pauhwqi57ssrXn6BWhM1YXgJE&google_hm=NjMxMzA4NTY4NTMyODM3MTE1Mg%3D%3D
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 01 Sep 2021 08:15:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJhX3hSIdFInXnRW8OqnAxUUjNU3yLoSZV4dD2P1uTcHVpnL5VML42cg_yBsJsAu8OU7T2pauhwqi57ssrXn6BWhM1YXgJE&google_hm=NjMxMzA4NTY4NTMyODM3MTE1Mg%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B8D5
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7MOhdbefRZi-LIZbnsglDw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7MOhdbefRZi-LIZbnsglDw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIDya-lGs8DgNv1CXa9LRJ_arZ1KQuZkrrzGxUBFmmehUbx37lNrmyR1iR60efju8rz7fKeXmPq6OvJ-XQklcrw1DZB7QG5rQ
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7MOhdbefRZi-LIZbnsglDw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIDya-lGs8DgNv1CXa9LRJ_arZ1KQuZkrrzGxUBFmmehUbx37lNrmyR1iR60efju8rz7fKeXmPq6OvJ-XQklcrw1DZB7QG5rQ
date
Wed, 01 Sep 2021 08:15:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B8D5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECN99s1KM08qRNnC10vRc1g&google_cver=1&google_push=AYg5qPIncx8dutlGw7rxmSf9jvYWhnFAASn99xTxtIDUHkkLVWdpkO6rljCnh33l6HYbKx0Mbl4...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxODRZVlItMU8tSjdTUg==&google_push=AYg5qPIncx8dutlGw7rxmSf9jvYWhnFAASn99xTxtIDUHkkLVWdpkO6rljCnh33l6HYbKx0Mbl4QLxsU3Jt5p584jwRoHxr5wTnWQQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxODRZVlItMU8tSjdTUg==&google_push=AYg5qPIncx8dutlGw7rxmSf9jvYWhnFAASn99xTxtIDUHkkLVWdpkO6rljCnh33l6HYbKx0Mbl4QLxsU3Jt5p584jwRoHxr5wTnWQQ
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxODRZVlItMU8tSjdTUg==&google_push=AYg5qPIncx8dutlGw7rxmSf9jvYWhnFAASn99xTxtIDUHkkLVWdpkO6rljCnh33l6HYbKx0Mbl4QLxsU3Jt5p584jwRoHxr5wTnWQQ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame B8D5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJx34tZFpdTCi-cWRio5Khs&google_cver=1&google_push=AYg5qPJum2BAjZXfjUYAHr1p3VPau46CDyYybwxlGJXRlWJiDjvtXBC-iOXbu7BGu-qpLF-u5a...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJx34tZFpdTCi-cWRio5Khs&google_cver=1&google_push=AYg5qPJum2BAjZXfjUYAHr1p3VPau46CDyYybwxlGJXRlWJiDjvtXBC-iOXbu7BGu-qpLF-u5a...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TZU9vM21GRTJ1R21jNUdzNzFWUk5OM0NKY0dtek1fWH5B&google_push=AYg5qPJum2BAjZXfjUYAHr1p3VPau46CDyYybwxlGJXRlWJiDjvtXBC-i...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TZU9vM21GRTJ1R21jNUdzNzFWUk5OM0NKY0dtek1fWH5B&google_push=AYg5qPJum2BAjZXfjUYAHr1p3VPau46CDyYybwxlGJXRlWJiDjvtXBC-iOXbu7BGu-qpLF-u5aZofZ1Ypv_EBat33MlsRdVf96qGmJ8
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 01 Sep 2021 08:15:04 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TZU9vM21GRTJ1R21jNUdzNzFWUk5OM0NKY0dtek1fWH5B&google_push=AYg5qPJum2BAjZXfjUYAHr1p3VPau46CDyYybwxlGJXRlWJiDjvtXBC-iOXbu7BGu-qpLF-u5aZofZ1Ypv_EBat33MlsRdVf96qGmJ8
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame B8D5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JgYv7a4Tobyc8LTjFFLBxtgr3EV4N9AAOo9kpEC3DmbPBO9eTrYZIR6zRQx838AqS3-CmiEA
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
pagead2.googlesyndication.com/bg/ Frame 96D6 		35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 06:25:38 GMT
vary
Accept-Encoding
last-modified
Mon, 23 Aug 2021 08:38:00 GMT
server
sffe
x-content-type-options
nosniff
age
6566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35516
x-xss-protection
0
expires
Thu, 01 Sep 2022 06:25:38 GMT
viewability
hal90007.redintelligence.net/ Frame 1992 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90007.redintelligence.net/viewability?s=84891000051578800719590011704007&a=c8ea215d&vb=m
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=84891000051578800719590011704007&a=074726b9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal90007.redintelligence.net/request_content.php?s=84891000051578800719590011704007&a=074726b9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 08:15:05 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Cookie set cshow.php
www.zenaps.com/ Frame BE36
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2882174&v=8508&q=413151&r=235229&pref1=82942300047741800719590011704018&pv=1
  • https://www.zenaps.com/cshow.php?pvr=b66c25e0-0afc-11ec-9723-692d00a25ac2&v=8508&r=235229&q=413151&s=2882174&viewref=82942300047741800719590011704018&pv=1
43 B
705 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.zenaps.com/cshow.php?pvr=b66c25e0-0afc-11ec-9723-692d00a25ac2&v=8508&r=235229&q=413151&s=2882174&viewref=82942300047741800719590011704018&pv=1
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=7b3818b768&subid=&uid=0a87c20b07faca32&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCj6TqhTYvYbSCJJrF7_UPjayOgAbisNzwX56J1vuJC_AuEAEg9Ov2K2CRhICA_BfIAQmpAjlSz2UbzLM-qAMBqgTYAU_QFXxCVMimOvqHe9nrVYcjhgaUtF4dtUdHWeFuNfHklrr_Up73hBsuYpQ8SINhNGOFG1-YgziYe6hnh5L7-hLp3B-jkU6ngJjSD3W-KcmOuTohPbj1WmLDadcZTI5X9-MkUmxDoFsHN7W9U0gx_YnRoXRzJYB8umpCOIpdhLsKTu4w6EXRR8EpJf35kMnu1Ll34qS1hnOcSzPxiloaQIca9-DWusb8Tq5cedyCd_Ut48GerL-bYc89vbMo2rEJ7m-qOWNqHB5y4ESaVlYeH3hAajT8eVRSOsAE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE7XWuQzQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo-rUev7yOOt93k1ZD4KnbERc4dQ%26sig%3DAOD64_0j7cTRIxJbVO0doF68HEsLQIXr7w%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-BITPoeUGtDPTNDqaygYwRQ1chOrlWh6ptTYGavVXwpy73jaL4H4RlV3SKd6xruOmECs4kHUOtzyLcUP5dhK0r40NmX-54Qo1N3qFN-r1zSY3qI7V_9AS2cRjQDkdHFES7jUwt7jXU4fG4VueF1ve3NRageQg%26cry%3D1%26dbm_d%3DAKAmf-CfD7Bonteuy6jIz_EyZYJ-SlnR9a7sdCPgm59BiSLAknnTk6lZCI98OE6MO0BfB3tMsj0zaziaf10kdJ9SbqYXGG5YrVgIpL9nwASrGbJvrxYTVPWfpaa9MMy_p7LL2Lkt82TKMZVUoygOq3dnxMGwXlK7znieRpqTs7EucLU18iC7l6ncmPrWD8JdKqC_TZ3VvM47hLck0oKPp11-s6bb7yKT2ZM2oZf_4OsgZJFyU6cGix6PMqRUoXlkjBD850-BGZA_PYcIiPp9olFYf9mGXjOMPtFEIM4yj-q6vEqgvaJVZBBQMRBEL9Zjm5l6TrLupPxjQ529gnNV7oFea8huafoCkDFx5WoP5az1hyFwffmHYnrqfXHt52srRbASc4XYidN_fpeiarJjbtrFTHYoT0FqfAcCEjOxoVlyJ5WeWOk_ggl-F9LXxCBFtTAqu8s0SG0i%26adurl%3D&documentReferer=https%3A%2F%2Fwww.suarasurabaya.net%2F&ancestorOrigins=https%3A%2F%2Fwww.suarasurabaya.net&random=317385306518&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Host
www.zenaps.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
awpv8508=235229|1630484103|b5b13a50-0afc-11ec-bfe3-692d0dec5663; awpv9247=235229|1630484104|b5dd2c50-0afc-11ec-bfe3-692d0dec5663; awpv8361=235229|1630484104|b5ec95a0-0afc-11ec-a5ea-692d04ef6a29; AWSESS=383360:2898042
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Content-Type
image/gif
Expires
0
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma
no-cache
Content-Length
43
Date
Wed, 01 Sep 2021 08:15:05 GMT
Connection
keep-alive
Set-Cookie
awpv8508=235229|1630484105|b66c25e0-0afc-11ec-9723-692d00a25ac2;domain=.zenaps.com;path=/;expires=Thursday, 02-Sep-2021 08:15:05 UTC;Secure;SameSite=None AWSESS=413151:2882174;domain=.zenaps.com;path=/;Secure;SameSite=None
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default

Redirect headers

Location
https://www.zenaps.com/cshow.php?pvr=b66c25e0-0afc-11ec-9723-692d00a25ac2&v=8508&r=235229&q=413151&s=2882174&viewref=82942300047741800719590011704018&pv=1
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Content-Length
0
Date
Wed, 01 Sep 2021 08:15:05 GMT
Connection
keep-alive
Set-Cookie
awpv8508=235229|1630484105|b66c25e0-0afc-11ec-9723-692d00a25ac2;domain=.awin1.com;path=/;expires=Thursday, 02-Sep-2021 08:15:05 UTC;Secure;SameSite=None AWSESS=413151:2882174;domain=.awin1.com;path=/;Secure;SameSite=None
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default
/
ti.tradetracker.net/ Frame DA93 		441 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ti.tradetracker.net/?c=34211&amp;m=1888189&amp;a=70002&amp;r=82942300047741800719590011704018&amp;t=js&amp;wid=tt-1f47d
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.25.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-25-216.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0b8e74ae616e1724b75ae0206b9df58af11bdc95c2c6204506800ad8a632f1aa

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:05 GMT
cache-control
no-cache, must-revalidate
expires
Mon, 26 Jul 1997 05:00:00 GMT
server
nginx
content-type
text/javascript; charset=UTF-8
request_content.php
hal900018.redintelligence.net/ Frame 854F 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/request_content.php?s=82942300047741800719590011704018&a=17f6cadf
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=5imww12akvzn&nw=20&renderingType=javascript&namespace=7b3818b768&subid=&uid=0a87c20b07faca32&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCj6TqhTYvYbSCJJrF7_UPjayOgAbisNzwX56J1vuJC_AuEAEg9Ov2K2CRhICA_BfIAQmpAjlSz2UbzLM-qAMBqgTYAU_QFXxCVMimOvqHe9nrVYcjhgaUtF4dtUdHWeFuNfHklrr_Up73hBsuYpQ8SINhNGOFG1-YgziYe6hnh5L7-hLp3B-jkU6ngJjSD3W-KcmOuTohPbj1WmLDadcZTI5X9-MkUmxDoFsHN7W9U0gx_YnRoXRzJYB8umpCOIpdhLsKTu4w6EXRR8EpJf35kMnu1Ll34qS1hnOcSzPxiloaQIca9-DWusb8Tq5cedyCd_Ut48GerL-bYc89vbMo2rEJ7m-qOWNqHB5y4ESaVlYeH3hAajT8eVRSOsAE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTEwNDA3NjIzODg2MTYwOTKACgOYCwHICwGADAGwE7XWuQzQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRo-rUev7yOOt93k1ZD4KnbERc4dQ%26sig%3DAOD64_0j7cTRIxJbVO0doF68HEsLQIXr7w%26client%3Dca-pub-1738284215641521%26dbm_c%3DAKAmf-BITPoeUGtDPTNDqaygYwRQ1chOrlWh6ptTYGavVXwpy73jaL4H4RlV3SKd6xruOmECs4kHUOtzyLcUP5dhK0r40NmX-54Qo1N3qFN-r1zSY3qI7V_9AS2cRjQDkdHFES7jUwt7jXU4fG4VueF1ve3NRageQg%26cry%3D1%26dbm_d%3DAKAmf-CfD7Bonteuy6jIz_EyZYJ-SlnR9a7sdCPgm59BiSLAknnTk6lZCI98OE6MO0BfB3tMsj0zaziaf10kdJ9SbqYXGG5YrVgIpL9nwASrGbJvrxYTVPWfpaa9MMy_p7LL2Lkt82TKMZVUoygOq3dnxMGwXlK7znieRpqTs7EucLU18iC7l6ncmPrWD8JdKqC_TZ3VvM47hLck0oKPp11-s6bb7yKT2ZM2oZf_4OsgZJFyU6cGix6PMqRUoXlkjBD850-BGZA_PYcIiPp9olFYf9mGXjOMPtFEIM4yj-q6vEqgvaJVZBBQMRBEL9Zjm5l6TrLupPxjQ529gnNV7oFea8huafoCkDFx5WoP5az1hyFwffmHYnrqfXHt52srRbASc4XYidN_fpeiarJjbtrFTHYoT0FqfAcCEjOxoVlyJ5WeWOk_ggl-F9LXxCBFtTAqu8s0SG0i%26adurl%3D&documentReferer=https%3A%2F%2Fwww.suarasurabaya.net%2F&ancestorOrigins=https%3A%2F%2Fwww.suarasurabaya.net&random=317385306518&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
808c82244c4cb1145145eaf92be5ee5cf79c627535822ec8e65053f317b4b2fe

Request headers

Host
hal900018.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=e0f8ef1d570f4f3a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

Date
Wed, 01 Sep 2021 08:15:05 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Wed, 01 Sep 2021 09:15:05 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2382
Connection
close
Content-Type
text/html; charset=utf-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 45F7 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 31 Aug 2021 13:41:14 GMT
expires
Wed, 01 Sep 2021 13:41:14 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
66830
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame DA93 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
debccc8960a4f84bb3737bc84b275f79ee7fa4fe74d9c51eb90a355e45a05214

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5E0D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Wed, 01 Sep 2021 08:15:05 GMT
1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
static.tradetracker.net/nl/material_image/49/ Frame E5C5
Redirect Chain
  • https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=93811400051604900719590011704014&t=html
  • https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=93811400051604900719590011704014&a=ab56e73f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:5800:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6d731e6d3e38558377e2fa974639cabf5209d9cafa5f00e186b0e3faf0aea02b

Request headers

Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:05 GMT
via
1.1 fd4a8fa7c304171992e7f22fc8894905.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2017 08:27:46 GMT
server
nginx
x-amz-cf-pop
FRA60-P1
etag
"58ca4c82-335a"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
13146
x-amz-cf-id
0QAgEqqvMo8EII_VRuy8S5E9Zok7AZ0GM_UwFSQcHm8peU4Sv9TlKA==

Redirect headers

location
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
date
Wed, 01 Sep 2021 08:15:05 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
e6244d1a4401c7fe26622998bffa5f86940922.png
static.tradetracker.net/nl/material_image/f1/ Frame DA93
Redirect Chain
  • https://ti.tradetracker.net/?c=34211&m=1888189&a=70002&r=82942300047741800719590011704018&t=html
  • https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:5800:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a82269bce61196e0aca1c36b304de3471e367a41179284996e6b06b2a3b3009a

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:14:25 GMT
via
1.1 fd4a8fa7c304171992e7f22fc8894905.cloudfront.net (CloudFront)
last-modified
Fri, 23 Apr 2021 10:05:11 GMT
server
nginx
age
178
etag
"60829bd7-6cf"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
1743
x-amz-cf-id
_Ifh2t5-Jx8xDC5TPAifBLYalzrgSaYftOhETuAUsuudKi69QUxdDQ==

Redirect headers

location
https://static.tradetracker.net/nl/material_image/f1/e6244d1a4401c7fe26622998bffa5f86940922.png
date
Wed, 01 Sep 2021 08:15:05 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 057E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYzbRhTYvYZzbPJKrgQfQ-JugDQAAAAA4AeAEAg&bg=!gIOlg8fNAAZOkH6FTpA7ACkAdvg8WswY4ZFTGmZrh4lsKDF-AWtDtMWvBZHPBlE5EZGgx2wC1etvlgIAAAROUgAAAKFoAQcKALYRCbllAsqPr1qHmG4P3YFZsuGEavHTP31p9CbEyibztRoHQ8sn8FjjqtNM9u5d5W7WLWS47e-oyciXuB9zaTTikzkHoWc2qubpTvxWLNH3iHqof05bP_yFEGWpN7nGGAWPQE3Z06e5T8cg5qyki8-LOehnE_DPZ_7JBR4VvmxHEzRVUrrlUHRU5HsGZ55I1unfKDSvt_KmhbkhFsUo-V9ErP1r2lP75mFEtMmlhrmSykIjEr5C15kC0R8E0qBKvAsqo_LIPa2b1n3IAVHkgCzwU_84YuNDyjfiXVLRg1dLSkIgZTFO6qPjJDjkqIM7fg1VsKe2o0URBCwKDVdXK0fK3tZYQP0SxSwhV5Q-UwHwjSdhn85bMcPTFGVSpqjX5R60_70eNM64vZqXfoe8TimsYhI2p0PCMAXTDgtZzJpPCycHB4SOPo9BQZwGwWLfzZTdnfPHEa8Bq7wQf0qzLBJU1M8qQfGF6hfYrkfpaPE3kvL3F44BdDXRv66QSnV1F2jmpmKDLYAdAUfZicXrSA71BHSxbzXHHIpnKsLIqtCb8zdGy7KQQ5P5z6GOMhsBzfzUK-N2jpTQtUjvvpEuEFX9fU3WZpaHB86ZvYyamlLyl0t1l6U2s9HRe9ZXFdSSGwyJCpCk0XVDKFkUP8bgED84cIdHuVNCfXKVQ9Db6R0AXxaFPOuoaVxuuxQ7OFcMGYTrKXeNa4VQbQViJoIk5vdkuG9wQLddzxVPOyiOxfpRZY2XycJ516Cm_nMop5_YtmBV25zB6I4fArq8fBiZAZplXptyUgjSdB8Cdu46ZCKcW5_c2CVGY6e2JwzM5cNnHXMud_j5p3RW0rJJ1RkyhP82-5jD2YU-q-R0L7fHRwvsPfft4vrgwD8sVUC8gU7aD90u7jR9ty4iKWlTg200jkL22nBFUSCUJTKIaFPm06cqY-JtjOgRI6Y62wpXKxp6ZO-D7RZyQzzruFNhYhh_ThOmvlz77e-W9l7zJ1TPbp4AGiQfkFXGZXpNcCDGt3Zx1dLJpFDRoRiR8ZJFeXFq4ioT4votJUXMFQjKaeWPRcXEWHSh7LTjgGOs0JxHO9t3rkO_LCl6MahfJMbKFzeBE3R0kSDSNWLR9Qrd8YgksaG-eIPd_YK8fkV_fySavvSVCsJJm2szSTme846V8--R0fv3aCj1YS-CeTP2xQzMU2jEQtB9RGkjA4mlTCc
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
pagead2.googlesyndication.com/bg/ Frame 0992 		35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 06:25:38 GMT
vary
Accept-Encoding
last-modified
Mon, 23 Aug 2021 08:38:00 GMT
server
sffe
x-content-type-options
nosniff
age
6567
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35516
x-xss-protection
0
expires
Thu, 01 Sep 2022 06:25:38 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 45F7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENV_PcLLs_ZC7RNvDZr6l3Q&google_cver=1&google_push=AYg5qPKT_-BM8PrtRALZ0y7Ivxc2xVDVefvQicxLYQKfVfyLxrD6Mqd4rjXCw8-rgNDt5s0dRv_76PBuBhXlVbjvm6s9FpvGFww
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODQyNzYxNzIxMzU0ODIyMDMwMg==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEOjRW8e14UGCR2nGVKQhb8w&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEOjRW8e14UGCR2nGVKQhb8w&google_cver=1
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEOjRW8e14UGCR2nGVKQhb8w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame 45F7 		43 B
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEOxDHg3qjUz_3rcjENs8l0I&google_cver=1&google_push=AYg5qPKs-HiNLF84oz0_wPvziwn8rFxH7B48BSx_WiCopVVCmaUT3nXmXH4vI387GIcMmZ4luMJY8bATnB_K5JeBlMXqGfN9gg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKs-HiNLF84oz0_wPvziwn8rFxH7B48BSx_WiCopVVCmaUT3nXmXH4vI387GIcMmZ4luMJY8bATnB_K5JeBlMXqGfN9gg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:05 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
687d0c7a9dd64dbe-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 45F7
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOA4QZF5uUrbXXwrCVOv-wg&google_cver=1&google_push=AYg5qPINn6hrMLgAJ1L-xfzs4MYNhvCx0TMbzlBvgYNoKJi3mb2FETo7P-IHMloEIPo2tKIa7GgWFP0onTk...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPINn6hrMLgAJ1L-xfzs4MYNhvCx0TMbzlBvgYNoKJi3mb2FETo7P-IHMloEIPo2tKIa7GgWFP0onTkKf5NmDMdcU9UnFeA&google_hm=U8wJqOGZTEC5R0EQL_wbfwU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPINn6hrMLgAJ1L-xfzs4MYNhvCx0TMbzlBvgYNoKJi3mb2FETo7P-IHMloEIPo2tKIa7GgWFP0onTkKf5NmDMdcU9UnFeA&google_hm=U8wJqOGZTEC5R0EQL_wbfwU
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:04 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPINn6hrMLgAJ1L-xfzs4MYNhvCx0TMbzlBvgYNoKJi3mb2FETo7P-IHMloEIPo2tKIa7GgWFP0onTkKf5NmDMdcU9UnFeA&google_hm=U8wJqOGZTEC5R0EQL_wbfwU
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 45F7 		0
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMLLzRelY1-TmR1kieGa_Pc&google_cver=1&google_push=AYg5qPIuMlBhScRcp6yOlMvVdy7Lz7tr0uuomNcKlVSCCJArLfz8gTWeyDzUm0ueAxxaSjl9-z6ekdVqhGo44rJ250YiVD4VVis
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:05 GMT
via
1.1 google
alt-svc
clear
dot.gif
s0.2mdn.net/ Frame 45F7 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEIhZ63HfcuMfVEizqfKlONI&google_cver=1&google_push=AYg5qPKy7mjNHVY_CEcpd-LDcRjku1DNnm_5NHU4uKHL8pJeqrBCQu9btFRrpU0M98op0VNCLHlvbO25BMAX1icjT6oZlEPjpXU
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Thu, 02 Sep 2021 08:15:05 GMT
pixel
cm.g.doubleclick.net/ Frame 45F7
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESELHaFLz93bMlcB-KaUpT68U&google_cver=1&google_push=AYg5qPLBGzfZOo7Wb5Kr4zJj3-yCtEyVJD3XtrrkSfddJ3MStehTrni9ArALUX8zom31k-8gFZHtqAxX5H1l6kemSNqpl2_RUkE
  • https://rtb.openx.net/sync/dds?google_gid=CAESELHaFLz93bMlcB-KaUpT68U&google_cver=1&google_push=AYg5qPLBGzfZOo7Wb5Kr4zJj3-yCtEyVJD3XtrrkSfddJ3MStehTrni9ArALUX8zom31k-8gFZHtqAxX5H1l6kemSNqpl2_RUkE&o...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLBGzfZOo7Wb5Kr4zJj3-yCtEyVJD3XtrrkSfddJ3MStehTrni9ArALUX8zom31k-8gFZHtqAxX5H1l6kemSNqpl2_RUkE&google_hm=gVMuihjzwTYxoFcMbrjgxQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLBGzfZOo7Wb5Kr4zJj3-yCtEyVJD3XtrrkSfddJ3MStehTrni9ArALUX8zom31k-8gFZHtqAxX5H1l6kemSNqpl2_RUkE&google_hm=gVMuihjzwTYxoFcMbrjgxQ==
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:05 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLBGzfZOo7Wb5Kr4zJj3-yCtEyVJD3XtrrkSfddJ3MStehTrni9ArALUX8zom31k-8gFZHtqAxX5H1l6kemSNqpl2_RUkE&google_hm=gVMuihjzwTYxoFcMbrjgxQ==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-request-id
4tsremjpaocv519r6if30n9r2j3resdd
pixel
cm.g.doubleclick.net/ Frame 45F7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECN99s1KM08qRNnC10vRc1g&google_cver=1&google_push=AYg5qPIfLVUOZ4yAA6bFTC0c5O4rzWkp5XokAOs6NiiISMfldBLs2GGSf3ccS1aVBN9uE9GvD92...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxODRaR1QtSS0zWEhK&google_push=AYg5qPIfLVUOZ4yAA6bFTC0c5O4rzWkp5XokAOs6NiiISMfldBLs2GGSf3ccS1aVBN9uE9GvD92XUx4G7TND8KPDZguOVdtjKYM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxODRaR1QtSS0zWEhK&google_push=AYg5qPIfLVUOZ4yAA6bFTC0c5O4rzWkp5XokAOs6NiiISMfldBLs2GGSf3ccS1aVBN9uE9GvD92XUx4G7TND8KPDZguOVdtjKYM
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxODRaR1QtSS0zWEhK&google_push=AYg5qPIfLVUOZ4yAA6bFTC0c5O4rzWkp5XokAOs6NiiISMfldBLs2GGSf3ccS1aVBN9uE9GvD92XUx4G7TND8KPDZguOVdtjKYM
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 45F7 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I7tiYWj3nfwBFFnUXNaIAy5Tj0R_BFbfhh_8qVSr6tp2KtS-3eSOa1k_u4wh9iFiA1JSZD
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
css
fonts.googleapis.com/ Frame 854F 		1 KB
418 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=82942300047741800719590011704018&a=17f6cadf
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c1521286e7dd2d6f8c2262b15bca8867bcae973a83879accdd00e1cb9831e5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 06:54:50 GMT
server
ESF
date
Wed, 01 Sep 2021 08:15:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Sep 2021 08:15:05 GMT
/
hal9000.redintelligence.net/scale/ Frame 854F 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/53619/creativesup/img220807_banners_megekko_affiliate_image_v2-1597759923086-min%20(2).jpg
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=82942300047741800719590011704018&a=17f6cadf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
7e82da32bf54e4d5e18a12b7d96f1bf4af3a3c4f426f2855739d362d8acb3146

Request headers

Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 08:15:05 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
11775
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 854F 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/58995/creativesup/1200x627.jpg
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=82942300047741800719590011704018&a=17f6cadf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
3c6fe11638286f598cb793418d72e7921c641da18914745a62a238855c230893

Request headers

Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 08:15:05 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
14633
Vary
Accept-Encoding
Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7238 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Be5mVhjYvYfX7GZWl-gb0-pT4CgAAAAA4AeAEAg&bg=!jY6ljsrNAAZOkH6FTpA7ACkAdvg8WlHpwabh0ZeFnsvleBrNSZydliQQ2QiNo_c7SOdaJGlbnhEi_gIAAAOcUgAAAFBoAQcKAMXOVCoeXheiuQfN557KygTnyt27cqXbGt6GNnDRyhpWCdZstUbWMxm096v26ycjtm3TmLc-P0YcYLLlsM6qpnDOUnjwiNtu16guQt9nYezFUUg-IHu-RAMJwpvTpSVjDEXWPLV1C8d4Kh4r5_4TWahOvJufWLQmEbuZyligPZV8t_lof676HOaAfAxdADLLPKUDCRdV6wbRSXzrgOx-Duqp48-GvYx9RafL4gdj22Blw-Zi-G4KynjiYnTd1X4kgSaYuJycBpkCyRqM_QrsOQSU_iqmgT757zQX5bQnrmi7VgZfge6LD6Bemf1iSr6-ualxU9s3X5uLkOthfNslDviBeunSUnZRNFE0Pcqp1M4IEkvFLtpSiadyhRRyy_rgImsjHrVMoSdFcJxM6SYsLCOk1NSN6dHxq8NP4KsOkcAclBnkzCtaiKiDvb8RsoFkCnDM_prCQzzEzyF90nKXU3FeyXfbgLuLGiLhbTPY9gswgJqFdewp-MNNaD4BaVn8Zu8xloirz-wsK_K4C_GYoczMXfbirTY-L-9bjAM7J8v7z-q0Q2IHc6_omWptFS6uR_tRzhNIC6HB85oUhrJczWNxGpkmWJXzAmGruOpjEmd99A5aUfoNSjVeJggj-_4gU64ROw0LGJapG-rJGnaB_hcUIXAjT8hWXKk-2Ga8odd-XPvlaVmzrDqeEtolp0BhePShDZfhjYuKFF_ZmoLWeBJa1cs2xCmVPluISK3978LKPQfsBmzltf6K8tS_P_uoY1aTiRBusYRiNeg43U9JgjhMW9-Djx88jsAwYMCnmv4wlfYQYKeskbbEQFdaTSdtTWfxX5SrjNfFZY8_jSlCK1jREKNJjKUJvsRE0tgyUSTU1bhWPdf0VPdwzmrsZXVWAVMo4LO295rARHY2YjDyCxk7zl-Jo_7aZaEb0Iy3ViIoI3B04H9Lgs9ACWUZ_pD8Ui1wYEJK04Xv1xTct0-bG5Qyv-XO11PcLmz2OLnCcfu8zHpL9ply60GN9eGVy3JSKmsE2Ny9CbIWCq3mmm0kXlrKGZDfYO1mQvG1wBh7tbcZr8L57jL95633zI8JHhx2XHydzNWGO2atGegqo-t3lMTW8thQ6YAgXXVKu03wXim3nRtYuzR-lWBWrSEmrMj7ZlExRK0A11pPQLeqK5DqjxcX5IcMD1KLj2RZeRDMynbTTvHaym7csznDGL97CRLsddgz
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6728 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B8mnkhjYvYfP6GceH9fgPh9eK8AIAAAAAOAHgBAI&bg=!8_Cl8LTNAAZOkH6FTpA7ACkAdvg8WiNp6eDNd5kqWOlsIuavIX1QijK_y7Rm5_vm0YYJp6Il8k5WfAIAAAQiUgAAAFZoAQcKAIq73STtfAfFFMflPlHgTdz271hdwkbRGRamAa5nX0avokytfb8ytMUArV2tXCPhrXbICFLN4N7Lt6R2CMAXBhTJ4YrimFTAZY1UrcEUOdvyfu-nfUfh6TWNnpuIZGPhZf1UXLDObLVQg7drHIFFzHN1q-u6-0amqa4ErCitASJaUQ_B0bpL4orF6cSZAszjSjFl-8AQYob4oDfE0IVCLAj94cUlrT87FZInY6PqUKJKnFB1mLesxm_5P-kigeO-6jiSTQ8AmoMANH0ByDQvwZhxsj6YGOOZ9ce-Rh5UHFt0JxFJACKK-sL-PwZKeknyfQCiXsAraO1NT7c1ZPBJH6rwGl6iP3KcXy_Ftg5djsFolWIhOMSL2dJsq0XOoxJIL91XBVr8NkLjNdHlWp4nd9l_WXQy-G6yqF8lp1xkClYMuZKNBPZZs_WXokEG96j2ld67EH2scdva9JfQ9jTiS3gTHqUSF5dmVXLEwkEEba1AJmqmF8pKWIXLA31iI45dMAS20jFKKHUu53Oagmei8c7QebgmGCJ5e1M4Hymu3qm8D2yK7QmbQEBVf7BVmzD7wS67oiXAovsTuRVg2Yz_GdwGREPK-TvHtd62IDuxPJT4HSiDFdkAr7ZjPKzxledv04SCfWJupl_zmLnLc-ygOiHy9Kh6xe4CzLkBTdK1zP3NZmmhOJ_dYJ_g34TkgN8PK0ojS3AoAzjKh90Z4Dc_wzCvItFwXDgqW92BnbeV_JpxW-f7C32FKHR2KrcFpY30ilL5mzidkFxhhUU7x4Hf8PwUx9IP1CPD7rtLk-rV4hFVqmL4d95WKTViTcFoGwLbEkP-cEPtG8ledhZYWpfAuoojVn1dVS84YsZUdX7cXEfO8U9NoSvk3x1WTarV-FnxN9uaARe6l8YW7t_tR4fLpPdAICWKW8FN1-EifUoAp7gJiM33m9LuGVXTrkut5hEwDxfNzxUo_GCOv_PBase4wpOlXZkkZK8ywHtw-4Kg0_JHNZk2rvMBkbTbOych2Je97RXinq3fcqZ5WThkQPTjTghZn7nW4Bypbc-DTdyw5xyNfHf9vKDkNghZbpkA8vo8uvdx3a_lVmlHr0EFbGVnbKCzwk9OdACIijgpCAiHttLk53YbgCP9JAHSyA
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900018.redintelligence.net/ Frame 854F 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/viewability?s=82942300047741800719590011704018&a=a3d079b9&vb=m
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=82942300047741800719590011704018&a=17f6cadf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal900018.redintelligence.net/request_content.php?s=82942300047741800719590011704018&a=17f6cadf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 01 Sep 2021 08:15:05 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
ti.tradetracker.net/ Frame 854F 		432 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ti.tradetracker.net/?c=558&amp;m=24180&amp;a=70002&amp;r=82942300047741800719590011704018&amp;t=js&amp;wid=tt-6d41
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=82942300047741800719590011704018&a=17f6cadf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.25.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-25-216.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3c0505aed0fee3a9948d623851df6e4d6227bd65bc287665f0fa020a0bf3dbc6

Request headers

Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:05 GMT
cache-control
no-cache, must-revalidate
expires
Mon, 26 Jul 1997 05:00:00 GMT
server
nginx
content-type
text/javascript; charset=UTF-8
1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
static.tradetracker.net/nl/material_image/49/ Frame 854F
Redirect Chain
  • https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=82942300047741800719590011704018&t=html
  • https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=82942300047741800719590011704018&a=17f6cadf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:5800:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6d731e6d3e38558377e2fa974639cabf5209d9cafa5f00e186b0e3faf0aea02b

Request headers

Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:05 GMT
via
1.1 fd4a8fa7c304171992e7f22fc8894905.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2017 08:27:46 GMT
server
nginx
age
0
etag
"58ca4c82-335a"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
13146
x-amz-cf-id
x2XB5a3kwdii8_tmnxZ80bcHRHuZWXiKttTFJ8rQ9nCWBcbZT2ec7g==

Redirect headers

location
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
date
Wed, 01 Sep 2021 08:15:05 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5958 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvKybhjYvYZGVJMuq7gOAubewAwAAAAA4AeAEAg&bg=!c3ClcDTNAAZOkH6FTpA7ACkAdvg8WkI9GTqBnAoDceTGmqftDaVI4iuAvnuZJO9D7TmV5otSVIgN7QIAAAHTUgAAABtoAQeZAsPpEHDKX-6gtaJky8LWprWQRPMWqDmVQBEzvTqolTMLZbR-l6SB2Sx0Y8a8usD2zNdByamelb282u_fGLlBOOPW97alnnpOLZrTNM4sGmJlNEw4eSptuus3K3C3mj8fdoEjqv8QemLGNJbQGdMo7dzL3WSTe6734hV9oc9STedQjo8gB-scCIa8OEh3cmaC5l1te7Y2zIgYGYCXZysgWOLN5z2QE7UckBvBoOgbUKFLq0CpSxKufJJjJC1MXbhlC53xvfo2Ho__CYtl8ljOyRN6QTraiPtj9hWl1TMXRWOp8UUCmdZQvK4GA4CYI5PLzgv-uhwwmhGqAjSQV7CjTrxVIixBdhRhDMGavHkYRlL3dNdxoc96fI68AnpYMMMZDWmRHGA5EWeT4wVvMcKg1S2jOjQwmoxv5PrfuTnKiZah5IXmjs2dI5jzbeOZSg8I3OPErllvC7aW6Z8I0EqI7u7AM6FBAYMydjc3-Ct3KgjKrWl9qyI3WCrwxYTDusayTzwy-axxxlXaYBNl2sNmzH_tdlXuvCMR3qgt2_-NfB_0PFXAKoQBIWWNO0FPLVi1Rl6jCRpgC9OABFkszUmPy27ladanPyRoqN3pI4icPhyzZwkmoQY2daLktPiIWSmVrfBiIsSpw-g42tslh9OBNsh51Aa_T1J2YFN0dt_bxB2fB0saFKOvoXoA3Hc8YARTJh9uA-R6CsOOuy_vBsNQLLlX-kZw4yoD3TMBB61J9YW9KELfuRIgsTyRrUhXl7rCSotqc5H763FNwAnJ4pE4qRZLsaukCmhCQIYeSZViv7Xac928RVxx6CDWebdMiLBfLrqF9nJ2v8QaexOAVRaXIpV6F4h2tInWFSFpuSMfsRDruwnYjPf3Yfuorgts5zrNPT0GLSqpEq-GwFfHW0Hvh92k9lZOjVuaEeO-JvNw4w3f9MJLWA
Requested by
Host: de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
URL: https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 96D6 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAaWihjYvYe7aGcOg7_UPidCRkA4AAAAAOAHgBAI&bg=!6Oul66_NAAZOkH6FTpA7ACkAdvg8WoQJldxe_3Z-RyL1MYxhk7cfIbVzDw4XAyPUo2BQqoqItBGPmAIAAAHnUgAAAE9oAQcKAA71Bk4Yax2Y8TdGeekKkJkC1P0SLrDCk4VnjUsQOC4F573VI_hnZjDotaFK1IBtsEFkMfEMGT_m-abrjaDlAqsHPyXkDJQTvnxhmTX-MCKbg-3dDzEMtuuzMzkrRsiSjO7bVdZGDPn4bmBth5_Vedo5NZ5hAfQJeajnwB1PU72F0j979vFpdAniZgvhlzlO0WLvbi5y7BX76W-T11_LbUqQg1gXHbp8iMGse40984uKkIMbnYIrz8bCrNibQjAURUnebvnZ5fGgFuBX84cjMQ03R3RliNrOVAQGuuir52ttz3AABKU_-gVyEvsgSRsII8YPc2oRGTyckXtaes7w7Q4dRP0_1YQCbAETGyOTxsbnq8kGfFMCEw-PJCbr-_lMvm3cizyOmgS0YbPgOHI4IfW-fwm6IabSBY811H259eRlu0WMgvJ9sPvGjDrFcFjJM60_xh-iAQI8ANhbJCe7ocRR464ZGIDYp5i2KV7Ji0tmqrfmNyGZIlhkwTA4wciOGCK6_h-bllXvtMvV3bpqqppazYUJtz-VscL8BH5JEsLUkS85joiQ6L_R_CtjgH6E3JdjhKj-nKr5eoqV4oXyaLVyqLRav_8H6o4ppfKlpo6A3H5HUReO2jpQ-UoY8rN0Onu7gYdURwyoL0lnzDG467XWilXryGxypo14N376aMuLefFh6Cos5ffcB7pz4N3NEBbfq59ejcGe7ipRKnMcQoQlnVYzfMVfAKQHaB8YN9goFoKZMR_kazL6VRirFv6VXNDXOUmORUMN92qA9ZGcJxSkLJo_wn2ZXFw2D3NUvODeQ5-yD8QMztSJ_WHG2iHl5RcPETiCZ96dz-NBp64eL6t3mZVLd9INvwlUXZfYWF4Sb20vG1LEDUYivg7RmVuSg7KnWgChovAf0U9GRBM1Nou36jZdMCNr13cTR8AX5g-NlAybhufvfGIhRKOzq1lxJYIkr14IN7TU1qRiIoRQPJqZu7-VWj0
Requested by
Host: www.suarasurabaya.net
URL: https://www.suarasurabaya.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210830&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1876807398903530&plah=www.suarasurabaya.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eddf2e7cd75adebd450b8dac58877b584bebd3ce395831689dc832d4818790aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Sep 2021 08:15:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8556
x-xss-protection
0
tracking-event
api.webgains.io/ Frame E4C6 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.236.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-236-168.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.21
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 01 Sep 2021 08:15:06 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.21
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
54.77.236.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-236-168.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 01 Sep 2021 08:15:06 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1876807398903530&plah=www.suarasurabaya.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 08:15:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Wed, 01 Sep 2021 08:15:06 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame BF03 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.suarasurabaya.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.suarasurabaya.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Wed, 01 Sep 2021 08:02:29 GMT
expires
Thu, 01 Sep 2022 08:02:29 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
757
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 04E9 		783 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5791b83ab5f9e76eb4b60e045c7bf41752a1805ee22764e83188874791de29b6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6PBAMOCsn8S1RpVXFr6mxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.suarasurabaya.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.suarasurabaya.net/

Response headers

expires
Wed, 01 Sep 2021 08:15:06 GMT
date
Wed, 01 Sep 2021 08:15:06 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-6PBAMOCsn8S1RpVXFr6mxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
pagead2.googlesyndication.com/bg/ Frame BF03 		35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JSi02Q6GJynUs5OPQnU6ClbAiSGuMk75N6kjZ1kLosw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 06:25:38 GMT
vary
Accept-Encoding
last-modified
Mon, 23 Aug 2021 08:38:00 GMT
server
sffe
x-content-type-options
nosniff
age
6568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35516
x-xss-protection
0
expires
Thu, 01 Sep 2022 06:25:38 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210830&jk=3880600926224204&bg=!0NOl05fNAAZOkH6FTpA7ACkAdvg8Wv46Dt2Pb6ZpG942Kl4Bi8BuiZndT5eUwwffgu6Zb-UfNeHIEgIAAACwUgAAAA5oAQeZAoVn1M38PXWuT6LtlDV_M-QeP_VBt6s1WYbuFAYvDTjGadBp3KDEEpcoDOs24NaFDACquciTPFZ57w9bLj5Huk0PENI2JfHEzFiUE1yo7TnDMUjxfzne69vQxaDas503YKEhHt4taV_3mHvk29M6-k1yM16eVP4a2IbHQiOhy6QNw_yjEoAAJUaxIR2Ac195zrE9cnLUgYyWjYr3OUDXODPbAHdNs4rjYlM1AjlLTjUTBc53jIfYMEINJ6airGpHua-n2EPy_vRf9h8wQx9MYJinul5cuIU6yoAWl5d9Ftl6dDrXGs3jmdFAEFijf9dD96rGfEyFDLgstAGbi9iAzKuIKAo5i8we9QfZaYUMoNtqea5Oc6RKP0ydCpNBCmHZ2ciXfBpI9iGE7mSN4NcUY4zSQdclByicq1pMRYwof9L8HV1-2i8ws8mTPoPKx24j54HPW3TRnhINGT9-UH1VmbXYo5WNBIYfb1TBI_k_cf0ONGgfwzTZNvRq8Ssun_e_GAvHNbjMvut8FeH3Ut5f3YmQZIExxpv98GS3jA6XnxczDMnBOiQK4DxMyIysFkxfdA_1NEFXtE2tLPQu6Y6fM5X9ThUICQ_CSIMC05FsT7temkeyOgAVmIj8oOmpio5ypnU7xD01Zf3tGY_R58ypEjl0MxTUDiBvgxkYcRNKi9AsoX4dvjC8_TNN2NuGnt4KYSYwSCJVwtkJkeURSYdkS3unp45qiA1COCHwnftsmgcXjcKRAZ3vKtnT62VuT9c3u2Jjwld2a4uWkycCglNDl62MPTZQ6iUD1t3E5dC3Euk-y4pFdO9B4dZGMxjYijljrJYrmiPXZNGzqmkaLWi408HSRxMkHTI
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.suarasurabaya.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
dc_oe=ChMI7rXyzard8gIVQ9C7CB0JaATiEAAYACC8sZZKQhMI7di_zard8gIVmuK7CB0NlgNg;met=1;&timestamp=1630484114577;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame CDAC 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7rXyzard8gIVQ9C7CB0JaATiEAAYACC8sZZKQhMI7di_zard8gIVmuK7CB0NlgNg;met=1;&timestamp=1630484114577;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 08:15:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEGS58reQKeczAD8UZycP6BE&google_cver=1&google_push=AYg5qPKJANinfPQAzV2nJuyr3wK7LwmtxkUlNcFdctw84ncYMkpMdN1zHFWVP8tdbePOL7QGMgimiR1SG00ivAUdJh5TLZjN69iV
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEPxJ88YskXWienb1S_nGe3I&google_cver=1&google_push=AYg5qPIrtzPgBvXLKvR3DuaiieEAfBDe14NupdFK2vzLz58JO0yFKfHN5izPozG6AGmydZBAS1hDeb5JBNotxHLNtRqjxIcDswY
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS82iPwtRCXK6rz7u23j4QAABHwAAAIB&google_cver=1&google_gid=CAESEMkp0lEzZ4B6yfFRPMndtHE&google_push=AYg5qPJDe4gfChypS2o7koyad9STauo2yTUhjWqB0SpOiR4js2FAmhk-EhBNI08i_fmk5nsVlQ_zL4nGXd4UfCZroRzoKxenp_E&google_tc=

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| fvmuag object| googletag object| _gat object| _gaq object| pageTracker object| gaGlobal object| request object| xhr object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| Siema function| loadDeferredStyles function| raf object| ss_weather object| weather_load object| wp object| GoogleGcLKhOms

0 Cookies

5 Console Messages

Source Level URL
Text
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082401.js(Line 6)
Message:
[GPT] Error in googletag.defineSlot: Cannot create slot /160553881/Suarasurabaya_Mobile/Homepage. Div element "div-gpt-ad-mr1" is already associated with another slot: /21986873345/Suarasurabaya/Homepage.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082401.js(Line 6)
Message:
[GPT] Invalid arguments: googletag.defineSlot('/160553881/Suarasurabaya_Mobile/Homepage', [[336, 280], [300, 250]], 'div-gpt-ad-mr1').
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082401.js(Line 6)
Message:
Exception in queued GPT command TypeError: Cannot read property 'setTargeting' of null
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082401.js(Line 6)
Message:
[GPT] Exception in googletag.cmd function: TypeError: Cannot read property 'setTargeting' of null.
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
a.tribalfusion.com
ad.turn.com
ade.googlesyndication.com
ads.travelaudience.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adservice.google.nl
analytics.webgains.io
api.webgains.io
bid.g.doubleclick.net
c1.adform.net
cm.g.doubleclick.net
csi.gstatic.com
dclk-match.dotomi.com
de42c2fad5027e7d40e4091b24d92a11.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
gcm.ctnsnet.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900014.redintelligence.net
hal900018.redintelligence.net
hal90007.redintelligence.net
htlp.large.nl
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
match.adsrvr.org
opt.objectiveportal.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.scoota.co
r.turn.com
r3---sn-4g5e6nss.c.2mdn.net
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.tradetracker.net
stats.g.doubleclick.net
sync.1rx.io
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
ti.tradetracker.net
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
tracking.m6r.eu
ups.analytics.yahoo.com
us-u.openx.net
www.awin1.com
www.google.com
www.googletagservices.com
www.suarasurabaya.net
www.zenaps.com
x.bidswitch.net
cm.g.doubleclick.net
google2waycm.netmng.com
104.111.239.217
104.111.242.245
108.128.25.216
13.32.121.100
138.201.63.157
138.201.84.245
142.250.181.226
142.250.185.226
142.250.185.98
142.251.34.195
144.76.91.199
176.9.26.250
18.66.97.9
185.64.189.115
185.94.180.125
193.0.160.128
195.201.152.90
2.18.234.21
2001:678:cb4:bbbb::11
213.19.147.44
216.58.212.162
2600:9000:223f:800:b:a286:7800:93a1
2600:9000:2240:5800:1a:7c92:efc0:93a1
2606:4700:3034::6815:358c
2606:4700::6812:c05
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:5e::8
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:809::2006
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c09::9c
2a02:fa8:8806:16::1370
3.123.143.157
3.124.93.74
3.126.56.137
34.96.105.8
34.98.64.218
35.186.193.173
35.186.253.211
35.190.0.66
37.157.4.39
37.252.172.45
46.236.13.147
54.171.74.241
54.77.236.168
64.233.167.156
66.155.71.25
69.173.144.139
72.251.244.140
76.223.111.131
013c7766f5e0858a2ce2418a67a59ccdfbec44cec600bbd3a065e4570ce0cb2f
04cb8475e10292e42871f7c35328311967181822978f38b8c89c2b2fe968afbc
04d041999fcc9cf32f78d2c4c45057dbd309fe7f3777a78138507f81bb376b1b
06e4a45f9887818196eb0dbce2dffe05c68cbb8f49679d20bd38ab50d3a3a91f
08085b7973ea30e5b854fc38ea84edafedb2367dc2ecaa640b242d9fa8b810e5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b8e74ae616e1724b75ae0206b9df58af11bdc95c2c6204506800ad8a632f1aa
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12f4c87bb4a768967ce95363c0f8dac7912c6787ee757b2615fd514db1f59b07
13d2c280d404af96e3392f75cc0f3b30593f93e97e26e2947f531636981271ab
163866088acd49f64dbd0d7fbee1f7bc069c78ac2df899bd62cef7be69e32588
19722777142e8c3974351bbf511f9051977f33aa7cb5dc7aa420f96f14387fd6
197799db6b27a326ac5617f38962dd7bec43a2dfcc0e44e2d9fa84574ee61378
1a94b2bfa870862839108ea5447cb27b7ace9a3ce52aa37305a5b5d57e85bbce
1dd9718345f20cdeded242c83f24df15ed0866158de75f7eb2f34d7424feac97
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
24278c239682539bb4fa62cb8d9fce149dcc976ce3f2873cadb4574effde46ba
2528b4d90e862729d4b3938f42753a0a56c08921ae324ef937a92367590ba2cc
2a532f400412067296a3430387103aaf61802324b873aaea94370549c545ba33
2b1d246693b8d76f17449020ead36b1488af1d16a198e8f0044a0ee0a5b290a9
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f4ea60f47b8142dc6c3ffb24623ee1638cfe6ac7257e8eb0766f199337ff80a
314620316b791996fa0238a4ec9ec6fdfe87e76f66e7023b8057b713521be828
320bdb63f5150f35fa6b9f3de2f204ed2caea8d6207cdb82ebfafb1ee136f818
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32be4fa6361c58996f8273dbb2f80aacad28dafe349020cd35439674ec2a64aa
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
35b3c05918d7ea5a9fb71e86970d047106c47a313ab1eca23220bf4aba43736c
368507c47866fe68f9314730bf99918c54f3c5bf84ffc14c107db02a74e3091b
372a48f55cbbf0d9a2d1722a19e66960beff605158a3d22e959628e40831ec44
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
3bc3922c51fa796c6671b9ceebd0a7f3fcd3c47ef1bd37d5df100f730e5bac30
3c0505aed0fee3a9948d623851df6e4d6227bd65bc287665f0fa020a0bf3dbc6
3c6fe11638286f598cb793418d72e7921c641da18914745a62a238855c230893
3cec3a0aaf12f5cdbb989ed5b5a278f5ebbb3e89069540b6342972ac03a9b359
3fce42aa8f27816dc5eb7df7648f04c0bc9cb2ee3636c383edf3a3b57b28ee04
408e3f3a32fccfc6b1716c3979cd5dcb1bc1139dbb0fe9066a34a9c7b56dedb3
43ea2fe4226af0e72bb36a7f9929f7909f82e64a702ec9dfd739e64ff2752c8f
454e51f60dd931fe1cfcf54f3ce84c3a656fcc63a70e7f069b04b270c8eb6992
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
491f3e611903da352c8bff4b6684470583d68288169d2d2692dc4f17a5eab704
494dc230d1af13c51e120665390d683d14fe664063cede8b467a9f7d7a096323
4a2d6c3f1a66d61e2313d9a1236a1166cf5cb5d8c7bbd59f57915111cd1a0bbc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e479e6be6f6467a3250627bb8b9d0b682ec486f91b4f4a3d4c56226d7f44b2d
4f1f813ad1620784eb949c531fa754e0cadaae7e2b2275b649982e185e48d73e
4f99e229c1b1eac75c1a77c0e146a1a1b8667a811bab7c40c3e0af0b15f7e1d1
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
526bceedd88b07e87a9b5e7be265e26a21e22f542da7ef48e17cdc59c20e2037
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
5791b83ab5f9e76eb4b60e045c7bf41752a1805ee22764e83188874791de29b6
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
5aa5c2a23e811b1927475a06b9996c2276e858d03712813419dbf994c692506b
5b72ba3cc5f2388d72ccf6d66f199842cbc985baa5f089581075a104636f5cab
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c72864476a61860a3c91b86e8d73f1922ad72dce0c5b0c0444f55bef964558b
5fcf86c704309b49a15eff04d3568918453da2124d7995c80bd1480096dbc08d
60a76cf87f7b27fff6e60de8ac6256ccb9132526a55e8d19f91f33cd36b97fe6
61ca660df0fee539cf16ef2aa95643a904b5f8ec88f80e04563149e3b6881765
62a373269a959287a3869f19848ecadfe6a32d714d178e51e67db6fec9273f2d
62bc3e57e65325628fcb1440a2467a2445a9a83a87e31564f1e5cd881c99c23b
64af9243d5c5479fabc5bcc0ff707aee10532915ae423d01703eb0f48335360a
66497af084f7a6648b0ab9108b9c0b8b16d059b044b8958cb0d08f966980e189
69324fd6adf616828338ec2180860597c12f52a0aecff99615cd281e28e864dc
6a57dd5255d05a44f7410064a03cc02489c49ac4951b68ee1397b1da7c2c94da
6aac2465db99ba39fc21fc2933e15e97946f4104a0045c25617b1f9ab268169e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bb77d20dd85b4bfae78affeef6ee91869bffa0ef53ed9c8ab9c2a526d0180c5
6c05e6af5ea5f0572387a024ec6f6d5325a3a4a75739ef0e99adbe8e3f28d921
6c6981a58dddd90fd935036e3d584d3a084d78e33e1806e227fe9ba12777bd26
6d731e6d3e38558377e2fa974639cabf5209d9cafa5f00e186b0e3faf0aea02b
6e0c3388dc0cd74ee5f6a9d11d96a489a7c653649400fee9f830d2cdc0bdb8d6
6e7a91c535d8b618c88df2d6f37bb2c0f37856e926aabc3a0f952a2dc790f76e
6f9cedc7bbf03e88d9eb90f26d40c19f96c334fe919c4236ce5e627dd213813c
76725ac5b1de04ec59ddab946cea69c7e78e7e3de7a442b617bee4f902f8e490
76df5b67646f4f0f999d4e1c482ab2007b948f3b9acc2c8a207bfdb214103855
7725b94809fdcbcbe16d4e16f36c1ff927462e244fe80a4fc9aa21cd02fa6b25
77e94003bb2529800a5b2996544645673810bd41dce5b8baa471d556f019cf1a
780eb906e0e3255ce7412b9f7c789b99d9247f609b662337ff2a2fe043f0425c
789f22b18f4888fd4abfde82c10d9436d2ba5f7aa1107b0203ba386c688493cd
7c2e11ce19bb3fa29abc4828c4973a1d9fc61aded50f1733e3b35e5b762beefe
7e82da32bf54e4d5e18a12b7d96f1bf4af3a3c4f426f2855739d362d8acb3146
7ea49458949066a47b8406f67710d464099cf9063cd0b82a60a8a23df4abf66e
7efb2c1f712dd93e7879fead6f552336d2423b7e00bb703b59de66c5748acf17
808c82244c4cb1145145eaf92be5ee5cf79c627535822ec8e65053f317b4b2fe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b2fac768e98473072a0c26694d23f7b2c5f90673ba1e0ffc5c4dd89be32072e
8d34b1419d97caa5ba1b3d141799ae3d23377dd5a4f9113317c148110b5599b1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc16432c11577abc72ff74a689c6808b78c67271369d5fe7fc94b113b2246dc
8f77720640f409f0bf318e2415b93594c3ee47ce8b53cc0e9428ef81373436b0
911a78a240d4dd3959f54a7c66e0b52af0302b35d663d5997d8cdc327a117ac2
93411259d4153b3638aa32ead001d6c4bcae4cede2bd750e24fb1a58d6a1d8a2
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9706786e2e93e9b34a2b687e878720e58b8344446ba3e251e12ebb3fdab3275b
9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334
99beb3e9f546eaf7124e2604b4e073296ab34880a73b8b8fa87807f38c214e17
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c1521286e7dd2d6f8c2262b15bca8867bcae973a83879accdd00e1cb9831e5f
9e5c6fe5fd33cd28fcec0f0cd0595989bc601136b8aa03e19783c6f192326193
9f6c9374528d6a5c7706fcf66f1da12942e60293350c1166197ed6280688240d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a097dca77d1085df185271889609a160f22dd81c309f1d0d5e76960676b2bf6f
a1228bc3c791388213864420c6e03b15f847aa80793dd6d507926a701ec3b9d6
a12c48143130b5cecb13504c3c16b024dc9e697282af675f317c9d579db84fd0
a13cf17a8165181837ab190bbd6d558670a2830ab98a731e81608b25cf80cb02
a3fcfa90f90474e880b814e04dd51a14dfc5facac3685dc46ec25b91e01ba179
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a82269bce61196e0aca1c36b304de3471e367a41179284996e6b06b2a3b3009a
a94f5228ef6c0b93d79a8a324d543cd8ed38522d1ec61c98ecb9664aa43a5424
aa521d5854c64dafd76eb70846a7192c8d0046d81538341a33c2447f43d6b95a
ab73998071222737d6316492ded236210cb6ca3854bc857e6784e3fd51eff842
acee8594586274c3cb685dd003907261e07609785a915b1fd3017698fcfb0211
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34aaa83b8d7a3c436c6ac612203cae53f6d80bf26252601cd9a98873d18c6d8
b54a321b8eecadda53d17a149945608b9122342047488015144021a380bda34e
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bc5d4cf6e18131d2611ce0231aac8ac54c6a196f6c9c44239e4b232811404d69
bc628c4a9dac7400b3f093df712f8224f7c4fc2bd1d93626a9068f8cf9a7d527
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
bd4c2248c2087eb5f44a46a67b8b4ce961d0fde9053dbfda30cf6af08a6c70e6
be51eaa80129222b8b6063936fb550bbb4bea5d2f109bb1cf24b8c0a6fbc29de
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c16911984dce7909e91263930a1f34352a03476a6c58894a482f33aad91cd379
c1c781b57d1eeea573ad563ede19bb1454b51bbbab3d5bfa9fd36fb76b45d402
c322f64a426c423140e7f8f3f783e6e21fc1d7008fb4d783a10fcd37f252bf5e
c52100316259c4ff463f4a38521372969a8b806224bdee043ba291903b22126c
c9417540513a50fdbf1fd9b96a4a0dc671ca4f51515bcc0cb455f439240dc719
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c985a69489f2a59488d369d05a029b228327da71d731a38ffe947276eefe9a8b
cb43a1cf2bd2456a6e5fdeb40196b04769016398d0329f01a2644cb45aa836bf
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdc7eba23132f13d81188bcefd0caa7fc1ebea4f505973e9f2afd40f973c9b5c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1226fb620231964e231f3a9e0b672e4981e9da631a0b8a1b8c9a6f32c329e8e
d8505830998b8fd36576fabb9edcad89de5a2d1fd091676d8683764290995867
da38b17bcd33d8afdfb2ba334966431117fd9717ef7bd752c0102e5340243d15
dd4ba8a3e133d3c0accc9049581fd238ffcd7e8b7c716538b759154bc7a4e0d5
debccc8960a4f84bb3737bc84b275f79ee7fa4fe74d9c51eb90a355e45a05214
e1ddcf2515511deef64c4a824e959193359a30bc29629a69584a2d3616b3bc5c
e32a968b8f7761842b2f6a18969c99ce5841ad43dd5f991d9565e369189c73fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47c34e4bb6a2fe7f50c02b0656e10666ded963f874015cb10ee1be923ea4448
e50627b8bbb06ac9e745106b6adb31e0264189d1b6a2dbd56146142f4fa2700b
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e703af61e882f36760cbd831ae189e908a5dcdecdeac1efd6c802c87692b0d95
ead7d9ae37ae5bcfafb6cf25cf785492c727922875b71d9063d3d7105e6ec711
ecba8bb6eda81a91a8fa57fce51683d670ec7448e5d41c04a5dd74d0f245e947
eddf2e7cd75adebd450b8dac58877b584bebd3ce395831689dc832d4818790aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f105903bcde67bd2e1acc55d058d1aece1f0e11121d9c2d59191457ca7157d62
f244875ae654429c44a2c79b0ff1aafce26ca4944c382aad81dddf4470501696
f7326cdf64b4dd37acd22feb9fafb15e1eb2c6f6367752578166848a8c02d950
f99afd7517841902151c384754ab918ceaa4abfae5db7e2d62459fd17954647f