blog.s.id Open in urlscan Pro
2606:4700:20::681a:6f9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s.id/Keamananakunfacebookanda
Effective URL:
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm...
Submission: On July 06 via api (July 6th 2023, 3:35:35 pm UTC) from US — Scanned from US

Summary HTTP 199 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 50 IPs in 4 countries across 43 domains to perform 199 HTTP transactions. The main IP is 2606:4700:20::681a:6f9, located in United States and belongs to CLOUDFLARENET, US. The main domain is blog.s.id.
TLS certificate: Issued by GTS CA 1P5 on June 14th 2023. Valid for: 3 months.

This is the only time blog.s.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 37	2606:4700:20:... 2606:4700:20::681a:6f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
12	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:808::2002	15169 (GOOGLE) (GOOGLE)
1	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::9c	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f13... 2a03:2880:f13a:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:23c... 2600:9000:23ca:e000:8:217d:7c80:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:820::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:78e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.159.138.6 162.159.138.6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.128.28 108.138.128.28	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2607:f8b0:400... 2607:f8b0:4006:817::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	54.88.198.127 54.88.198.127	14618 (AMAZON-AES) (AMAZON-AES)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	104.19.232.122 104.19.232.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1f18:4e9... 2600:1f18:4e9:5a02:d9f:2dfc:836e:42c0	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4 18	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
8	34.102.128.115 34.102.128.115	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
1	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
1	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
1 1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	2600:9000:220... 2600:9000:2209:5200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:612... 2600:1f18:612b:4280:4e85:b7eb:52a7:1574	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.218.124.205 3.218.124.205	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	34.230.233.1 34.230.233.1	14618 (AMAZON-AES) (AMAZON-AES)
2 4	51.222.39.184 51.222.39.184	16276 (OVH) (OVH)
4	2606:4700::68... 2606:4700::6811:6bd4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
1 1	20.85.134.6 20.85.134.6	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
2	2620:100:a001::9 2620:100:a001::9	19750 (AS-CRITEO) (AS-CRITEO)
2	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
199	50

37 2606:4700:20::681a:6f9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
home.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
blog.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81f::200a (Flushing, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:820::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:821::2008 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:808::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

sdotid.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::200e (Flushing, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::200e (Flushing, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f13a:83:face:b00c:0:25de (Minneapolis, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::2004 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23ca:e000:8:217d:7c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

d3li60t7cgizua.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:821::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:824::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80e::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:820::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:78e (United States)

ASN13335 (CLOUDFLARENET, US)

protagcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.6 (None, )

ASN13335 (CLOUDFLARENET, US)

shortener.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-28.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)

7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.88.198.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-198-127.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.232.122 (None, )

ASN13335 (CLOUDFLARENET, US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a02:d9f:2dfc:836e:42c0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.80.98 (Staten Island, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.102.128.115 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 115.128.102.34.bc.googleusercontent.com

g.bidbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2209:5200:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:4e85:b7eb:52a7:1574 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

google.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.218.124.205 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-124-205.compute-1.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.230.233.1 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-233-1.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.222.39.184 (Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: ip184.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:6bd4 (United States)

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.85.134.6 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.150 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.40.39.223 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.218.10 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::9 (United States)

ASN19750 (AS-CRITEO, US)

imageproxy.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	s.id 1 redirects s.id — Cisco Umbrella Rank: 121907 home.s.id — Cisco Umbrella Rank: 970083 app.s.id — Cisco Umbrella Rank: 592961 blog.s.id cdn.s.id — Cisco Umbrella Rank: 706391	573 KB
30	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	208 KB
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com	245 KB
12	criteo.net static.criteo.net — Cisco Umbrella Rank: 568 imageproxy.us.criteo.net — Cisco Umbrella Rank: 3134 csm.us.criteo.net — Cisco Umbrella Rank: 3113	211 KB
12	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2113 ekr.zdassets.com — Cisco Umbrella Rank: 2471	311 KB
9	google.com analytics.google.com — Cisco Umbrella Rank: 235 www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 113	2 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	688 KB
8	bidbrain.app g.bidbrain.app — Cisco Umbrella Rank: 35783	328 B
8	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 405 mug.criteo.com — Cisco Umbrella Rank: 2102 rtb.va.us.criteo.com — Cisco Umbrella Rank: 7430 ads.us.criteo.com — Cisco Umbrella Rank: 2980 cat.va.us.criteo.com — Cisco Umbrella Rank: 2912 dis.criteo.com — Cisco Umbrella Rank: 608	50 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	4 KB
5	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1385 google-bidout-d.openx.net — Cisco Umbrella Rank: 1388 us-u.openx.net — Cisco Umbrella Rank: 496	2 KB
4	glotgrx.com pre.glotgrx.com — Cisco Umbrella Rank: 8239	486 B
4	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 857	975 B
4	yabidos.com pixel.yabidos.com — Cisco Umbrella Rank: 8053	50 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
4	gstatic.com fonts.gstatic.com	108 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 485	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	113 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 383	972 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 333	2 KB
2	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481 ups.analytics.yahoo.com — Cisco Umbrella Rank: 338	1 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1531	444 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1002 bcp.crwdcntrl.net — Cisco Umbrella Rank: 959	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 808 id5-sync.com — Cisco Umbrella Rank: 423	25 KB
2	zendesk.com sdotid.zendesk.com shortener.zendesk.com	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	155 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1174	14 KB
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1103	451 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 374	460 B
1	inmobi.com 1 redirects mweb.ck.inmobi.com — Cisco Umbrella Rank: 4755	461 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1667	646 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 8246	623 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 688	604 B
1	tremorhub.com 1 redirects google.partners.tremorhub.com — Cisco Umbrella Rank: 15715	634 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 822	678 B
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 9084	539 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1401	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	902 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1568	8 KB
1	protagcdn.com protagcdn.com — Cisco Umbrella Rank: 82324	113 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	596 B
1	cloudfront.net d3li60t7cgizua.cloudfront.net	1 MB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	186 B
199	43

	Domain	Requested by
18	cm.g.doubleclick.net	4 redirects google-bidout-d.openx.net 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
18	blog.s.id	home.s.id blog.s.id static.cloudflareinsights.com
13	home.s.id	home.s.id static.cloudflareinsights.com
11	pagead2.googlesyndication.com	blog.s.id pagead2.googlesyndication.com tpc.googlesyndication.com 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com www.googletagservices.com
10	static.zdassets.com	home.s.id static.zdassets.com blog.s.id
9	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
9	www.googletagmanager.com	home.s.id www.googletagmanager.com blog.s.id
8	g.bidbrain.app	home.s.id 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
8	static.criteo.net	securepubads.g.doubleclick.net ads.us.criteo.com
7	securepubads.g.doubleclick.net	blog.s.id securepubads.g.doubleclick.net home.s.id
6	fonts.googleapis.com	home.s.id blog.s.id 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
4	pre.glotgrx.com
4	onetag-sys.com	2 redirects 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
4	pixel.yabidos.com	protagcdn.com pixel.yabidos.com
4	www.google.com	tpc.googlesyndication.com 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	app.s.id	home.s.id
4	fonts.gstatic.com	fonts.googleapis.com
3	7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	googleads.g.doubleclick.net	www.googletagmanager.com pagead2.googlesyndication.com
2	csm.us.criteo.net	ads.us.criteo.com
2	imageproxy.us.criteo.net	ads.us.criteo.com
2	ssum-sec.casalemedia.com	2 redirects
2	dis.criteo.com	1 redirects
2	www.googletagservices.com	7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
2	us-u.openx.net	google-bidout-d.openx.net
2	match.adsrvr.org	2 redirects
2	s.amazon-adsystem.com	1 redirects google-bidout-d.openx.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects
2	stats.g.doubleclick.net	www.googletagmanager.com
2	analytics.google.com	www.googletagmanager.com
2	ekr.zdassets.com	static.zdassets.com
2	connect.facebook.net	home.s.id connect.facebook.net
2	static.cloudflareinsights.com	home.s.id blog.s.id
1	trace.mediago.io	1 redirects
1	ups.analytics.yahoo.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	mweb.ck.inmobi.com	1 redirects
1	cat.va.us.criteo.com	ads.us.criteo.com
1	beacon.lynx.cognitivlabs.com	1 redirects
1	ius.ctnsnet.com	1 redirects
1	ads.yieldmo.com	1 redirects
1	google.partners.tremorhub.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	dsp.adkernel.com	1 redirects
1	ads.us.criteo.com	7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
1	rtb.va.us.criteo.com	home.s.id
1	pr-bh.ybp.yahoo.com	google-bidout-d.openx.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	shortener.zendesk.com	static.zdassets.com
1	protagcdn.com	blog.s.id
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	d3li60t7cgizua.cloudfront.net	blog.s.id
1	cdn.s.id	blog.s.id
1	www.facebook.com
1	sdotid.zendesk.com	static.zdassets.com
1	s.id	1 redirects
199	68

This site contains links to these domains. Also see Links.

Domain
s.id
protagcdn.com
home.s.id
instagram.com
twitter.com
facebook.com
tiktok.com

Subject Issuer	Validity	Valid
s.id GTS CA 1P5	`2023-06-14` - `2023-09-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-15` - `2023-07-14`	3 months	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2022-11-10` - `2023-11-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
sdotid.zendesk.com Cloudflare Inc ECC CA-3	`2022-12-19` - `2023-12-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
protagcdn.com E1	`2023-07-01` - `2023-09-29`	3 months	crt.sh
zendesk.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2023-08-19`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
g.bidbrain.app GTS CA 1D4	`2023-05-28` - `2023-08-27`	3 months	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-01` - `2023-08-02`	3 months	crt.sh
*.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-27` - `2023-09-23`	3 months	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-04` - `2023-08-31`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Frame ID: A65C730F42E02476869E484E89323222
Requests: 99 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-a96d1b070402df2f7de7.js
Frame ID: DA0976EC2C188F8DE681D0E9027C2C70
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230628/r20190131/zrt_lookup.html
Frame ID: 7E89297867D8D4311D3877F4F8198E50
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1688657720&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688657720367&bpp=7&bdt=904&idt=407&shv=r20230628&mjsv=m202306280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2030710323357&frm=20&pv=2&ga_vid=647534918.1688657718&ga_sid=1688657721&ga_hid=771659849&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31075815%2C44788442&oid=2&pvsid=1277613715358929&tmod=1940049893&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fhome.s.id%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=547
Frame ID: FC31F590BCA2809DDE808D9CDB6F6277
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-a96d1b070402df2f7de7.js
Frame ID: 548B6603B4749F7E9559214BBD0BE7B7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7C0C43A29EA7FEA85383A65534025799
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 01431B74E2CCCBF71B317A8F9CD0CD28
Requests: 2 HTTP requests in this frame

Frame: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B89C04ECD70D7DA5679E3109174A3748
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=blog.s.id
Frame ID: E3A46EE299B97926A0FECC7F18D89226
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 520FAE803579104685079CE1D9B65708
Requests: 6 HTTP requests in this frame

Frame: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 44F07BC1056AD08449FFFC33DEB19760
Requests: 22 HTTP requests in this frame

Frame: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-before_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=300&w=468
Frame ID: 144049FF2B4472F5BE30377327F3E55B
Requests: 4 HTTP requests in this frame

Frame: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A8BCBD4E33A75B5254262B5C548503FF
Requests: 10 HTTP requests in this frame

Frame: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-sidebar&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=600&w=300
Frame ID: FF3C1D95313F14FE9B8DDE09935A145C
Requests: 4 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZKbfOgAB_1YIaADBAAjBG0_RAF8aEI1TCXSZug&u=%7CKw3QQ%2FZCgKmQUJ0R10zLZbZikwuf6JVXPhFKSeYAjY8%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPbZQiC09DurE4-msKdnZ_GSrugYFoQQeHSQaopmNCJUXCpMGPMnZLGIdKXjBgUnFsca87EsApHJEOIlBzgHoEy99IRkzBhnBoTr1J-r66Xiynip5MG9sloMceCQ-FG7xJIvoFo0dm6xhn9-Twf7hTSPMVjcT3szVvqDuIUHMOQJt2QWpsgOFUkWUJbaTC0pdnopUaJoPy5Ib3ahbMxiHwA1HWeq1dqNNesGdXtQsmLYNCCNvAiACz52dCzWEt52R7xJEwinFdlhQKkrTOvjAzKT0qTFooOOEr4k2JuEIyGKysFZAsdBUQJtuKE9sSnj8RRRKQgjhTr746kGnEbQWAxdYQ0F44y6qQW6YRsL6VtUr8Uo3G8rdwzXkZvo5Jg6tlXHw0TbYGTDWN4pK4tBkoeu1bO84YmvNZlU0P45k92qS4dJri9I5kMbliM4yTPppyV64Gw7hbKUyswp6cJ8hX2CAitvHsDlMXBpYeut8kk9EfjPY9i0R8SBYva7lSi8N8eus9IgTPh32Z2WZn46_aOeTMEOkOI1r9tlL4KvmLLq3kIWsGtwYG8Xozf82aFQvcpRd92i2OWPeWUm3U_XYiWsx_lBXZQTdVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCdy7Ot-mZNb-B8GBoPMPm4KjkAycge-wXKLKp6p0wI23ARABIABg5QKCARdjYS1wdWItMjM5MzMyMDY0NTA1NTAyMsgBCeACAKgDAaoEqgJP0CWFjDmhVC_8l9BX00vuPBPGaIkDIomXF0L_htYUm3uNPb8emGWHiMVDHoZp-W9itKyXGwXZBZ8jk7mZLu5r09cOzo9irUswjCSLbgVYW281oj0jZ6mjQ47gHwL13rGZs76D3pcMvSm73FL6wIM-chJd_mJ9tHdwRkaxMnHPpY4T6a1U4lnNrRTWSzOyXILNUzJsr2Pldb6I8FgpMnLcgNcWq3cA28wXX6AmsLB_XSGKoO4EMHJCmfvDjcK6V25DznDtfZ-ICwWAYetzCpy5sLQll9l5xVwsn1NIgX76e2nwz0WGwPY__yDYWut-ZeaoQoAQqi4nHb3wj27racqlnNkCh3RzX0RM8JRGyazCatszeAiPN1aLUwfEcOCrb6XSFC0fvD9bBf7O4AQBgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25SPLZUfK91bB_buMrD78pmazFpw%26client%3Dca-pub-2393320645055022%26adurl%3D
Frame ID: A39DF952F81FA89F7B9735D4BF6AC4B9
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D88A8BBB752F434942F258E45297430D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6C00CCC390CBB553A77BB0E467B09F75
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Oops, You accessing Forbidden Link! What is that? - S.id

Page URL History Show full URLs

https://s.id/Keamananakunfacebookanda HTTP 302
https://home.s.id/forbidden Page URL
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm... Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

199
Requests

87 %
HTTPS

52 %
IPv6

43
Domains

68
Subdomains

50
IPs

4
Countries

4144 kB
Transfer

9412 kB
Size

47
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://s.id/1JAQW

Search URL Search Domain Scan URL

URL: https://protagcdn.com/r/adplus/?utm_source=blog.s.id&utm_medium=banner_ad&utm_campaign=logo_click
Title: Ad.Plus

Search URL Search Domain Scan URL

URL: https://s.id/appfairjkt

Search URL Search Domain Scan URL

URL: https://home.s.id/
Title: Home

Search URL Search Domain Scan URL

URL: https://home.s.id/subscription
Title: Subscription

Search URL Search Domain Scan URL

URL: https://home.s.id/page/help
Title: Help

Search URL Search Domain Scan URL

URL: https://home.s.id/page/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://home.s.id/page/terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://home.s.id/page/report
Title: Report

Search URL Search Domain Scan URL

URL: https://home.s.id/page/about
Title: About

Search URL Search Domain Scan URL

URL: https://s.id/status
Title: Status

Search URL Search Domain Scan URL

URL: https://instagram.com/home.s.id

Search URL Search Domain Scan URL

URL: https://twitter.com/home_s_id

Search URL Search Domain Scan URL

URL: https://facebook.com/socmed.s.id

Search URL Search Domain Scan URL

URL: https://tiktok.com/@home.s.id

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s.id/Keamananakunfacebookanda HTTP 302
https://home.s.id/forbidden Page URL
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://s.id/Keamananakunfacebookanda HTTP 302
https://home.s.id/forbidden

Request Chain 111

https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1

Request Chain 118

https://gum.criteo.com/sid/json?origin=publishertagids&domain=s.id&sn=ChromeSyncframe&so=0&topUrl=blog.s.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=JgJM2nw4Q3ROMXhZeFNNNHQwTlJoZjY0S05MVHFlTGFQS3ZoT0M3b3JlUHYwaWRPclJxWVVKZjQvQkZxOVlJa053MGNrUHRmblo5TjRlNEQranAzTzcvMFQyem4xbTZVTWthTTB1c0Vmb3FEVGxSOTFHMFJna1I1S0lPSTVtSGV2MHZsRzF2OWI3a2JmR3RHdHptcitSZ2Y4ZlFRemlCbVd6WGo2TW9uamw0bnhlQnpUS3lxUFVTY2djeXNkMlN3b3ZrcnpXMGNnRG1NMEh5TmlnVlBDcHBUZitYOHdMb01ja2lUVDBreWIzUVBuMzQvcFJLTi9ETHVQOGJzbHVGS0NvL2lwdlVnRGgzMmU1UW9YWmdLdmExdUpWdz09fA&cppv=2

Request Chain 125

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=7ce1a7c9-c3f5-c2fb-1a22-cade24ffddd6 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=7ce1a7c9-c3f5-c2fb-1a22-cade24ffddd6&dcc=t

Request Chain 126

https://match.adsrvr.org/track/cmf/openx?oxid=2437dbb4-df5f-7901-da2c-48494ccc1636&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=2437dbb4-df5f-7901-da2c-48494ccc1636&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=cc270e8e-7f5a-409b-9b0d-4ba00d77f91f&ttd_puid=2437dbb4-df5f-7901-da2c-48494ccc1636&gdpr=0&gdpr_consent=

Request Chain 128

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL8niC2LnlW6MUM43a52cHQ&google_cver=1

Request Chain 152

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEK8-qgygqaF7w8-Wrt2iW2k&google_cver=1&google_push=AaAOQGFxn2nFZI3xPG-I7w-a5zv2Ek57oEPfqMRECMUCp05g_FgrJFFpguj397I7mFCikZ2vznXBGeTkTqljDczqQEtMdo93jmk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTU4NzY4MTQxMjA5MzMzMDQzNjE&google_push=AaAOQGFxn2nFZI3xPG-I7w-a5zv2Ek57oEPfqMRECMUCp05g_FgrJFFpguj397I7mFCikZ2vznXBGeTkTqljDczqQEtMdo93jmk

Request Chain 153

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELP08C3KGdppqh63gQIJLMc&google_cver=1&google_push=AaAOQGFgTtZ_38RJLUQecJH0b-Sf9eGueUlGRveEy6LTNqk6UnGiWVhgyyTQxhAl8-ObDoRwfnenjVgI-kMJAraZVUjI-NMzDkk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=ed909fb1&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AaAOQGFgTtZ_38RJLUQecJH0b-Sf9eGueUlGRveEy6LTNqk6UnGiWVhgyyTQxhAl8-ObDoRwfnenjVgI-kMJAraZVUjI-NMzDkk

Request Chain 154

https://google.partners.tremorhub.com/sync?UIDF=CAESEKQX_xrybw1cs3lIX81hV80&google_cver=1&google_push=AaAOQGEmBXxP0olTSjp1EWbyMRrIcV-F60mcjm8cBpqfyK-rTbUuPz8V-lit1U1lqFPPkxH9UN3-K3RKi2vNmK6UwwzwBk7NAq6o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=Y2Y2YzJlMzU0ZTU2NGE0OTk2NjYxOWRjMWE5NTJkZTQ%3D&UIDF=CAESEKQX_xrybw1cs3lIX81hV80&google_cver=1&google_push=AaAOQGEmBXxP0olTSjp1EWbyMRrIcV-F60mcjm8cBpqfyK-rTbUuPz8V-lit1U1lqFPPkxH9UN3-K3RKi2vNmK6UwwzwBk7NAq6o

Request Chain 155

https://ads.yieldmo.com/exptsync?google_gid=CAESEOyMZE9zA692dBfpZPCn-jw&google_cver=1&google_push=AaAOQGHMZ7ALlIfkfv3CwYH7iJe8p-lh09V8zTt03Bjj3wma40D_kSAIJ76aYAUR6sFukBO4Tg24hAbtxjjITS4RO9Eof81R2fc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AaAOQGHMZ7ALlIfkfv3CwYH7iJe8p-lh09V8zTt03Bjj3wma40D_kSAIJ76aYAUR6sFukBO4Tg24hAbtxjjITS4RO9Eof81R2fc&google_hm=Z2YwMTIxOGQ5NTQyZGMzMjM5MDM=

Request Chain 156

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESECnpSC_P9Xz2t4aG8twhzxA&google_cver=1&google_push=AaAOQGGzOAReANVB39C5HTye_eAgMGPFpa2pVO5feI3MRPGmRiiUqsBKIgk4jTJj0phHjgGs7UMwZeiaDRMyRVKbCmhTGCfEi2SeBg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGGzOAReANVB39C5HTye_eAgMGPFpa2pVO5feI3MRPGmRiiUqsBKIgk4jTJj0phHjgGs7UMwZeiaDRMyRVKbCmhTGCfEi2SeBg&google_hm=ePnXNY-FRaq7-bDocPNmYkY

Request Chain 157

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEMKXjsp9mhGlpF0X3Yn1SII&google_cver=1&google_push=AaAOQGGz7P1mxloBK1P1fKGEVVV-Xpcit9n94N1wZ1YExkQK4dqMlrOo99-K3GpeBfhBcepj6ZrYfYFu0u7VodcS-x5xylZtGTDXTw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=fP0j7RwiQEK64DlY8SXALw&google_push=AaAOQGGz7P1mxloBK1P1fKGEVVV-Xpcit9n94N1wZ1YExkQK4dqMlrOo99-K3GpeBfhBcepj6ZrYfYFu0u7VodcS-x5xylZtGTDXTw

Request Chain 158

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIBfbJrZY5UsK-5_NLfwip4&google_cver=1&google_push=AaAOQGGuCTQuyZtN80QPOX1sYwsjQv3JCzFu093rt2U4UyHxa-Q5flkK1HE9kUcSUOKVWMLXtDegVIftg5kLODIK5SZ3yZsfKriBaQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGuCTQuyZtN80QPOX1sYwsjQv3JCzFu093rt2U4UyHxa-Q5flkK1HE9kUcSUOKVWMLXtDegVIftg5kLODIK5SZ3yZsfKriBaQ HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 170

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEFh1n5jd6p9qq5hYHjsRKMQ&google_cver=1&google_push=AaAOQGHjEs2OUQSYSEMPngV_Mv7zjwzHKJcQGy9IzgreS4t4vDZ0yv06_gBcLaFXsBb8WrSoURFs8tiU_yY3gAWJrHrxKigcOVs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Mzc2ZDRmODgtYjAyZS00ZTc5LWIwOTMtNDcwOTBmMzU4MmNh&google_gid=CAESEFh1n5jd6p9qq5hYHjsRKMQ&google_cver=1&google_push=AaAOQGHjEs2OUQSYSEMPngV_Mv7zjwzHKJcQGy9IzgreS4t4vDZ0yv06_gBcLaFXsBb8WrSoURFs8tiU_yY3gAWJrHrxKigcOVs

Request Chain 171

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEBTAhJ2tS9D1XkPTaVCq-bg&google_cver=1&google_push=AaAOQGEA7NIEn9fKVIijwOqp2lZZej4wCQUPhoGuSww1f-JLf9oWh35bxdrlWob0bOfDQemEdlmxzUiWn80eGu24YMex_5rMUzo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-je6IRXdgVJ5cA-25tmJuMvl4PJPzFcq2Cv2mJg&google_push=PUSH_DATA HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Request Chain 172

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAMNd0ygBwWPEAMmN7ZQqBU&google_cver=1&google_push=AaAOQGHx-FNpc8B5vp2sUH4C-SrltEj9dP0Ft4bTcjT6V6YcTspqi4AyqCQ40bNTV-Nb9xR4VSbNB5pJu46f5QGpwkvUEkbITpE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpSQjdKQ1QtMUotNllaVQ==&google_push=AaAOQGHx-FNpc8B5vp2sUH4C-SrltEj9dP0Ft4bTcjT6V6YcTspqi4AyqCQ40bNTV-Nb9xR4VSbNB5pJu46f5QGpwkvUEkbITpE

Request Chain 173

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH-tSbIcX0Rtm2BhuuZRf9U&google_cver=1&google_push=AaAOQGGZ0h0B1CId1N66ow3dacjTz-eJcw0EkAB9CoMiGc9fHLBgxEc4-EqwE3xNuPky1IW8iZV_qol1NSYpks5S2ps4NuWhaF4 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEH-tSbIcX0Rtm2BhuuZRf9U&google_push=AaAOQGGZ0h0B1CId1N66ow3dacjTz-eJcw0EkAB9CoMiGc9fHLBgxEc4-EqwE3xNuPky1IW8iZV_qol1NSYpks5S2ps4NuWhaF4&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH-tSbIcX0Rtm2BhuuZRf9U&google_hm=ZKbfPFdUbEP1nPqs59EgOgAABTAAAAIB&google_nid=index&google_push=AaAOQGGZ0h0B1CId1N66ow3dacjTz-eJcw0EkAB9CoMiGc9fHLBgxEc4-EqwE3xNuPky1IW8iZV_qol1NSYpks5S2ps4NuWhaF4

Request Chain 174

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMoKT8dt9c6fE6aeMfRq4_w&google_cver=1&google_push=AaAOQGHATXsJ9RGWMYmJBDkzeb-5sFR8n1fW7WsDCy-PL3aMaXUx5tRZOlHbOLryJN7ekQ4l4cddULCBzy8-80S70EhPRkS5LSyl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FcWsxM2t0RTJ1R19jWkxfaURLQ1BmSjRlcWNfNGFsQn5B&google_push=AaAOQGHATXsJ9RGWMYmJBDkzeb-5sFR8n1fW7WsDCy-PL3aMaXUx5tRZOlHbOLryJN7ekQ4l4cddULCBzy8-80S70EhPRkS5LSyl

Request Chain 175

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIBfbJrZY5UsK-5_NLfwip4&google_cver=1&google_push=AaAOQGFLgj5Rz9XRTZvEnGeR30NtQF2hgdyYEl1si8n_SfVpnS3z2fFrxoz32T8WIwa4AkbbirXe3u-ErnvN9S0wJ74Pmphj-MWF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFLgj5Rz9XRTZvEnGeR30NtQF2hgdyYEl1si8n_SfVpnS3z2fFrxoz32T8WIwa4AkbbirXe3u-ErnvN9S0wJ74Pmphj-MWF HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 176

https://trace.mediago.io/cs/google?google_gid=CAESEOs3FIq0C6zZEgjw3CA0-Yc&google_cver=1&google_push=AaAOQGFDc6tCBOgbWLJISkL3Y4WoGAzh0SiU8giKybdRfq93xXk9faoynLTJcM7mpF9XzbNvFfDE5mz2bRwN19PaCb1mfgdtRM2A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AaAOQGFDc6tCBOgbWLJISkL3Y4WoGAzh0SiU8giKybdRfq93xXk9faoynLTJcM7mpF9XzbNvFfDE5mz2bRwN19PaCb1mfgdtRM2A&google_hm=2fcba4773d0973ecc365482b6f6a7916

199 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

forbidden Show response
home.s.id/
Redirect Chain

https://s.id/Keamananakunfacebookanda
https://home.s.id/forbidden

65 KB
21 KB

78ms
59ms

Document
text/html

2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

7601d6af50f9dbb29789ebb85c153c0aa883261c733fdcd1743ed5bf8c17fa7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1244
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=3600, must-revalidate
cf-cache-status: HIT
cf-ray: 7e28eaa819e6da33-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 06 Jul 2023 15:35:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkSyp1huj9ygRVbDXv0O3JBZZ4gQZjda5dgrAjFPyOS4gqUAEkLIvn6ZGywQyNXn1I5BoLjR5eJA6LaGApX1TEqK1SMXuXrpj6LWbw8DsVdrYEUesDb2mzabG%2FwyYwA%2BA2hsQB6YRw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Next.js
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=30
cf-cache-status: DYNAMIC
cf-ray: 7e28eaa2aa05da33-MIA
content-length: 0
date: Thu, 06 Jul 2023 15:35:16 GMT
location: https://home.s.id/forbidden#action
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUhTx%2Fw2ARBkVEHsip69J4y6UfIlJ5zO9Ob9XABWAUpfvZ4C27LtplTj1dBKk1hSi1vjDmZ6rTdY4Ys%2FYwUfKH%2BsWDXBhY%2FDskFBuHlhxFitbIc%2BzYkx4mB%2F16IdoA0weyg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 729d8a0eced5c4ef.css
home.s.id/_next/static/css/ 121 KB
19 KB 51ms
48ms Stylesheet
text/css 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/css/729d8a0eced5c4ef.css

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bff37c44ba4023072dee8ba63c87854060cd384b95a6db1969ccb711da267de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1243
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 06 Jul 2023 07:58:41 GMT
server: cloudflare
etag: W/"1e458-1892a35df68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZG%2BfIxvoKjYwjNTAKCFCMgRKRsbPYqC7S5Wd%2FcX1tIyYB8zx0aPQtpyqTW6ZwrCHx6X1xMMdu3rjmdqn2GTpFh8iiPm6eCN6z%2Bc5QHZJVnCriD9jjjzoIHxLZoEup0iNOBuF7%2F5hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 7e28eaa88a97da33-MIA

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
851 B 238ms
90ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800&family=Work+Sans:wght@400;500;600;700&display=swap

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16b6dfe206e80475057176362642d11f0ba0b9149a3fbecee7f016ce503dca0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jul 2023 15:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 15:35:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jul 2023 15:35:16 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 227ms
80ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lily+Script+One&family=Playfair+Display:ital,wght@0,400;0,600;1,500&display=swap

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

842389fa6e59bda1663fa1925b5eebb360d3c28e949f43e343200e5fc038981e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jul 2023 15:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 15:35:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jul 2023 15:35:16 GMT

GET
H2 200 403.svg
home.s.id/images/errors/ 4 KB
2 KB 49ms
47ms Image
image/svg+xml 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.s.id/images/errors/403.svg

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92c39b5c986c8a9c713d77081a0272187a847c57192fe03fc152d25fc4c35668

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1243
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Dec 2022 03:47:41 GMT
server: cloudflare
etag: W/"1136-18551b16f48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uow7lGEkMfN%2BLBv%2FOT62dpb4xRyZamqWz1rdUHbo4qN4f01Nt6LkAJqvHy90ySn8ZZYO95kiJvYuEgx0uZhlxoMsa%2FGxTK6tLbHZekVvzY5Lj3uzCK7l8%2FRZixo5GeaqAPdqiJzf2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
cache-control: public, max-age=3600
cf-ray: 7e28eaa88a9dda33-MIA

GET
H2 200 sid-logo-new-light.svg
home.s.id/images/ 4 KB
2 KB 57ms
55ms Image
image/svg+xml 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.s.id/images/sid-logo-new-light.svg

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1af5eacc5472d595046d8320feb556463d66ca3711b5fc2e6449e5cc49cd167f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1243
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 06 Feb 2022 05:21:36 GMT
server: cloudflare
etag: W/"f40-17ecd7afb00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HOJXsYVqOUsk93WdBM0ErZtWTCDrFopyloYDNojImKIzGmLxJIPboo%2BeczBRrKRQhRXbdJZdHTDWrFPJsW8iphP12LUYai8%2BuQfEwVmmzL1sxP8HlrpgliDBxkSP8Ps8UobkZUdDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
cache-control: public, max-age=3600
cf-ray: 7e28eaa88a9eda33-MIA

GET
H2 200 rocket-loader.min.js Show response
home.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 35ms
35ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Jun 2023 09:29:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64941465-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5woyTRT3vD9DPqOyIrL6S7BQHLjSW44hT1x%2FRHAYC7f9HghSre9Fia7JQxesSgBNEtMDoNmgfETUATiMdnbvTHp2lvnPKb%2F2J%2FoPZBeVAHbw%2FFd1%2F9uqGQhaStCYQx7n24Yscu2vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7e28eaa88aa2da33-MIA
expires: Sat, 08 Jul 2023 15:35:16 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 190ms
112ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: home.s.id
URL: https://home.s.id/forbidden
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://home.s.id/
Origin: https://home.s.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:16 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7e28eaa90f208daf-MIA

GET
H3 200 _ssgManifest.js Show response
home.s.id/_next/static/tYVZKgptFIEquumuKUpS4/ 91 B
654 B 47ms
46ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/tYVZKgptFIEquumuKUpS4/_ssgManifest.js

Requested by

Host: home.s.id
URL: https://home.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2625
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 06 Jul 2023 07:59:12 GMT
server: cloudflare
etag: W/"5b-1892a365880"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8fiDlNBeZNZo3AlCAARxws5qkQsqFAXvCtQugyEO8yOSQ%2B3hy7d9MWqGqM9nhNnFc%2FC1xS%2BaZK9MEybVgtWK%2B3nsE1Kzp%2F74%2FwlkrYh54%2FJCWYSqaJean%2F1UU5yN%2FVbOGL08JTKvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 7e28eaaa3a94dad5-MIA

GET
H3 200 _buildManifest.js Show response
home.s.id/_next/static/tYVZKgptFIEquumuKUpS4/ 10 KB
3 KB 50ms
49ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/tYVZKgptFIEquumuKUpS4/_buildManifest.js

Requested by

Host: home.s.id
URL: https://home.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c5459222980fa54ef588f474e1ba50892188a2c78e9215738f35461cc3b09e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2625
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 06 Jul 2023 07:58:41 GMT
server: cloudflare
etag: W/"29f7-1892a35df68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyVqn8bPRQJcE5PcSFbx5TYE38pqxu7gc8a1yWSIuB97CqmJwszmdjy1hMTeSpIuJX1HU07jOl7YQQa3z1jcgw%2B%2B1Yiu3oglWHT4JilJVg2rPQM%2BhZ88WSKJcxfnpHIxaklkqJt8NA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 7e28eaaa3a99dad5-MIA

GET
H3 200 forbidden-10b950128e113a43.js Show response
home.s.id/_next/static/chunks/pages/ 3 KB
2 KB 49ms
47ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/pages/forbidden-10b950128e113a43.js

Requested by

Host: home.s.id
URL: https://home.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f926e6e28c2cc42192b11d48b31cc743db18131dbeb856bfb07656d220192f9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1035
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 06 Jul 2023 07:58:41 GMT
server: cloudflare
etag: W/"dab-1892a35df68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1YERstksJGQ3AucI6wabtXZZej24yUeuXQT659ynInqbqxAbslmnPeUuvnmLJEPE72%2BugBA0G28bLvyaCFtMTzr4Tc2egjYIcIOOyORzw0jcKdzg4ctXmhG5nBp5mTCmP08iw%2FXkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 7e28eaaa3a9cdad5-MIA

GET
H3 200 _app-85e0b887cd565733.js Show response
home.s.id/_next/static/chunks/pages/ 307 KB
92 KB 81ms
80ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/pages/_app-85e0b887cd565733.js

Requested by

Host: home.s.id
URL: https://home.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ebde9abc085f64172bd6905d7d01989a39041e1ae5ef32a3a17f9ea1745fb7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2625
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 06 Jul 2023 07:58:41 GMT
server: cloudflare
etag: W/"4cd74-1892a35df68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6BqwHq4P9eT%2Bz%2Fd9VN7ZyFfWa0FT9PJyjaShR%2FgdxXl9VDfx4Mk9V3hHiRACyc6%2Bg7ME5it30kcdDsN8F7zyYn6OB%2BVHSRzQWRB9H%2B12L5Yu3XEA8MaINntiBNvM%2BCGkZA%2B%2FOw2cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 7e28eaaa3a9ddad5-MIA

GET
H3 200 main-9a1b3f3669ad5555.js Show response
home.s.id/_next/static/chunks/ 96 KB
29 KB 60ms
58ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/main-9a1b3f3669ad5555.js

Requested by

Host: home.s.id
URL: https://home.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

069b165afd8c89304455de078a01fb19e943a35bd3925b2f50865c2ecfbd9ed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2625
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 06 Jul 2023 07:58:41 GMT
server: cloudflare
etag: W/"18150-1892a35df68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSXcLR9jGW4YmnJbNlKbre4OBlqVB9QIOqLSTijk4Q2K5qiBaKNbTCg6EyGPXlkUUtB6e%2BRcYKqHa1e391bNx0gTzVfK3zpDIldf14K1dYREl%2FOs9pr94aw2ySHMyRur3bPFsCcjwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 7e28eaaa3a9fdad5-MIA

GET
H3 200 framework-fddfb078d7ba94bc.js
home.s.id/_next/static/chunks/ 138 KB
45 KB 160ms
159ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/framework-fddfb078d7ba94bc.js

Requested by

Host: home.s.id
URL: https://home.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2625
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 06 Jul 2023 07:58:41 GMT
server: cloudflare
etag: W/"226f4-1892a35df68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rXmym1tq469X6YyHxncT0HRWIv9OiGzoN%2FfhVJCcM06GBUhcPvhvqSS%2FvaRxXvJee0HxCqbuAIL62JEJg4LqRLC8VUbAGkbuP6BcQXKvrXC3fgEWnYOFdrjpNmNd59KH61i7NsVrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 7e28eaaa3aa1dad5-MIA

GET
H3 200 webpack-7f4703c230167a08.js
home.s.id/_next/static/chunks/ 4 KB
3 KB 186ms
185ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/_next/static/chunks/webpack-7f4703c230167a08.js

Requested by

Host: home.s.id
URL: https://home.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/forbidden
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2625
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 06 Jul 2023 07:58:41 GMT
server: cloudflare
etag: W/"114b-1892a35df68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1bitlK%2FirQ2dAet3NF9lwOtOh4P7srAwH%2FOfyK8otPPzw2c6%2BtDHmjNFZkzNR1HTBU%2Ft41YeMt14bWno47bOd%2F8wxF82CM%2FheTXS%2B1djakQt9CSy5jlosXaYBOjWylvyu9uR%2F5gGAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000, immutable
cf-ray: 7e28eaaa3aa2dad5-MIA

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 213ms
66ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800&family=Work+Sans:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://home.s.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 06:24:00 GMT
x-content-type-options: nosniff
age: 33077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 06:24:00 GMT

OPTIONS
H2 204 redirect
app.s.id/api/ Frame 0
0 1078ms
823ms Preflight 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.s.id/api/redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: ds,x-rpc-lang
Access-Control-Request-Method: GET
Origin: https://home.s.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
access-control-allow-origin: https://home.s.id
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e28eaae3d2925a1-MIA
date: Thu, 06 Jul 2023 15:35:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WJpCM4eJ6qRMxyRNftjDg%2BkGjsuISNIkCDdqoLcT3tsE4w%2FvhP7DOp6BdjvU9AAlJjm550xJy42GQYeOLfQf%2BwDA2KP4nWK1GrDosspt1eKQw85N9V5rj3iMtYrp%2BvH7%2BE8RmxO"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

OPTIONS
H2 204 me
app.s.id/api/user/ Frame 0
0 1073ms
822ms Preflight 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.s.id/api/user/me

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: ds,x-rpc-lang
Access-Control-Request-Method: GET
Origin: https://home.s.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
access-control-allow-origin: https://home.s.id
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e28eaae3d2e25a1-MIA
date: Thu, 06 Jul 2023 15:35:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhIul6KbPfniwSM%2B0HXo%2F2bmbWXLW4JFbVrevGm6UL6yqxqcSHfFunyOdCaUEP4DRwdMJZRQuUJnTqs8mpVRqAgR3lGz9Olge6hbkAgjME9tEvN%2Bp6mF1QOckUSIbcPtzJluvkT5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H3 200 redirect
app.s.id/api/ 469 B
875 B 309ms
308ms XHR
application/json 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.s.id/api/redirect

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/pages/_app-85e0b887cd565733.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
DS: 1688657717,2chctl,66cee7db2a3969552a1d799196fec803
Referer: https://home.s.id/
X-RPC-Lang: en
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-type: application/json
access-control-allow-origin: https://home.s.id
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSRWgb3gvwX7aqG9PAjqdpu7AY8gvXdBVvACUkPjDPPVCbvMvAjTyZCBVXT9ih7Sdb99LacPIW9CSI27fQLSO9oBouqis%2BTLJN%2FZTSkMPQ7i0E0DdypwyvkPVuAQwDS1tAH5U48x"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7e28eab36accdad5-MIA
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS

GET
H3 401 me
app.s.id/api/user/ 58 B
705 B 326ms
324ms XHR
application/json 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.s.id/api/user/me

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/pages/_app-85e0b887cd565733.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
DS: 1688657717,h8l4bz,53deee7dba9ccd8e6c1f56eee18deb55
Referer: https://home.s.id/
X-RPC-Lang: en
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 58
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-type: application/json
access-control-allow-origin: https://home.s.id
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yT9GibeXmWvyENkIL5HC7Q67IC3JznCVTgvJfMS%2F1J8dvpRE%2Bkx2en5%2FijQJoZ34XxmGBHKfSt4pJDSQbQDlfGaMF5gvcZ8VhfEGAy%2FPjU09woscFEMP%2FZIIWmWVmztJgXNtQbj2"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7e28eab36ac7dad5-MIA
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS

GET
H2 200 js
www.googletagmanager.com/gtag/ 229 KB
81 KB 317ms
164ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/main-9a1b3f3669ad5555.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82720
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Jul 2023 15:35:17 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 232 KB
82 KB 265ms
113ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/main-9a1b3f3669ad5555.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83423
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Jul 2023 15:35:17 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 200 KB
72 KB 249ms
98ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10823601447

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/main-9a1b3f3669ad5555.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73016
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jul 2023 15:35:17 GMT

GET
H2 200 fbevents.js
connect.facebook.net/en_US/ 171 KB
47 KB 218ms
66ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jul 2023 15:35:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: RTlf/CkmhuZGHwevn/feA+rR/1fgqVNEWPthmRuQy4WhMYNKTXxmAbEYoXdkdEPNv8/g9G3HsM5y6SGQrsS3jw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 snippet.js
static.zdassets.com/ekr/ 24 KB
7 KB 133ms
59ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/main-9a1b3f3669ad5555.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:17 GMT
x-amz-version-id: h_C7R95D6YonGiyqdlKE7XDlNtmjvPl8
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: M8B87B5WD6KW9TQW
age: 47
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: RKlO6yU+3i2D7kIcrTuuhPu9tFMXvokRM4w8sk7oWeKstoDI+hJFcSNG++0hOK5rr8opUIvqiUk=
last-modified: Sun, 14 May 2023 23:22:32 GMT
server: cloudflare
etag: W/"9ce7e23b1a5cf89ecf9e795e0ccb61b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0oeEMYzb2ZOoj32aP7U5GSMIRPM8PkzGkRzWf5afxhEWfpM5f%2Bx2f4dB5cJ2Q1WVfGB45ZBKUOUc4G3rEmX0k1LnrzrnAtDCIBQXU0QxPmib9FhCDTqRS%2BQ5%2FpPCVxkvFtGP8E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 7e28eaad2d75d9c9-MIA

POST
H3 204 rum
home.s.id/cdn-cgi/ 0
137 B 37ms
37ms XHR
text/plain 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://home.s.id/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://home.s.id/forbidden
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: application/json

Response headers

date: Thu, 06 Jul 2023 15:35:17 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://home.s.id
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7e28eaacdededad5-MIA

GET
H2 200 4b27aa03-d3da-43eb-8382-660c054fbc9d
ekr.zdassets.com/compose/ 316 B
1 KB 215ms
136ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/4b27aa03-d3da-43eb-8382-660c054fbc9d

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:17 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 7e0b8b4cd87aebbb-SEA, 7e0b8b4cd87aebbb-SEA
x-runtime: 0.039161
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"cb0a36398d90b8254f08c50e5a9aa566"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JaVRLXHQXQVA%2BNYzcqitbyr68aqqE%2B%2Fl6Q%2BrSOtJ4EphPlOY7PNwgbcQLxgzl%2FS4R6F1X2%2FoSct1EWn2355u8wCpR%2Bdo99WDgano9ipNsivf4hsXDNlLTNUL5UQxD0G%2FgCU%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 7e28eaae1e8f31d7-MIA

GET
H2 200 3626502037629324
connect.facebook.net/signals/config/ 378 KB
108 KB 119ms
118ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3626502037629324?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 06 Jul 2023 15:35:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 3ONJkQ+8K3c5RGCjgMEC0WfWkmgPhvdYCc7vKnERw16NivzffK1hq51qdRGvLASsFjeAUH5qfLBROIK5DBYNjw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 web-widget-framework-a96d1b070402df2f7de7.js
static.zdassets.com/web_widget/latest/ Frame DA09 100 KB
32 KB 48ms
48ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-a96d1b070402df2f7de7.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:17 GMT
x-amz-version-id: lUaMsRyETXFChOKprIwJvWC7JxZuxV9j
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: ZM4SV3TE6GVVC2KD
age: 307993
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: tAst4ov951tv8vIOgtHHzcnpJlVnzqzAOSAU6N7HtjIzi87o1xWM8oMGnevZIv/zqGXaxPR2zB0=
last-modified: Fri, 30 Jun 2023 05:19:15 GMT
server: cloudflare
etag: W/"1b6c06776408a5a12e0192d2523f5294"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivWb6vYoUcTfDQ0KVji%2FnJgALl8pQVO9ygNoVtgOJb%2Fd7ha8iwAhnIW5k%2FLjpiiQnrrsxMQ7S1P%2F71zZSqd2rpWwyDOJCKyh3WXV1fZkNdte54KFy%2BkKbyL9cnHbZygmPbhSsls%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7e28eaaf4829d9c9-MIA
expires: Sat, 29 Jun 2024 05:19:14 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 229 KB
81 KB 103ms
101ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10823601447

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82810
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Jul 2023 15:35:17 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 232 KB
82 KB 104ms
102ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10823601447

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83467
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Jul 2023 15:35:17 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/ 2 KB
2 KB 764ms
626ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/?random=1688657717718&cv=11&fst=1688657717718&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&hn=www.googleadservices.com&frm=0&tiba=Forbidden%20-%20S.id&auid=2074861385.1688657718&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10823601447

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 122 KB
47 KB 106ms
106ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10823601447

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 48234
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Jul 2023 15:35:17 GMT

GET
H2 200 config
sdotid.zendesk.com/embeddable/ Frame DA09 1023 B
1 KB 713ms
604ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdotid.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-a96d1b070402df2f7de7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-674767cf67-xkrgb
x-cached: STALE
x-request-id: 7e28e8326a4261f3-YVR
x-runtime: 0.002229
last-modified: Thu, 06 Jul 2023 15:29:21 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igWga%2F6OpcY2f%2BVJyJOzsn6cdJUKBZQSd%2BHRxfRAAfivy1n4g7cnxu7uoQnwhGe8t86bgsreMzG%2BTzPezaoLqrmfEE%2FWRe%2FS5oSuB%2BEvP1isKPEWdzXxSOSmqDjtHXJSntvbAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 7e28eab0fba72589-MIA

POST
H2 204 collect
www.google-analytics.com/g/ 0
167 B 230ms
89ms Ping
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je36s0&_p=773512382&cid=647534918.1688657718&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1688657717&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://home.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
250 B 232ms
80ms Ping
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je36s0&_p=773512382&_gaz=1&cid=647534918.1688657718&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1688657717&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:822::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://home.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 192ms
68ms Ping
text/plain 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-98MWVCBDD7&cid=647534918.1688657718&gtm=45je36s0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://home.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 258ms
81ms Image
text/plain 2a03:2880:f13a:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3626502037629324&ev=PageView&dl=https%3A%2F%2Fhome.s.id%2Fforbidden%23action&rl=&if=false&ts=1688657717991&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688657717989.2065530174&cs_est=true&it=1688657717584&coo=false&exp=a0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 06 Jul 2023 15:35:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 analytics.js
www.google-analytics.com/ 52 KB
21 KB 106ms
79ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Jul 2023 14:11:08 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5050
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 06 Jul 2023 16:11:08 GMT

POST
H2 200 collect
www.google-analytics.com/j/ 1 B
92 B 87ms
85ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=773512382&t=pageview&_s=1&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&ul=en-us&de=UTF-8&dt=Forbidden%20-%20S.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=675032831&gjid=454251468&cid=647534918.1688657718&tid=UA-225238330-2&_gid=1565088666.1688657718&_r=1&gtm=457e36s0&jsscut=1&z=1588708127

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://home.s.id/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://home.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10823601447/ 42 B
456 B 222ms
83ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10823601447/?random=1688657717718&cv=11&fst=1688655600000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhome.s.id%2Fforbidden&frm=0&tiba=Forbidden%20-%20S.id&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3577786479&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://home.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-widget-main-8695075.js
static.zdassets.com/web_widget/messenger/latest/ Frame DA09 514 KB
160 KB 55ms
55ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-8695075.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-a96d1b070402df2f7de7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:18 GMT
x-amz-version-id: P.KBRf_zEKeUACznButTKpmqzOA.kGir
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DARFYH1EX8CYDC9D
age: 307987
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 4D/eCmPsIxAqSpC4PMmCvmp921N3HzSGbargmuDch9EXfx1MtOMqYSn9jwGkrkzF6Lfapk3FOdQ=
last-modified: Fri, 30 Jun 2023 05:25:52 GMT
server: cloudflare
etag: W/"8a082cf5e180ae24fd7b8ae9cda28db8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nx5fvedJpAhFkMbxb9XrsjUbIzEle6F9XqDkZO4QD5pPMVGKJTkq5XL64CB%2B4Ly%2BW3XTaiZVIC7xG%2BeS24MYV8pakHB4vgHZjMeWbAEoEuW%2Fjw9txdRdtU43Fivzi1T1l8wWCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7e28eab4cf6cd9c9-MIA
expires: Sat, 29 Jun 2024 05:25:50 GMT

GET
H2 200 en-us-json-8695075.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame DA09 16 KB
3 KB 49ms
46ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-8695075.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-8695075.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:18 GMT
x-amz-version-id: gdh1Ai6GmXQu3I6BVRG8ggtEsZBWPdmt
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: QHZRBYDX0ANSA2XV
age: 307987
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: bFwhhTAWZmsTmgLM5HbgvbSArCHAIUMkwjVMEES9YLWcCh8FSSANsTsLyKU5BKrIl8jPOtv/1Ws=
last-modified: Fri, 30 Jun 2023 05:25:53 GMT
server: cloudflare
etag: W/"3b50d707d23772f060152b4ff6347a38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AMTgcCpR44btAyI%2BxLPShsXXR497skvOKc3%2BHj3EC0D97BP9yPsPYCrTGOk%2Ba62sC3mDokTicns4uNVwZCvdWLCUkhVdbtakEcpNvxX5u2QnIdhwoMe1oZ4YhQWmZ9GQO%2Fgz%2FzE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7e28eab6294ed9c9-MIA
expires: Sat, 29 Jun 2024 05:25:52 GMT

GET
H2 200 web-widget-4852-8695075.js
static.zdassets.com/web_widget/messenger/latest/ Frame DA09 139 KB
47 KB 60ms
57ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-8695075.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-8695075.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:18 GMT
x-amz-version-id: x9AwZAhvbtr2HPxowUOST9dCAAB0UbIi
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: QHZTJAS01HYYE5XH
age: 307987
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: zLP9lLZJav+dgtCT6leXdfhYUasUc7zG2HFKmAWCOkxEC6Gb4EolsIHzqqUqyn8gWg3nrv8xRTY=
last-modified: Fri, 30 Jun 2023 05:25:52 GMT
server: cloudflare
etag: W/"537006977bee3c56b5a5b9900b593d0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tR3T1ADcCYLFQwdTzuAyfhDXsHAK3BL3Nf1NJF8RW9QPbh9zaiYu%2FATC1UELrOydfGtopEVtHWWIBxhz4ri%2FNm5FgmHvH0pSpyVV1FHy%2Fj8ekJZcwtCMoYrQoTA0MWmDylZhBHc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7e28eab62950d9c9-MIA
expires: Sat, 29 Jun 2024 05:25:51 GMT

GET
H2 200 web-widget-519-8695075.js
static.zdassets.com/web_widget/messenger/latest/ Frame DA09 24 KB
8 KB 60ms
59ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-519-8695075.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-8695075.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:18 GMT
x-amz-version-id: Vxi4rHjbnl7sUUB_xtxsyTcVkVknZWl2
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: QHZTZZNECYNNF65G
age: 307987
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 2JbVqJS/vO3aWiMKng3isDMZ+6P4eccqE+jxxwphVu2emzNz7XAYVEcBmyXN7ffuC7gWPygwrHM=
last-modified: Fri, 30 Jun 2023 05:25:52 GMT
server: cloudflare
etag: W/"1c9884a2069c7bec6b20dac62004eb1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQ%2FEMkR4gUnfYr3r%2BE0fuc7wD%2FhREE1C72Bm%2FMkyE1r5mj%2Bagiu92Et7onq3g28R5BabkXiNOKeSj60rLrh9hiSpFQx0bbUhE2ThpZqcnXJPepDGJtqM%2FTr1MIGnaSjY2eMBuUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7e28eab62951d9c9-MIA
expires: Sat, 29 Jun 2024 05:25:51 GMT

GET
H2 200 web-widget-5178-8695075.js
static.zdassets.com/web_widget/messenger/latest/ Frame DA09 24 KB
7 KB 49ms
48ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-8695075.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-8695075.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:18 GMT
x-amz-version-id: O0KoMjs1rIcULWXV4hcjOlXOwRL4P8n5
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: QHZWAJA3VP7PSQGJ
age: 307987
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: XqIoT7IWt5r4fZFiKfjcPp8WvfNS5uV3t7K273PaH2DUQJg0DjvmI/2pxUQ91gi6FDxkcfMCASM=
last-modified: Fri, 30 Jun 2023 05:25:52 GMT
server: cloudflare
etag: W/"483e1c1175df9503d548cc0e58d35042"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLzEb8r9VGr2QbkbT30Nn53nYx%2FnJ%2FbbgoCLv1ocsGARUpnIMufRIQCIbjYk0M5tGwCXzEdtNc%2BA0N8WT93mBmAkEW4cWYVZ%2BUthXBTXGX838Hq%2BNt6sP%2BFqE4J7%2BvA41rVx%2BPs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7e28eab62952d9c9-MIA
expires: Sat, 29 Jun 2024 05:25:51 GMT

GET
H2 200 web-widget-9535-8695075.js
static.zdassets.com/web_widget/messenger/latest/ Frame DA09 15 KB
6 KB 48ms
47ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-8695075.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-8695075.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:18 GMT
x-amz-version-id: ikH4Lm_NRPZhoQlhCzlH5SIvFsn7wE1H
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: QHZJNDYJXPAZNT37
age: 307987
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: W+kwUKi6C7lcEDOLTUtD7DnS6/4ohtpqd7UZM+BKrpp/p7I+h6inf9FGS3yaQVl2UoJkJEKl+4o=
last-modified: Fri, 30 Jun 2023 05:25:52 GMT
server: cloudflare
etag: W/"a5d9120de11d98c9c37c8666f5c9d3b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8bGTmcs7XdhJWFphWMftJMfvIBFfqyr8IXYL8KSpBXgBfcVw1Bg6K%2FlMjX06cdl%2FmMWqqC03C8FH2bQOrLtwccDtH%2BWpzt%2BNmocGO%2BkTbLGYGWTu7IYv8xN62sfvkSVWixg62Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7e28eab62953d9c9-MIA
expires: Sat, 29 Jun 2024 05:25:50 GMT

OPTIONS pv
sdotid.zendesk.com/frontendevents/ Frame 0
0

POST pv
sdotid.zendesk.com/frontendevents/ Frame DA09 0
0

GET
H2 200 Primary Request oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3 Show response
blog.s.id/post/2022/05/19/ 107 KB
30 KB 136ms
67ms Document
text/html 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Requested by

Host: home.s.id
URL: https://home.s.id/_next/static/chunks/pages/forbidden-10b950128e113a43.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

60d657fd1a5462b366ee8ffff28d1e0e402e28f299c47ed941dd5ef8b5d068d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://home.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1032
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=3600, must-revalidate
cf-cache-status: HIT
cf-ray: 7e28eaba2ce5da33-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 06 Jul 2023 15:35:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbAeG0ZcvhbSzZwC3B7VPxzY%2BUNHg2SknD7%2BysdBRQ%2B3YncVZfc8cGcH35dRION4WKOANv8HTy2%2F44XG9v4HKzZNKnFmripAONbjuf5HrwWCLJbUleesdbX9SSsWuYP9ZEj8K%2B663A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Next.js

POST collect
www.google-analytics.com/g/ 0
0

POST collect
analytics.google.com/g/ 0
0

POST rum
home.s.id/cdn-cgi/ 0
0

GET
H3 200 cc991429c08da6c8.css
blog.s.id/_next/static/css/ 106 KB
17 KB 50ms
49ms Stylesheet
text/css 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/css/cc991429c08da6c8.css

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa8cfe9fe7581bdf35e892bd0daf7de6767c3451e4a934a99b1465672296ea35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25525
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jul 2023 07:57:02 GMT
server: cloudflare
etag: W/"1a717-1892a345cb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fr5eavcUcmyodkC5XWiuxYhbG35tnHKDN4uaKoflMLqrGtcP6hrRoQF%2FKGhqw6ckmgDwXjJsJIm7r9xNrl4LHKXZ3HouTGeM8I9V7o2cSsfjX9cY1R%2Bu6VcOBE3dS9JrOXva5Xb%2ByQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7e28eabac8ebdad5-MIA

GET
H3 200 0ccc702cf5b6f291.css
blog.s.id/_next/static/css/ 722 B
796 B 52ms
51ms Stylesheet
text/css 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/css/0ccc702cf5b6f291.css

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecf1b45e741c358105ec165c66cc44e962e6dbfe4948ea4a4094791472e03c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25524
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jul 2023 07:57:02 GMT
server: cloudflare
etag: W/"2d2-1892a345cb0"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FXhKJXF0U%2FNJo8e79DfR2FAh6PQISwMJsFBXouJSdkEE%2FRJrrfRWxi8pJzYN24%2F%2B1aHRqXQpCrtogwyb5WA9uWE6X1r29XHhSfVAt8Iry6Dg6Kx%2F%2FhChBphrnt%2BEWsaQawtDJYAow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7e28eabac8f0dad5-MIA

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
874 B 85ms
84ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&family=Work+Sans:wght@400;500;600;700&display=swap

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac2af12c81be58d6906f22b9dbdb6d9753a775ca31d71c993839c8674acd020f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jul 2023 15:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 15:35:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jul 2023 15:35:19 GMT

GET
H2 200 twib_2305_12x3.png
cdn.s.id/assets/ 98 KB
99 KB 79ms
59ms Image
image/webp 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.s.id/assets/twib_2305_12x3.png

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1181f845db285df5fd22d07af5e1b79842cb90f51cadad31fb47f1fd91b0030

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:19 GMT
x-amz-version-id: Wsql2JZNQKUJpKN.Vb9rRq4J3CFEbvc7
via: 1.1 4c3c3d48e1596e1c2c468662d48c7cc8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-amz-cf-pop: MIA3-P3
age: 26324
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 100326
last-modified: Fri, 19 May 2023 03:39:20 GMT
server: cloudflare
etag: "7103c23e3ede7fb239e03e1fffb96d49"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3z4Rq2%2B84YR%2BP%2B6BKLRf8YIUn9EP4rqhs%2BcvnHc5%2Fqu%2BxSduZn39ss3B68hjc8x1%2FpNxekb92n2kXx4ubJNiF2KcDuJvaxaDypfYZ4Vx439el8r972g%2FklbYgWdJlw9SLgvyKCh"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7e28eabb0e0eda33-MIA
x-amz-cf-id: TVDZ2qSPK5th9ijBmjCVMeuG1lnBEuWW_g0TKgD8KVZv4njuXkqqbQ==

GET
H2 200 230606-appfair.png
d3li60t7cgizua.cloudfront.net/images/ads/ 1 MB
1 MB 247ms
76ms Image
image/png 2600:9000:23ca:e000:8:217d:7c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3li60t7cgizua.cloudfront.net/images/ads/230606-appfair.png
Requested by: Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e000:8:217d:7c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ac30ba8f6137bc1f50ed2159fe5f85833c7ac8d15527efe4834f6b1c2a7c5df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: nFDBbHFv16Jza_X2SUn4E2nrDw1gMiRX
date: Thu, 06 Jul 2023 09:47:32 GMT
via: 1.1 8cdf4e2d4f4070992665477c4dbca0c0.cloudfront.net (CloudFront)
last-modified: Tue, 06 Jun 2023 03:21:20 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 21593
x-amz-server-side-encryption: AES256
etag: "4e94cbde9b1a9ba26aecf726eb0de238"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1251640
x-amz-cf-id: HGoWvY04gCnaFj8fAUNKCg5Us3--b3A5Ltr0bZwYvTeUQRpK78WHpg==

GET
H3 200 sid-logo-new-light.svg
blog.s.id/images/ 4 KB
2 KB 785ms
784ms Image
image/svg+xml 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.s.id/images/sid-logo-new-light.svg

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1af5eacc5472d595046d8320feb556463d66ca3711b5fc2e6449e5cc49cd167f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sun, 06 Feb 2022 05:21:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"f40-17ecd7afb00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1YeMHXlwV2m76cZqpsrqiRYPo4t7J5PU4HIt2auc%2FNHu72ZrTnZ777Hd%2F2bGlDvkH5ATvy%2BVvbfpmccttW9ppoLJQUKNtGtQU17tTGxKyXzFAPSoqW2CYl%2FYcXVPlEJhk0nFgxfSDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7e28eabae91ddad5-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 adg-red-ring.svg
blog.s.id/images/ 6 KB
3 KB 806ms
805ms Image
image/svg+xml 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.s.id/images/adg-red-ring.svg

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7fb840478ca64f3410fff0ffa40eb38fd8a7cfc36c10f117c3869ea93c00182

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sat, 12 Mar 2022 15:31:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"1926-17f7ec17510"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYwgsJWzSVd2ew6Iwce%2B9b6qpc%2FbTr1ZjDa2ZSbSfeAZbZUWoLxnnzTiqR0aCJJo3L0LaZv9whvFPQLKO4oRbp7ht9fXWH4BC8jN3nUlnaqyRzJGSdMzGEuT8%2F6DPVGFg4K0H5LEFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7e28eabae921dad5-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 rocket-loader.min.js Show response
blog.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 37ms
36ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Jun 2023 09:29:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64941465-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXCRak45YK4dnOq1BYgd7ffAYnZ27jsZKj9Bc0U6CfrM2UuCQSA1m0SkyUu8lnOqKpf%2BMiMnFya79P0Ol7dhb3kmGi5KInjixqzCFVTdPE4ihq4Em5xIhXXiIaWWRXfxVmc1MGN8VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7e28eabae922dad5-MIA
expires: Sat, 08 Jul 2023 15:35:19 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 99ms
97ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://blog.s.id/
Origin: https://blog.s.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:19 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7e28eabae9958daf-MIA

GET
H3 200 _ssgManifest.js Show response
blog.s.id/_next/static/xrBOIIwIHshyJC0vPPAnB/ 77 B
588 B 56ms
55ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/xrBOIIwIHshyJC0vPPAnB/_ssgManifest.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24518
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jul 2023 07:57:02 GMT
server: cloudflare
etag: W/"4d-1892a345cb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yU5Q%2FEjFF0jy4NkldggUg629UaA1NYMjaS8wBo50p4cEdejbdCHWRslxzYksJj70UFqSXXDT%2F8rjAdelK6Hsop%2Bhd4DgYO%2F%2FafA6MbEGyHnqksUmN8EotHn%2FMy5zR6JTipnMbyOshg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7e28eabb59e8dad5-MIA

GET
H3 200 _buildManifest.js Show response
blog.s.id/_next/static/xrBOIIwIHshyJC0vPPAnB/ 998 B
983 B 57ms
52ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/xrBOIIwIHshyJC0vPPAnB/_buildManifest.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7fe077505a08fef79eca4979b3eb08495c6e18c2ef9b54388918d01024cf503

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24518
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jul 2023 07:57:02 GMT
server: cloudflare
etag: W/"3e6-1892a345cb0"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksSItujVbxegKIv7Wvu94cG2SjQaLelacSCaTVImQC8KKS95Wh5Pl0bnG%2B6QA4W2h1IX5GfrCsuXay2rXuyzXuzw5B0wmApQDniYwbytpvFXxg40oFMy7xtbPBPTu4en9mlVdXv%2BSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7e28eabb59f5dad5-MIA

GET
H3 200 %5B...article%5D-16b30e22d0226086.js Show response
blog.s.id/_next/static/chunks/pages/post/ 23 KB
9 KB 58ms
54ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/pages/post/%5B...article%5D-16b30e22d0226086.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6f83766abba78768b2bcba2cafb4b60f341b54a750a05a5c59975c2cc44687b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24518
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jul 2023 07:57:02 GMT
server: cloudflare
etag: W/"5c42-1892a345cb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6goRMoXYjbqWKR1f1rPskbFdMTPcXQl3jzxJeKAwHsfgz7f8BFT43%2Fp%2BiiStOLk0GZfxYNfnZRK%2B3BRqKTfCEqkTB1oHhFf5HYpsTMmqGJJ9ARgWbTG3He226Y4Cg03N7bBZf3I2ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7e28eabb59f8dad5-MIA

GET
H3 200 68-3f804d5183c067aa.js Show response
blog.s.id/_next/static/chunks/ 16 KB
6 KB 61ms
57ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/68-3f804d5183c067aa.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec9099a1e78c190ed16337af79087737f0082c9014401f7bdb19171924378656

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24518
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jul 2023 07:57:02 GMT
server: cloudflare
etag: W/"3eba-1892a345cb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stUlSttxjXnywnXmJqNky9nPt8FmSkntr%2FfLF4YKfkQ60v9%2Ftn4kanDslVO9HvVj%2FX6EK8N9SB%2BCYVVwQPHjEAyQ7LDPRc6xYZMP0dhKLUGzdeMfkL4HEZVi0b7zpq26GT%2BJ54LR5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7e28eabb59fbdad5-MIA

GET
H3 200 923-087fffebd3c5da65.js Show response
blog.s.id/_next/static/chunks/ 163 KB
50 KB 67ms
63ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/923-087fffebd3c5da65.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d90fc9f6bee5dc1325b1533fe1ff6157aa364d95fd76f3cb13e9a067243cc3ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24518
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jul 2023 07:57:02 GMT
server: cloudflare
etag: W/"28abf-1892a345cb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYxHxTFKgv4SsUQB%2Bld%2FwGE3GOE9YQmU5ZExbtlE%2F0WxhUdtZaz9fhS05qj6qj23UyrUsfGe%2FzOHouvFcmb08LceekD%2FTLP9Clj9IeBFDN23LBxcFrq%2BpD%2FtKIA%2BgKqIsH4YUqF0yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7e28eabb59fcdad5-MIA

GET
H3 200 9849d5b5-45be35bd4b4157cd.js Show response
blog.s.id/_next/static/chunks/ 3 KB
2 KB 61ms
57ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/9849d5b5-45be35bd4b4157cd.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fd155d8504c42656f9a67bde0f6fa8c8313701dce4ca486a7d598dff22e1801

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24518
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jul 2023 07:57:02 GMT
server: cloudflare
etag: W/"a7e-1892a345cb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksAGvUZDDFfEADCj8CkZNO3ko3a0pyNulvcmBIxremHCh1hYJcGrFRYDbvCebJd8%2FlyFeJqR04QwqWkt8t3OMvalBc397MVdYr1xlKGm2Xgn9ogJt7wnddjBc0C%2BvhBxant2smEcKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7e28eabb59ffdad5-MIA

GET
H3 200 _app-dec7f587b39412e9.js Show response
blog.s.id/_next/static/chunks/pages/ 150 KB
48 KB 62ms
58ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/pages/_app-dec7f587b39412e9.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb277c3f3d2b374ed140a82233dc7eaf0c25bd659117ff2780e9a05ca51c6598

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24518
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jul 2023 07:57:02 GMT
server: cloudflare
etag: W/"2597e-1892a345cb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VoUpF%2FJOJcGCGl1yxYvZ9uxpENwNeK4G5VdMLWZt5Htch8g1ZyNtfT%2Fv3kRkb3eqxOGhm8fw6z34WtbKrcKStYiqWKlv17sYikTwwR%2BO%2F00gK0KOgOTB5ihVWPV2emTGlkF2f6nUxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7e28eabb5a01dad5-MIA

GET
H3 200 main-ef060895a635bf59.js Show response
blog.s.id/_next/static/chunks/ 96 KB
29 KB 58ms
54ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

345dd805b52864848882d8f89c24661f408925f549a626e5bcd33b6f072e146a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24518
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jul 2023 07:57:02 GMT
server: cloudflare
etag: W/"17fff-1892a345cb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BN70zP1WSCVuAB7djohU925ozBxVcmYhmYhQBap0mIKOQztuHaQiwdkRWgh4XTHmIVvSb0j7lMs0yQHoybA%2FFaSz2NqBrYCYLcf6GLu13lutAO2ma2ZZYsDhE8qWoWP2jhL%2FKLmE7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7e28eabb5a03dad5-MIA

GET
H3 200 framework-400d78dd60ac46ca.js Show response
blog.s.id/_next/static/chunks/ 138 KB
45 KB 90ms
86ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/framework-400d78dd60ac46ca.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1e0354048342615ee678931bb922fcb098fc4f42b3edae6df7624a2b812fb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24518
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jul 2023 07:57:02 GMT
server: cloudflare
etag: W/"226e4-1892a345cb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43%2BuKy8LGw0UrmEC8%2FLA2icpqIf8tzus4JUTuNBajsgvhpE9FicP%2FOZn8Bq8bcv0HIk7pAA9z37WN%2FmwMkf%2BsouM9SoYO6yNVKzvRs9ZlUlgvhO4%2BMJXmaD195d0m2Bg%2B0P%2FtZpmQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7e28eabb5a04dad5-MIA

GET
H3 200 webpack-6ef43a8d4a395f49.js Show response
blog.s.id/_next/static/chunks/ 2 KB
2 KB 56ms
52ms Script
application/javascript 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/_next/static/chunks/webpack-6ef43a8d4a395f49.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38ea73ab67fc116151506874fc35620aacfc4d7465b5b76b307bd38c4fb9fdd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24518
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jul 2023 07:57:02 GMT
server: cloudflare
etag: W/"834-1892a345cb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBVDM5TKpZ%2FZ6qdawsq%2B4TojQAVvbm1O9jiL3KNdNmplVLCpaGUumJSWmTqhbjqXAexpvYRlPF972aX84FV%2FM3j%2FtKIyTxjGWdHeiN0bxS0wSGfZYlBscDX9A%2BN3HmiQtdNakZo6xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 7e28eabb5a06dad5-MIA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
48 KB 232ms
91ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Requested by

Host: blog.s.id
URL: https://blog.s.id/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b42586e7f6fa3cf9188f973296af7bc8068fdc2424acfd065a59d608f368bdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48637
x-xss-protection: 0
server: cafe
etag: 9802492879181586295
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 15:35:19 GMT

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v18/ 47 KB
47 KB 67ms
65ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&family=Work+Sans:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://blog.s.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 04:51:36 GMT
x-content-type-options: nosniff
age: 470623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47728
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 17:55:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 04:51:36 GMT

GET
H3 200 sid-logo-new-dark.svg
blog.s.id/images/ 4 KB
2 KB 787ms
781ms Image
image/svg+xml 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.s.id/images/sid-logo-new-dark.svg

Requested by

Host: blog.s.id
URL: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c62efa11e56d452e201244a46cc0c80d5bbd7d676487f6bb4953d71ac55e4f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Sun, 06 Feb 2022 05:21:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"f40-17ecd7afb00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2BNAuq1E39fhkSvvetNn8hIlGPJQ%2F8aZIWD2QDrdoysHqBL05%2FKWIn1CgOGxhXlaKMfy%2BDgh2hMnTBwpb9w18QRe1oCSH%2FzCIAYGf%2FRYRUr6cgcGNBiAcnzOhMkXgDMgV4BXOcJTKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7e28eabbfb85dad5-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306280101/ 344 KB
118 KB 115ms
114ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306280101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

155a57fb53bc0ee1f96820c46581918528a323d35ccfac6d990699f26a3fc40a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121013
x-xss-protection: 0
server: cafe
etag: 7209733867768758360
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 15:35:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230628/r20190131/ Frame 7E89 10 KB
5 KB 74ms
65ms Document
text/html 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230628/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 74360
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Jul 2023 18:56:00 GMT
etag: 12368291122986407432
expires: Wed, 19 Jul 2023 18:56:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
81 KB 112ms
111ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK

Requested by

Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab19746876d40e5b2334546e90ef2d03e421cfc4ee60346cb2dd2ea36a780b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82801
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Jul 2023 15:35:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
81 KB 283ms
282ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF

Requested by

Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82fb6c50373e78b327bd2006e88c7ee71940234a98a0140899c8711065bdc5bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83413
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Jul 2023 15:35:20 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 24 KB
7 KB 52ms
52ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f

Requested by

Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

622be2eb8ef5825d74867a56c04c9274812a7276da1f7bd218401deb24fdc045

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:20 GMT
x-amz-version-id: h_C7R95D6YonGiyqdlKE7XDlNtmjvPl8
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: M8B87B5WD6KW9TQW
age: 50
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: RKlO6yU+3i2D7kIcrTuuhPu9tFMXvokRM4w8sk7oWeKstoDI+hJFcSNG++0hOK5rr8opUIvqiUk=
last-modified: Sun, 14 May 2023 23:22:32 GMT
server: cloudflare
etag: W/"9ce7e23b1a5cf89ecf9e795e0ccb61b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMp743eUCch0Zh4Yb1kHHayL57yahPXhDLKRjVHFc9G7tPN%2BKlzsJoKCDZfE0YbMtbF1eb%2BPbtvytJh3wK1%2F4R3t1bAsQH%2BTEOVQZAbA%2BEZgwHh0rq9wOyCM7iBghWRiyhMAU5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 7e28eac1c872d9c9-MIA

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 375 B
596 B 531ms
84ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=blog.s.id&callback=_gfp_s_&client=ca-pub-2742216534640545

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306280101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05e444577f8778658f61e66a715aa5c44ccb9a553b01a838bd7ea608059bb864

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 381ms
84ms Script
application/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blog.s.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306280101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 88ms
83ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=cookie-consent%20fixed%20bottom-0%20left-0%20w-screen%20lg%3Apx-0%20z-50&ign=false&pw=1600&ph=1200&x=1575&y=1175

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC31 0
20 B 161ms
131ms Document
text/html 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1688657720&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1688657720367&bpp=7&bdt=904&idt=407&shv=r20230628&mjsv=m202306280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2030710323357&frm=20&pv=2&ga_vid=647534918.1688657718&ga_sid=1688657721&ga_hid=771659849&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31075815%2C44788442&oid=2&pvsid=1277613715358929&tmod=1940049893&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fhome.s.id%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=547

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 15:35:21 GMT
expires: Thu, 06 Jul 2023 15:35:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 225ms
88ms XHR
application/json 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230628&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7e26a7ab7bdbbd6c06388eccea2561a1167cc880ea69ed354d2532c8ba279d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11925
x-xss-protection: 0

POST
H3 204 rum Show response
blog.s.id/cdn-cgi/ 0
137 B 41ms
40ms XHR
text/plain 2606:4700:20::681a:6f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.s.id/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:6f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: application/json

Response headers

date: Thu, 06 Jul 2023 15:35:20 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://blog.s.id
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7e28eac3fa81dad5-MIA

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 78ms
77ms Ping
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GJLS9JMJCK&gtm=45je36s0&_p=771659849&cid=647534918.1688657718&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1688657721&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=Oops%2C%20You%20accessing%20Forbidden%20Link!%20What%20is%20that%3F%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
81 KB 100ms
99ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3dbc055fa70adab633d7f5afaf300f69c41f15eb8316f184b035db12f087d4d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83345
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Jul 2023 15:35:21 GMT

GET
H2 200 1dc98855-fcfe-49a8-9ac6-f3d16b24538f Show response
ekr.zdassets.com/compose/ 319 B
582 B 151ms
150ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/1dc98855-fcfe-49a8-9ac6-f3d16b24538f

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0614957fc34143cbef52b81cebd60f557ff3c3a490b32e70cb1693c77aa65d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:21 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 7e0b8b941f8ee972-SEA, 7e0b8b941f8ee972-SEA
x-runtime: 0.008573
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"f0614957fc34143cbef52b81cebd60f5"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g39oVBDTNHJsDi%2FQUhUtxgWSbQBn0n8%2B8MhaEyvG4wP0NojU%2FcLg0X%2BcdiOcFPyJxDd9YSZZvsC5TXsVIcmA9quhlGGZcJP3j8IjbrOEV1u%2FRkMTduM7XHnPzHy5FeaQ900%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 7e28eac4e9db31d7-MIA

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 95ms
93ms Ping
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-LBWQJM5WLF&gtm=45je36s0&_p=771659849&_gaz=1&cid=647534918.1688657718&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1688657721&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=Oops%2C%20You%20accessing%20Forbidden%20Link!%20What%20is%20that%3F%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
59 B 82ms
78ms Ping
text/plain 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LBWQJM5WLF&cid=647534918.1688657718&gtm=45je36s0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 249ms
85ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306280101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 15:35:21 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 257ms
94ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

022484e6df8c5445ea000accb47ec97e28646a29b3466eefe42b5e9465caf600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26124
x-xss-protection: 0
server: cafe
etag: 397 / 19544 / m202306280101 / config-hash: 16103133595601759730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 15:35:21 GMT

GET
H2 200 site.js Show response
protagcdn.com/s/s.id/ 386 KB
113 KB 172ms
62ms Script
application/javascript 2606:4700:20::681a:78e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://protagcdn.com/s/s.id/site.js
Requested by: Host: blog.s.id
URL: https://blog.s.id/_next/static/chunks/main-ef060895a635bf59.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c47c23e57e44c1206678fcea2854a507dbd61c7db44ec7429767d82e09e6527

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2285
cf-polished: origSize=396346
alt-svc: h3=":443"; ma=86400
pragma: no-cache
cf-bgj: minify
last-modified: Tue, 28 Jun 2022 09:03:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icMuuRoyVCBM7IBT6duzLPJPlNOQIdLUCQaWdKaQ6%2FCHheg5za0xZKalvMMG1nFzu%2FmY9I%2FRma%2Fq3wuk2VtbUJxy2W%2B7YGpZfIpClRnJsUOCw1N961A2uSAK5do3voj6YYwkEuwBPX5TyVg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 7e28eac66a693355-MIA
expires: Thu, 06 Jul 2023 16:05:21 GMT

GET
H2 200 web-widget-framework-a96d1b070402df2f7de7.js Show response
static.zdassets.com/web_widget/latest/ Frame 548B 100 KB
32 KB 66ms
55ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-a96d1b070402df2f7de7.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13dce7936f57fa89585edcddf8d2f5240046df372af43e94fc0a0d4b806a3857

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:21 GMT
x-amz-version-id: lUaMsRyETXFChOKprIwJvWC7JxZuxV9j
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: ZM4SV3TE6GVVC2KD
age: 307997
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: tAst4ov951tv8vIOgtHHzcnpJlVnzqzAOSAU6N7HtjIzi87o1xWM8oMGnevZIv/zqGXaxPR2zB0=
last-modified: Fri, 30 Jun 2023 05:19:15 GMT
server: cloudflare
etag: W/"1b6c06776408a5a12e0192d2523f5294"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=476Cfru49%2FuDET0UoVJPu%2FnCo6mmUtztxvNJQ%2FpB5nvfERfAryuHWFJK5%2FZe9Bl7B0EmS3WtKxW%2B4VjPyxdggWtJsfYgb0oH0U%2BO5n4%2BzOsmiFYDx1wrb4xymqqxu50BVMK8dts%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7e28eac61f1fd9c9-MIA
expires: Sat, 29 Jun 2024 05:19:14 GMT

GET
H2 404 config Show response
shortener.zendesk.com/embeddable/ Frame 548B 15 B
956 B 172ms
49ms Fetch
text/plain 162.159.138.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shortener.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-a96d1b070402df2f7de7.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.138.6 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:21 GMT
strict-transport-security: max-age=0;
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1721
x-zendesk-origin-server: embeddable-app-server-78b6498b97-2vzz7
x-request-id: 7e28c0c3cea38d9a-MIA
x-runtime: 0.008815
server: cloudflare
vary: Accept, Origin, Accept-Encoding
access-control-max-age: 7200
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkwH7ZPbQ1ZO9iKCzMcyi7giA3%2FnkDbFjrGQy7VZHEkd60UqyIgdQ1d1dzR5BF%2BamM780VQGR0wbmD5hEoErQFda%2FKvtqidGxyB5PhuAm7WWGeoTTifnUaiHYgUKrLSeCVp28KVNGg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=3600
content-type: text/plain; charset=utf-8
cf-ray: 7e28eac749d7336b-MIA

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7C0C 13 KB
5 KB 65ms
64ms Document
text/html 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 26403
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 08:15:18 GMT
expires: Fri, 05 Jul 2024 08:15:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0143 783 B
950 B 147ms
145ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

64c066dcca5756160fd8b8d206b49d714d595465d87cfdf8a72fbc45934f2b47

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dQomhWOM7md_C_h_I4eyuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-dQomhWOM7md_C_h_I4eyuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 15:35:21 GMT
expires: Thu, 06 Jul 2023 15:35:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/ 392 KB
125 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 08:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24014
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127514
x-xss-protection: 0
server: cafe
etag: 13498126467117012333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 05 Jul 2024 08:55:07 GMT

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C0C 38 KB
14 KB 72ms
71ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jul 2024 15:11:59 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 95ms
86ms Script
application/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blog.s.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 146ms
53ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 15:11:49 GMT
content-encoding: gzip
age: 1556613
x-guploader-uploadid: ADPycdtEgZqyFAalHPNL9wGb6b69_Ho42M6Aq9ys1oXjRP81URni5h64s-sX8UTmZ5YuTxqtU6UogGRxpqiqA7-ukmo1Hg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Mon, 17 Jun 2024 15:11:49 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 244ms
115ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 29 Jun 2023 05:28:55 GMT
server: nginx
etag: W/"649d1697-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 07 Jul 2023 15:35:22 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
902 B 134ms
43ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Jul 2023 15:35:22 GMT
x-content-type-options: nosniff
content-encoding: br
age: 15330
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-mia-kmia1760032-MIA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 163ms
54ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: 5YRX2K9ZD5ZTP65M
age: 3001
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e28eacb1c1ad9bd-MIA
x-amz-id-2: ZOHDa181UmeOQC5iZ9iA/+Ep/tY5fXTraAa+UusXl7NzV7T3HLeCmk9XC/WZbjw0T7xCK61DL4w=

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 271ms
67ms Script
text/javascript 108.138.128.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-28.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 05:20:10 GMT
content-encoding: gzip
via: 1.1 bd83fc15ab125846f839dd3c1ad21462.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 36913
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 0yXmNq_E9C75_6zJ1G5-lEeQ9rtkQyWJOq2ot69PmSPLzh99m7yrOg==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 278ms
173ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:22 GMT
via: 1.1 google, 1.1 google
last-modified: Wed, 05 Jul 2023 19:08:57 GMT
server: Google Frontend
etag: 6c49a4094d9a446bdc7fe3d19d23b4c7
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: d36a5f2fabf06f54017dcd179d73c2dd
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 236 KB
34 KB 719ms
717ms Fetch
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1277613715358929&correlator=4492131313858134&eid=31074948%2C31075029&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fifs&iu_parts=162717810%3A22766112657%2Cs.id%2Csticky-bottom%2Cbefore_content%2Cin_content%2Cafter_content%2Csidebar&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=970x90%7C728x90%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C468x280%7C336x280%7C320x100%7C320x50%7C300x300%7C300x250%2C300x600%7C300x300%7C300x250%7C160x600%7C120x600&ifi=2&adks=3695268346%2C2238348835%2C3108647390%2C1903703322%2C182523439&didk=1679302058~557921294~3656045228~1185067365~1933480497&sfv=1-0-40&prev_scp=env%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D46%26protag_minutes%3D35%26protag_hours%3D15%26protag_day%3D4%26protag_sticky_pos%3Dbottom%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-sticky-bottom%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D46%26protag_minutes%3D35%26protag_hours%3D15%26protag_day%3D4%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-before_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D46%26protag_minutes%3D35%26protag_hours%3D15%26protag_day%3D4%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-in_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D46%26protag_minutes%3D35%26protag_hours%3D15%26protag_day%3D4%26protag_native%3Dnative%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-after_content%7Cenv%3Dprod%26site%3Dblog.s.id%26referrer%3Dhome.s.id%26protag_env%3Dprod%26protag_page-url%3Dhttps%253A%252F%252Fblog.s.id%252Fpost%252F2022%252F05%252F19%252Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_source%253Dhome_sid%2526utm_medium%253Dredirect%26utm_campaign%3D-%26utm_source%3Dhome_sid%26utm_medium%3Dredirect%26utm_term%3D-%26utm_content%3D-%26protag_ref%3Dother%26protag_ref_group%3Ddirect%26protag_ref_paid%3Dfalse%26protag_segment_20m%3D46%26protag_minutes%3D35%26protag_hours%3D15%26protag_day%3D4%26protag_enable_native%3Dtrue%26pa_upr%3D0.00%26protag_upr%3D0.00%26protag_opt_u%3D0%2CX%26protag_proSlotId%3Dprotag-sidebar&sc=1&cookie=ID%3D5e59c32ed25ecc6d-22ee3f3d91e20037%3AT%3D1688657721%3ART%3D1688657721%3AS%3DALNI_MaZyRbttFo78FKlwGUnAFLtRg2MAg&gpic=UID%3D00000ca0c0a280b6%3AT%3D1688657721%3ART%3D1688657721%3AS%3DALNI_MZAQCF0969RtZefh0o8bXXIq_ZQdg&abxe=1&dt=1688657721997&lmt=1688657721&dlt=1688657719464&idt=2347&adxs=-9%2C426%2C426%2C426%2C1086&adys=-9%2C414%2C1324%2C2762%2C286&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C1%7C2%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&ref=https%3A%2F%2Fhome.s.id%2F&frm=20&vis=1&psz=0x-1%7C468x0%7C744x0%7C744x0%7C220x0&msz=0x-1%7C468x0%7C744x0%7C744x0%7C220x0&fws=2%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&ga_vid=647534918.1688657718&ga_sid=1688657721&ga_hid=771659849&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY3PTf3pIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjc9N_ekjFIAFICCGQSGQoKcHViY2lkLm9yZxjc9N_ekjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y3PTf3pIxSABSAghkEhcKCHJ0YmhvdXNlGNz0396SMUgAUgIIZBIUCgVvcGVueBjb9N_ekjFIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c55952069ebe6d94242e49d5c1453df0258c982288e9cf20c1649c09be103f22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34807
x-xss-protection: 0
google-lineitem-id: -1,-1,-2,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B89C 6 KB
3 KB 292ms
81ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 15:35:22 GMT
expires: Fri, 05 Jul 2024 15:35:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0143 0
0 85ms
84ms Image
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230628&jk=1277613715358929&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1

85 B
203 B

77ms
75ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 74cf06fe85f0cf030317a95bd68f552217c2dac04411983f353823f2677cbfc7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:22 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-PXb6MGg4IY/lUc1BaZBKfZrpSWA"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blog.s.id
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 06 Jul 2023 15:35:22 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://blog.s.id
location: /esp?url=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
318 B 487ms
170ms XHR
text/plain 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://blog.s.id/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://blog.s.id
date: Thu, 06 Jul 2023 15:35:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E3A4 15 KB
6 KB 192ms
65ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=blog.s.id

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 15:35:21 GMT
server: Kestrel
server-processing-duration-in-ticks: 569006
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 349 B
444 B 163ms
161ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 47853e202ba9347d970795203607b77acd0c6afc556fdeb7586d30af4b4968d7

Request headers

Referer: https://blog.s.id/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 06 Jul 2023 15:35:22 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: f2bf57f275a442af2d1103eb7e2513ff
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 349

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 244ms
159ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://blog.s.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://blog.s.id
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 06 Jul 2023 15:35:22 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: 7b1cb90ec7c1fe68d9b5c6314718aca3

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 154 B
608 B 249ms
74ms XHR
application/json 54.88.198.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.198.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-198-127.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2959fb9be4098abac4edfe10cf70a4838f3bf46a05fc7e9350074d49dc36cc4c

Request headers

Referer: https://blog.s.id/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:22 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://blog.s.id
cache-control: no-cache
x-server: 10.40.37.168
access-control-allow-credentials: true
content-length: 154
expires: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7C0C 0
10 B 73ms
72ms Image
text/plain 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7B4n-A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame E3A4
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=s.id&sn=ChromeSyncframe&so=0&topUrl=blog.s.id&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=JgJM2nw4Q3ROMXhZeFNNNHQwTlJoZjY0S05MVHFlTGFQS3ZoT0M3b3JlUHYwaWRPclJxWVVKZjQvQkZxOVlJa053MGNrUHRmblo5TjRlNEQranAzTzcvMFQyem4xbTZVTWthTTB1c0Vmb3FEVGxSOTFHMFJna1I1S0lPST...

419 B
646 B

376ms
60ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=JgJM2nw4Q3ROMXhZeFNNNHQwTlJoZjY0S05MVHFlTGFQS3ZoT0M3b3JlUHYwaWRPclJxWVVKZjQvQkZxOVlJa053MGNrUHRmblo5TjRlNEQranAzTzcvMFQyem4xbTZVTWthTTB1c0Vmb3FEVGxSOTFHMFJna1I1S0lPSTVtSGV2MHZsRzF2OWI3a2JmR3RHdHptcitSZ2Y4ZlFRemlCbVd6WGo2TW9uamw0bnhlQnpUS3lxUFVTY2djeXNkMlN3b3ZrcnpXMGNnRG1NMEh5TmlnVlBDcHBUZitYOHdMb01ja2lUVDBreWIzUVBuMzQvcFJLTi9ETHVQOGJzbHVGS0NvL2lwdlVnRGgzMmU1UW9YWmdLdmExdUpWdz09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

acd70c81273d8627395a6fc3c96217b3596f24c59c428a8ba2ea8daab13fd6b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:22 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1279763
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:22 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=JgJM2nw4Q3ROMXhZeFNNNHQwTlJoZjY0S05MVHFlTGFQS3ZoT0M3b3JlUHYwaWRPclJxWVVKZjQvQkZxOVlJa053MGNrUHRmblo5TjRlNEQranAzTzcvMFQyem4xbTZVTWthTTB1c0Vmb3FEVGxSOTFHMFJna1I1S0lPSTVtSGV2MHZsRzF2OWI3a2JmR3RHdHptcitSZ2Y4ZlFRemlCbVd6WGo2TW9uamw0bnhlQnpUS3lxUFVTY2djeXNkMlN3b3ZrcnpXMGNnRG1NMEh5TmlnVlBDcHBUZitYOHdMb01ja2lUVDBreWIzUVBuMzQvcFJLTi9ETHVQOGJzbHVGS0NvL2lwdlVnRGgzMmU1UW9YWmdLdmExdUpWdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 263043
content-length: 0
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 520F 594 B
806 B 398ms
49ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: b96799097df4785d3246b51f1f389c8749892d490f088bfc3a6acf7e5e0a3352

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 379
content-type: text/html
date: Thu, 06 Jul 2023 15:35:22 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 container.html Show response
7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 44F0 6 KB
3 KB 87ms
66ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 15:35:22 GMT
expires: Fri, 05 Jul 2024 15:35:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ Frame 1440 2 KB
1 KB 130ms
34ms Script
application/javascript 104.19.232.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-before_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=300&w=468
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/s.id/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.232.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 20:27:58 GMT
server: cloudflare
age: 1838
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7e28ead0df41370a-MIA
content-length: 1168
expires: Thu, 06 Jul 2023 17:35:23 GMT

GET
H2 200 container.html Show response
7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A8BC 6 KB
3 KB 87ms
77ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog.s.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 15:35:22 GMT
expires: Fri, 05 Jul 2024 15:35:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ Frame FF3C 2 KB
1 KB 111ms
47ms Script
application/javascript 104.19.232.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-sidebar&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=600&w=300
Requested by: Host: protagcdn.com
URL: https://protagcdn.com/s/s.id/site.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.232.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 20:27:58 GMT
server: cloudflare
age: 1838
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7e28ead0df42370a-MIA
content-length: 1168
expires: Thu, 06 Jul 2023 17:35:23 GMT

GET
H2 200 b0f0bdf0-4ff3-eb48-ebfb-5ebcb39bdb7f
pr-bh.ybp.yahoo.com/sync/openx/ Frame 520F 43 B
603 B 295ms
126ms Image
image/gif 2600:1f18:4e9:5a02:d9f:2dfc:836e:42c0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/b0f0bdf0-4ff3-eb48-ebfb-5ebcb39bdb7f?gdpr=0

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a02:d9f:2dfc:836e:42c0 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 520F
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=7ce1a7c9-c3f5-c2fb-1a22-cade24ffddd6
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=7ce1a7c9-c3f5-c2fb-1a22-cade24ffddd6&dcc=t

43 B
855 B

81ms
80ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=7ce1a7c9-c3f5-c2fb-1a22-cade24ffddd6&dcc=t

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 15:35:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QB2XTN935D6RXXFNBDV6
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 15:35:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 001ZZC3NWWVBWTWSZ70X
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=7ce1a7c9-c3f5-c2fb-1a22-cade24ffddd6&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 520F
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=2437dbb4-df5f-7901-da2c-48494ccc1636&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=2437dbb4-df5f-7901-da2c-48494ccc1636&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=cc270e8e-7f5a-409b-9b0d-4ba00d77f91f&ttd_puid=2437dbb4-df5f-7901-da2c-48494ccc1636&gdpr=0&gdpr_consent=

43 B
250 B

49ms
48ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=cc270e8e-7f5a-409b-9b0d-4ba00d77f91f&ttd_puid=2437dbb4-df5f-7901-da2c-48494ccc1636&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:23 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:23 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=cc270e8e-7f5a-409b-9b0d-4ba00d77f91f&ttd_puid=2437dbb4-df5f-7901-da2c-48494ccc1636&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 520F 170 B
410 B 271ms
103ms Image
image/png 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDg1ODA4N2UtMTYyOC0yN2E1LWNmY2MtMTJmMDg2MmVkODU2

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 520F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL8niC2LnlW6MUM43a52cHQ&google_cver=1

43 B
181 B

72ms
65ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL8niC2LnlW6MUM43a52cHQ&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:23 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL8niC2LnlW6MUM43a52cHQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 44F0 0
0 193ms
170ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CzAOeOt-mZNP-B8GBoPMPm4KjkAyLv4iuZvG66fX_DsCNtwEQASAAYOUCggEXY2EtcHViLTIzOTMzMjA2NDUwNTUwMjLIAQngAgCoAwGqBK4CT9AT6S23NegmKIUuwfl-sp_Etm_X-FS0Wkt28xRXeNsY0dUFCpbezZeIdWcKeGa1GNfhUvGWavpnxIDISnfhe873zD6qnsu-z1E9a0IHdn5oEzym9w6ba21X5ZMjdXHJ8tUUXG_BYhP3ASxmiTblIY5IBC3_xmxou1Jc59VtHvOfoLXxVenwXYiJM9LiwJzGIyUAT8Vh4R4ywYDPoeIY74LCKEb4n1ABhtN7O6IlMB2xs32zO2AoGneUww20iRxbHp6fablQiGWssXJkOq28nfHq6H8qG_LQgwNs8JWs9YPciGnlO4nFAjlgEBk3vO6DYJvZ8uaOJrMg9ryNnBCOuWvUzhnYIpy2IroGDWZMxLkU6jCTrXZcpjUYde6EwTevPK1Vho2mrsFhcs1pwFPgBAGABuDE5v-W7uikc6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjM5MzMyMDY0NTA1NTAyMhiymCo&sigh=zcjTvz5m7nY&uach_m=[UACH]&cid=CAQSOwBygQiDUhXHGb9VWuK4Owew3c6ywYlpsrPd-z0UbCGI-adbxQU8Lb3o3YVZgNaznigchjhzb9tUFFt3GAE
Requested by: Host: home.s.id
URL: https://home.s.id/forbidden
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 204 rtimp
g.bidbrain.app/ Frame 44F0 0
0 298ms
93ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=b858fe3c-1c12-11ee-9ee3-f2f404a1948a&d=blog.s.id&cr=ext_gen2_v10_start_sec7__3&gid=CAESECTSp5DLIGr5fvPE729rD7Q&a=imp&p=ZKbfOgAB_1MIaADBAAjBGzWA1ZpiYbyJj02woQ&im=BXLGn0Acx3xEvCn2bj8iP_0JEaURslsPAsQGTYXNFeKOdpS5k8003RYtVpyUvqr4zvpd1WWGsrHcYjD37W16Lk2do0f94KKLutIhOZFKdEpx6NnMtcN26Ry3_oGd9hhKtntApr84Hi5XIS7hwTtjosTXbd3yJcSBH1K4zjMJZRkacqjeratklZyanVIXaY43vnZhusJzrK9SYT8IunK49n166Lr6UudGexPw4mULgJgp9et1T02xRWZmBKHyGagvixvPvaeGpZtVeRWyBpf0ukww5V2n_bQBiL4kg9KWjm8R3ffGrEwJdPWblW6cARLqJqxEXoI-XD9GkbsMovrmkdS3Uluw8tfDSsv3vuoyO28
Requested by: Host: home.s.id
URL: https://home.s.id/forbidden
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:23 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 44F0 4 KB
671 B 123ms
100ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jul 2023 15:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 14:27:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jul 2023 15:35:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 44F0 1 KB
441 B 115ms
101ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Secular+One&display=swap

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6cafba2d8fd7a8d76f356f7f298fc1cf743ca78f9f17f997e9000ba587cc748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jul 2023 15:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 14:56:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jul 2023 15:35:23 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 44F0 2 KB
585 B 113ms
100ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 06 Jul 2023 15:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 14:49:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 06 Jul 2023 15:35:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 44F0 3 KB
1 KB 98ms
85ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 08:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 08:14:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 44F0 20 KB
8 KB 98ms
86ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 08:14:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 08:14:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 44F0 0
0 114ms
101ms Image
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT6LBzPRfpS2Ez9sQvx3S9sGWgByQ6fo0bGg2r6appV-Zs22NHJC75_n0ChokMbmLgqdjC8eUVALk47VpXzWhQIigGZQQ
Requested by: Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 44F0 24 KB
6 KB 95ms
86ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 07:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 Jul 2024 07:19:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44F0 179 KB
57 KB 683ms
96ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 15:35:23 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A8BC 0
0 131ms
122ms Fetch
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTFb5Ot-mZNb-B8GBoPMPm4KjkAycge-wXKLKp6p0wI23ARABIABg5QKCARdjYS1wdWItMjM5MzMyMDY0NTA1NTAyMsgBCeACAKgDAaoEpwJP0CWFjDmhVC_8l9BX00vuPBPGaIkDIomXF0L_htYUm3uNPb8emGWHiMVDHoZp-W9itKyXGwXZBZ8jk7mZLu5r09cOzo9irUswjCSLbgVYW281oj0jZ6mjQ47gHwL13rGZs76D3pcMvSm73FL6wIM-chJd_mJ9tHdwRkaxMnHPpY4T6a1U4lnNrRTWSzOyXILNUzJsr2Pldb6I8FgpMnLcgNcWq3cA28wXX6AmsLB_XSGKoO4EMHJCmfvDjcK6V25DznDtfZ-ICwWAYetzCpy5sLQll9l5xVwsn1NIgX76e2nwz0WGwPY__yDYWut-ZeaoQoAQqi4nHb3wj27racqlnNlAhVTh9LbF8FfPpCApEFLwzzSnPniTl5w3Cmli0bv-DITJLT-Y4AQBgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTIzOTMzMjA2NDUwNTUwMjIYspgq&sigh=U66g95RaRSY&uach_m=[UACH]&cid=CAQSOwBygQiDUhXHGb9VWuK4Owew3c6ywYlpsrPd-z0UbCGI-adbxQU8Lb3o3YVZgNaznigchjhzb9tUFFt3GAE
Requested by: Host: home.s.id
URL: https://home.s.id/forbidden
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame A8BC 0
0 644ms
57ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kOSJF4KwB6wC2ATiIp0XAgAAAIwh-vXTSxFREDnfpmTdM5k9MURlkm8PAAASAAAKCkFRVURDZ0VCQ2c&wp=ZKbfOgAB_1YIaADBAAjBG0_RAF8aEI1TCXSZug

Requested by

Host: home.s.id
URL: https://home.s.id/forbidden

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:22 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 330257
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame A39D 115 KB
41 KB 628ms
88ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZKbfOgAB_1YIaADBAAjBG0_RAF8aEI1TCXSZug&u=%7CKw3QQ%2FZCgKmQUJ0R10zLZbZikwuf6JVXPhFKSeYAjY8%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPbZQiC09DurE4-msKdnZ_GSrugYFoQQeHSQaopmNCJUXCpMGPMnZLGIdKXjBgUnFsca87EsApHJEOIlBzgHoEy99IRkzBhnBoTr1J-r66Xiynip5MG9sloMceCQ-FG7xJIvoFo0dm6xhn9-Twf7hTSPMVjcT3szVvqDuIUHMOQJt2QWpsgOFUkWUJbaTC0pdnopUaJoPy5Ib3ahbMxiHwA1HWeq1dqNNesGdXtQsmLYNCCNvAiACz52dCzWEt52R7xJEwinFdlhQKkrTOvjAzKT0qTFooOOEr4k2JuEIyGKysFZAsdBUQJtuKE9sSnj8RRRKQgjhTr746kGnEbQWAxdYQ0F44y6qQW6YRsL6VtUr8Uo3G8rdwzXkZvo5Jg6tlXHw0TbYGTDWN4pK4tBkoeu1bO84YmvNZlU0P45k92qS4dJri9I5kMbliM4yTPppyV64Gw7hbKUyswp6cJ8hX2CAitvHsDlMXBpYeut8kk9EfjPY9i0R8SBYva7lSi8N8eus9IgTPh32Z2WZn46_aOeTMEOkOI1r9tlL4KvmLLq3kIWsGtwYG8Xozf82aFQvcpRd92i2OWPeWUm3U_XYiWsx_lBXZQTdVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCdy7Ot-mZNb-B8GBoPMPm4KjkAycge-wXKLKp6p0wI23ARABIABg5QKCARdjYS1wdWItMjM5MzMyMDY0NTA1NTAyMsgBCeACAKgDAaoEqgJP0CWFjDmhVC_8l9BX00vuPBPGaIkDIomXF0L_htYUm3uNPb8emGWHiMVDHoZp-W9itKyXGwXZBZ8jk7mZLu5r09cOzo9irUswjCSLbgVYW281oj0jZ6mjQ47gHwL13rGZs76D3pcMvSm73FL6wIM-chJd_mJ9tHdwRkaxMnHPpY4T6a1U4lnNrRTWSzOyXILNUzJsr2Pldb6I8FgpMnLcgNcWq3cA28wXX6AmsLB_XSGKoO4EMHJCmfvDjcK6V25DznDtfZ-ICwWAYetzCpy5sLQll9l5xVwsn1NIgX76e2nwz0WGwPY__yDYWut-ZeaoQoAQqi4nHb3wj27racqlnNkCh3RzX0RM8JRGyazCatszeAiPN1aLUwfEcOCrb6XSFC0fvD9bBf7O4AQBgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25SPLZUfK91bB_buMrD78pmazFpw%26client%3Dca-pub-2393320645055022%26adurl%3D

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

45846a73cd8e7104566dc077dc84a32ba523fe106dca353042b09c1561bfcaa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 15:35:23 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=KcCHOcZxevsToQ9JctX-CrwaUGngwi7gHTLrtPRTzUurv1Hrmc1iMEC1nnikhki7zimd6SbEzI5z51kElWKkLQseVv0ghug7GRPgOG6sm9VhToCra0L-UE_bToTBdeRxq0WZ9KDm0XXzjf2ZZpU6NoWPEuLTakrwjeEufFXwLMsjcxLofCT1kkxo8HIUiPxo7x1kmi8qHiotp95UCLuICN-ciOwTbI4PHEEEi9S8Oe3ono_2UMpn04vdpHDJB3kmNLBEbg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 16061538
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame A8BC 3 KB
1 KB 95ms
87ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 08:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 08:14:43 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D88A 1 KB
643 B 109ms
78ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 26847
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 08:07:56 GMT
etag: 48472445140208031
expires: Fri, 07 Jul 2023 08:07:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame A8BC 20 KB
8 KB 96ms
71ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 08:14:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jul 2023 08:14:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A8BC 0
0 182ms
155ms Image
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT0fmRpYPutnkG52VHiMaicVXaW9f4dLnpCiIgWwyeX9SI6aXlM8-TY9vsoPNRwsC1lG1exp_S4snshXcgRKly_iunG8A
Requested by: Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A8BC 24 KB
6 KB 110ms
84ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 07:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 Jul 2024 07:19:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A8BC 179 KB
56 KB 796ms
211ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 15:35:23 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ Frame 1440 31 KB
24 KB 214ms
184ms Script
application/javascript 104.19.232.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1688657723085&ver1=2.2.3&qid=73533313f553633313f593630313&rnd=b0ps7am6rl1s&cid=1069
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-before_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=300&w=468
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.232.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02d5267190e72466ca3a4ce018b4d9dcbb65839812f366f22dbacaf2d3ef5ae7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 20:27:58 GMT
server: cloudflare
age: 3391
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7e28ead278d0370a-MIA
content-length: 24223
expires: Thu, 06 Jul 2023 17:35:23 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ Frame FF3C 31 KB
24 KB 216ms
186ms Script
application/javascript 104.19.232.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1688657723089&ver1=2.2.3&qid=73533313f553633313f593630313&rnd=z90gbfb4fu0s&cid=1069
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=blog.s.id&s=blog.s.id&adtg=protag-sidebar&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=600&w=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.232.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02d5267190e72466ca3a4ce018b4d9dcbb65839812f366f22dbacaf2d3ef5ae7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 20:27:58 GMT
server: cloudflare
age: 3391
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7e28ead278d2370a-MIA
content-length: 24223
expires: Thu, 06 Jul 2023 17:35:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 105ms
90ms Image
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230628&jk=1277613715358929&bg=!qqmlqf3NAAb90kgr3dI7ADkAdvg8WupT0pgO0pipN2Zt_ETl4HpGsb-cYtDjI9YmSP__z5eQE-QG9OdDu8YruITfXie-yM3btBcCAAADa1IAAAATaAEHCgDZYGYlZ_QfwNSIreri2amolOdPJ4_B8OyfjixpfZda--HZZh8LMrr4nXN9nDF6E0F7zxrISYCxrEv2Wxkf9cCoMD5oNGPVRLN11sEpbaIHw4nhgNyRI2uDFtx31q70MKMEO_g6QBQWsCjqESh3AW_iIjhAhDYBNbZ6nXkLPra8zSKHurX5Ns6jrAyeFZSTyusBBRFW5FEW2zAgpESBv2cnL6_Jr6mMClqB9JIYAZN7mWzQRWqsOF6MBV6S4ANKfmxdjPeYuhio1uUbPFqeOjVr8R1yPYaHxuAuaZkCrmAcJdC2E-n_YGqJ4RnmlxiY2NEceg2tgHwDtJvtmFoB_rxXDej_4H4Lf1RD9TiYs0MyvoliHEkYjvYBoS-4GZORJWKeVFzo9lM1Ac02NHrOjKv0JzlKkRF8RPEoQQtf4k4af-WursuAU1mNYjinT_GJRS8-aCvs-Q3UmNi6TsV8rN_RTNxwMYFJ-hd_imuC9BMzB8FNvyP0QgCxzO_dbeYZ3xYE_unwytmkTqqAkHjJsau39SNp3_oTYlrKlzx5OVzEbOY931GxNQPMzWAmwDbRHSmZQcJP5uX9cmPv13_2g9QW3Jz9rGQwwczwgmZLvlquJphe49dOLbBPYcmSvuHjj3IMr2ck4x6PwilCTPshGo60rsam29m0tG3utby5_35UzlspTJxUtqg4k7_QZIAxtRhVBLublq3OCIkERkf5bK3-dQTI2OHT9FqU72TDqI2f9xeBnEkfq_xARPsUpAeSJ5en_6_HM6s5vV19UELwno1Bf512Ws9WO1V0N2ev9or5smruG9CRPmt1ZO8_5jBDqa6M5zFxL6ZeUib5rkXhFunZgV0VD3HKtgxpL280toCBcHgNSanVqfEU78ml9Kby2QoAL5Gov7Qw4pbJ0pr4nscSL1X8qHK4iOsHuHjZaLoAZXKAiArhcwbUGmkG8i3lWVu61SYYFf1QTQVqIR52k1Zq0EoNfjVTY_hd0cOSy2xipXE_tTeYiSRaHzm_bLQ-beqruKZdoO0LQRuwoNuGu_O-ubO9StZ8sofMQv25qELqV3pTwHb7SQnq0XFIGLqJgh22h8NVn1-HvfGRS8V_Z-24sigIi8VfafTQQvh0es5LDuzUG2bdD68mCW9dGsM1KorH7eFNPIIYNiEtnbFASlDE0CsHRoE-1wV7ixIJy8JSznLarAU9bR7eZD78
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::2002 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame A8BC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a43a85671aa2a1213a227d35f431fda095d3cceea034518b415370b820591c96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D88A
Redirect Chain

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEK8-qgygqaF7w8-Wrt2iW2k&google_cver=1&google_push=AaAOQGFxn2nFZI3xPG-I7w-a5zv2Ek57oEPfqMRECMUCp05g_FgrJFFpguj397I7mFCikZ2vznXBGeTkTqljDczqQE...
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTU4NzY4MTQxMjA5MzMzMDQzNjE&google_push=AaAOQGFxn2nFZI3xPG-I7w-a5zv2Ek57oEPfqMRECMUCp05g_FgrJFFpguj397I7mFCikZ2vznXBGeTkTqljDczqQEtM...

170 B
188 B

104ms
103ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTU4NzY4MTQxMjA5MzMzMDQzNjE&google_push=AaAOQGFxn2nFZI3xPG-I7w-a5zv2Ek57oEPfqMRECMUCp05g_FgrJFFpguj397I7mFCikZ2vznXBGeTkTqljDczqQEtMdo93jmk

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTU4NzY4MTQxMjA5MzMzMDQzNjE&google_push=AaAOQGFxn2nFZI3xPG-I7w-a5zv2Ek57oEPfqMRECMUCp05g_FgrJFFpguj397I7mFCikZ2vznXBGeTkTqljDczqQEtMdo93jmk
Date: Thu, 06 Jul 2023 15:35:23 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D88A
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELP08C3KGdppqh63gQIJLMc&google_cver=1&google_push=AaAOQGFgTtZ_38RJLUQecJH0b-Sf9eGueUlGRveEy6LTNqk6UnGiWVhgyyTQxhAl8-ObDoRwfnenjVgI-kMJAraZ...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=ed909fb1&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AaAOQGFgTtZ_38RJLUQecJH0b-Sf9eGueUlGRveEy6LTNqk6...

170 B
188 B

104ms
88ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=ed909fb1&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AaAOQGFgTtZ_38RJLUQecJH0b-Sf9eGueUlGRveEy6LTNqk6UnGiWVhgyyTQxhAl8-ObDoRwfnenjVgI-kMJAraZVUjI-NMzDkk

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 06 Jul 2023 15:35:23 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=ed909fb1&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AaAOQGFgTtZ_38RJLUQecJH0b-Sf9eGueUlGRveEy6LTNqk6UnGiWVhgyyTQxhAl8-ObDoRwfnenjVgI-kMJAraZVUjI-NMzDkk
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: XrO7VLoW_BBo8DjDGrv3SBJ6udvfSs3wVbSgTXpS8DZJzVzWmfcdpA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D88A
Redirect Chain

https://google.partners.tremorhub.com/sync?UIDF=CAESEKQX_xrybw1cs3lIX81hV80&google_cver=1&google_push=AaAOQGEmBXxP0olTSjp1EWbyMRrIcV-F60mcjm8cBpqfyK-rTbUuPz8V-lit1U1lqFPPkxH9UN3-K3RKi2vNmK6UwwzwBk7...
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=Y2Y2YzJlMzU0ZTU2NGE0OTk2NjYxOWRjMWE5NTJkZTQ%3D&UIDF=CAESEKQX_xrybw1cs3lIX81hV80&google_cver=1&google_push=AaAOQGEmBXxP0olTSjp1EWbyMRrI...

170 B
188 B

88ms
86ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=Y2Y2YzJlMzU0ZTU2NGE0OTk2NjYxOWRjMWE5NTJkZTQ%3D&UIDF=CAESEKQX_xrybw1cs3lIX81hV80&google_cver=1&google_push=AaAOQGEmBXxP0olTSjp1EWbyMRrIcV-F60mcjm8cBpqfyK-rTbUuPz8V-lit1U1lqFPPkxH9UN3-K3RKi2vNmK6UwwzwBk7NAq6o

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=Y2Y2YzJlMzU0ZTU2NGE0OTk2NjYxOWRjMWE5NTJkZTQ%3D&UIDF=CAESEKQX_xrybw1cs3lIX81hV80&google_cver=1&google_push=AaAOQGEmBXxP0olTSjp1EWbyMRrIcV-F60mcjm8cBpqfyK-rTbUuPz8V-lit1U1lqFPPkxH9UN3-K3RKi2vNmK6UwwzwBk7NAq6o
date: Thu, 06 Jul 2023 15:35:23 GMT
server: nginx
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D88A
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEOyMZE9zA692dBfpZPCn-jw&google_cver=1&google_push=AaAOQGHMZ7ALlIfkfv3CwYH7iJe8p-lh09V8zTt03Bjj3wma40D_kSAIJ76aYAUR6sFukBO4Tg24hAbtxjjITS4RO9Eof81R2fc
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AaAOQGHMZ7ALlIfkfv3CwYH7iJe8p-lh09V8zTt03Bjj3wma40D_kSAIJ76aYAUR6sFukBO4Tg24hAbtxjjITS4RO9Eof81R2fc&google_hm=Z2YwMTIxOGQ5NTQyZGMzM...

170 B
188 B

113ms
102ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AaAOQGHMZ7ALlIfkfv3CwYH7iJe8p-lh09V8zTt03Bjj3wma40D_kSAIJ76aYAUR6sFukBO4Tg24hAbtxjjITS4RO9Eof81R2fc&google_hm=Z2YwMTIxOGQ5NTQyZGMzMjM5MDM=

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:23 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AaAOQGHMZ7ALlIfkfv3CwYH7iJe8p-lh09V8zTt03Bjj3wma40D_kSAIJ76aYAUR6sFukBO4Tg24hAbtxjjITS4RO9Eof81R2fc&google_hm=Z2YwMTIxOGQ5NTQyZGMzMjM5MDM=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D88A
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESECnpSC_P9Xz2t4aG8twhzxA&google_cver=1&google_push=AaAOQGGzOAReANVB39C5HTye_eAgMGPFpa2pVO5feI3MRPGmRiiUqsBKIgk4jTJj0p...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGGzOAReANVB39C5HTye_eAgMGPFpa2pVO5feI3MRPGmRiiUqsBKIgk4jTJj0phHjgGs7UMwZeiaDRMyRVKbCmhTGCfEi2SeBg&google_hm=e...

170 B
188 B

87ms
85ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGGzOAReANVB39C5HTye_eAgMGPFpa2pVO5feI3MRPGmRiiUqsBKIgk4jTJj0phHjgGs7UMwZeiaDRMyRVKbCmhTGCfEi2SeBg&google_hm=ePnXNY-FRaq7-bDocPNmYkY

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:22 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGGzOAReANVB39C5HTye_eAgMGPFpa2pVO5feI3MRPGmRiiUqsBKIgk4jTJj0phHjgGs7UMwZeiaDRMyRVKbCmhTGCfEi2SeBg&google_hm=ePnXNY-FRaq7-bDocPNmYkY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D88A
Redirect Chain

https://beacon.lynx.cognitivlabs.com/adx.gif?google_gid=CAESEMKXjsp9mhGlpF0X3Yn1SII&google_cver=1&google_push=AaAOQGGz7P1mxloBK1P1fKGEVVV-Xpcit9n94N1wZ1YExkQK4dqMlrOo99-K3GpeBfhBcepj6ZrYfYFu0u7Vodc...
https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=fP0j7RwiQEK64DlY8SXALw&google_push=AaAOQGGz7P1mxloBK1P1fKGEVVV-Xpcit9n94N1wZ1YExkQK4dqMlrOo99-K3GpeBfhBcepj6ZrYfYFu0u7VodcS-x5xylZtG...

170 B
188 B

133ms
125ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=fP0j7RwiQEK64DlY8SXALw&google_push=AaAOQGGz7P1mxloBK1P1fKGEVVV-Xpcit9n94N1wZ1YExkQK4dqMlrOo99-K3GpeBfhBcepj6ZrYfYFu0u7VodcS-x5xylZtGTDXTw

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=fP0j7RwiQEK64DlY8SXALw&google_push=AaAOQGGz7P1mxloBK1P1fKGEVVV-Xpcit9n94N1wZ1YExkQK4dqMlrOo99-K3GpeBfhBcepj6ZrYfYFu0u7VodcS-x5xylZtGTDXTw
Date: Thu, 06 Jul 2023 15:35:23 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame D88A
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIBfbJrZY5UsK-5_NLfwip4&google_cver=1&google_push=AaAOQGGuCTQuyZtN80QPOX1sYwsjQv3JCzFu093rt2U4UyHxa-Q5flkK1HE9kUcSUOKVWMLXtDegVIftg5k...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGuCTQuyZtN80QPOX1sYwsjQv3JCzFu093rt2U4UyHxa-Q5flkK1HE9kUcSUOKVWMLXtDegVIftg5kLODIK5SZ3yZsfKriBaQ
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

83ms
79ms

Image
text/plain

51.222.39.184
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.222.39.184 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip184.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D88A 0
60 B 90ms
84ms Image
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LUqqd5cgPxHt1JbOb9dDqXaG93LgzyJP3n5elfQ8strlZ8zYEXSRCP-OxDfurv3kiHky0vYClz

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6C00 1 KB
643 B 94ms
72ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 26847
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 08:07:56 GMT
etag: 48472445140208031
expires: Fri, 07 Jul 2023 08:07:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 vbl.gif
pre.glotgrx.com/ Frame 1440 26 B
233 B 640ms
58ms Image
image/gif 2606:4700::6811:6bd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1688657723691&rnd=b0ps7am6rl1s&ifm=2&uai=2&cid=1069&s=blog.s.id&p=blog.s.id&x=4404325371&adtg=protag-before_content&ats=0&atf=&nsi=&si=&nci=2101210293&nai=4404325371&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6bd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:24 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 20:27:50 GMT
server: cloudflare
age: 3572
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7e28ead98be709e2-MIA
content-length: 26
expires: Thu, 06 Jul 2023 17:35:24 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ Frame 1440 26 B
87 B 641ms
59ms Image
image/gif 2606:4700::6811:6bd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1688657723503889&ver=1.2r81&qid=73533313f553633313f593630313&p=blog.s.id&s=blog.s.id&x=4404325371&cid=1069&od1=&od2=&adtg=protag-before_content&nci=2101210293&nai=4404325371&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=b0ps7am6rl1s&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&w=468&h=300&lat=&lon=&ci=&1=61d349fd18acfe32bfbe6dca5b35b1db&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=3&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1069&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=162&icp=https%253A//blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_sourcefl_eq1069home_sidfl_np1069utm_mediumfl_eq1069redirect&irfl=22&irf=https%253A//home.s.id/&cty=4&fcs=1&flky=ver-fl-6-qid-fl-28-p-fl-9-s-fl-9-x-fl-10-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-21-nci-fl-10-nai-fl-10-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-w-fl-3-h-fl-3-lat-fl-0-lon-fl-0-ci-fl-0-&spfp=0&spfnp=0&sp1=Chromefl_andWindows&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1x1&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_9_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6bd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:24 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 20:27:50 GMT
server: cloudflare
age: 6813
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7e28ead98be909e2-MIA
content-length: 26
expires: Thu, 06 Jul 2023 17:35:24 GMT

GET
H2 200 vbl.gif
pre.glotgrx.com/ Frame FF3C 26 B
83 B 488ms
68ms Image
image/gif 2606:4700::6811:6bd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1688657723919&rnd=z90gbfb4fu0s&ifm=2&uai=2&cid=1069&s=blog.s.id&p=blog.s.id&x=4404325371&adtg=protag-sidebar&ats=0&atf=&nsi=&si=&nci=2101210293&nai=4404325371&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6bd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:24 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 20:27:50 GMT
server: cloudflare
age: 3572
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7e28ead98bea09e2-MIA
content-length: 26
expires: Thu, 06 Jul 2023 17:35:24 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ Frame FF3C 26 B
83 B 486ms
67ms Image
image/gif 2606:4700::6811:6bd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1688657723811167&ver=1.2r81&qid=73533313f553633313f593630313&p=blog.s.id&s=blog.s.id&x=4404325371&cid=1069&od1=&od2=&adtg=protag-sidebar&nci=2101210293&nai=4404325371&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=z90gbfb4fu0s&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&w=300&h=600&lat=&lon=&ci=&1=61d349fd18acfe32bfbe6dca5b35b1db&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=3&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1069&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=162&icp=https%253A//blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%253Futm_sourcefl_eq1069home_sidfl_np1069utm_mediumfl_eq1069redirect&irfl=22&irf=https%253A//home.s.id/&cty=4&fcs=1&flky=ver-fl-6-qid-fl-28-p-fl-9-s-fl-9-x-fl-10-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-14-nci-fl-10-nai-fl-10-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-w-fl-3-h-fl-3-lat-fl-0-lon-fl-0-ci-fl-0-&spfp=0&spfnp=0&sp1=Chromefl_andWindows&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1x1&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_9_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=146
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6bd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:24 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 20:27:50 GMT
server: cloudflare
age: 6813
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7e28ead98beb09e2-MIA
content-length: 26
expires: Thu, 06 Jul 2023 17:35:24 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A39D 2 KB
1 KB 76ms
59ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZKbfOgAB_1YIaADBAAjBG0_RAF8aEI1TCXSZug&u=%7CKw3QQ%2FZCgKmQUJ0R10zLZbZikwuf6JVXPhFKSeYAjY8%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPbZQiC09DurE4-msKdnZ_GSrugYFoQQeHSQaopmNCJUXCpMGPMnZLGIdKXjBgUnFsca87EsApHJEOIlBzgHoEy99IRkzBhnBoTr1J-r66Xiynip5MG9sloMceCQ-FG7xJIvoFo0dm6xhn9-Twf7hTSPMVjcT3szVvqDuIUHMOQJt2QWpsgOFUkWUJbaTC0pdnopUaJoPy5Ib3ahbMxiHwA1HWeq1dqNNesGdXtQsmLYNCCNvAiACz52dCzWEt52R7xJEwinFdlhQKkrTOvjAzKT0qTFooOOEr4k2JuEIyGKysFZAsdBUQJtuKE9sSnj8RRRKQgjhTr746kGnEbQWAxdYQ0F44y6qQW6YRsL6VtUr8Uo3G8rdwzXkZvo5Jg6tlXHw0TbYGTDWN4pK4tBkoeu1bO84YmvNZlU0P45k92qS4dJri9I5kMbliM4yTPppyV64Gw7hbKUyswp6cJ8hX2CAitvHsDlMXBpYeut8kk9EfjPY9i0R8SBYva7lSi8N8eus9IgTPh32Z2WZn46_aOeTMEOkOI1r9tlL4KvmLLq3kIWsGtwYG8Xozf82aFQvcpRd92i2OWPeWUm3U_XYiWsx_lBXZQTdVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCdy7Ot-mZNb-B8GBoPMPm4KjkAycge-wXKLKp6p0wI23ARABIABg5QKCARdjYS1wdWItMjM5MzMyMDY0NTA1NTAyMsgBCeACAKgDAaoEqgJP0CWFjDmhVC_8l9BX00vuPBPGaIkDIomXF0L_htYUm3uNPb8emGWHiMVDHoZp-W9itKyXGwXZBZ8jk7mZLu5r09cOzo9irUswjCSLbgVYW281oj0jZ6mjQ47gHwL13rGZs76D3pcMvSm73FL6wIM-chJd_mJ9tHdwRkaxMnHPpY4T6a1U4lnNrRTWSzOyXILNUzJsr2Pldb6I8FgpMnLcgNcWq3cA28wXX6AmsLB_XSGKoO4EMHJCmfvDjcK6V25DznDtfZ-ICwWAYetzCpy5sLQll9l5xVwsn1NIgX76e2nwz0WGwPY__yDYWut-ZeaoQoAQqi4nHb3wj27racqlnNkCh3RzX0RM8JRGyazCatszeAiPN1aLUwfEcOCrb6XSFC0fvD9bBf7O4AQBgAbJx_363fjukhegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_25SPLZUfK91bB_buMrD78pmazFpw%26client%3Dca-pub-2393320645055022%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 30 Jun 2024 15:35:24 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame A39D 2 KB
1 KB 75ms
58ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 30 Jun 2024 15:35:24 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A39D 308 B
636 B 113ms
51ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 30 Jun 2024 15:35:24 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame A39D 293 B
621 B 114ms
52ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 30 Jun 2024 15:35:24 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame A39D 43 B
348 B 395ms
57ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=5ifCRo3VGyeDUJuOqpQFvHa19lCl9LB9SGiP8Svr8fhSn10blrhty8zDXNjmKznIFUY-vKIziUaXkDEHHvyGMV7CyP3X8Xpt9v4-SbjesY-U9xgofX3QEzSQOymmuDz5FN7VuDCXyFlyWbiEweizq-OC_JD0Nz3tgSPYfOuMrprUOJBNNT6QuWvJsK-xryM-DZ7LtotmbmGvcua9oqbbNwWtgGYRHqISSymR57geTFGpK5Dkhp6UtsOErwqxFjg7ln3do53r5Floogk2y0f03S2mnwaCltcXuOoWV5Lr55REJ7UuYGpwT6wfUYGYbJwQezwjzT2fHqeuE56_liFuSs6WW1kjs_M6iXD1vy-dTxvz1VhV4KKPyVlCRc_FvZ7a0jVAQawT5sBLscUdvj9bt1Vzuwohbn9DYYq4ozkLM_N58swv

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 5014217
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C00
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEFh1n5jd6p9qq5hYHjsRKMQ&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Mzc2ZDRmODgtYjAyZS00ZTc5LWIwOTMtNDcwOTBmMzU4MmNh&google_gid=CAESEFh1n5jd6p9qq5hYHjsRKMQ&google_cver=1&google_push=AaAOQGHj...

170 B
188 B

97ms
80ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Mzc2ZDRmODgtYjAyZS00ZTc5LWIwOTMtNDcwOTBmMzU4MmNh&google_gid=CAESEFh1n5jd6p9qq5hYHjsRKMQ&google_cver=1&google_push=AaAOQGHjEs2OUQSYSEMPngV_Mv7zjwzHKJcQGy9IzgreS4t4vDZ0yv06_gBcLaFXsBb8WrSoURFs8tiU_yY3gAWJrHrxKigcOVs

Protocol

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Mzc2ZDRmODgtYjAyZS00ZTc5LWIwOTMtNDcwOTBmMzU4MmNh&google_gid=CAESEFh1n5jd6p9qq5hYHjsRKMQ&google_cver=1&google_push=AaAOQGHjEs2OUQSYSEMPngV_Mv7zjwzHKJcQGy9IzgreS4t4vDZ0yv06_gBcLaFXsBb8WrSoURFs8tiU_yY3gAWJrHrxKigcOVs
date: Thu, 06 Jul 2023 15:35:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 6C00
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-je6IRXdgVJ5cA-25tmJuMvl4PJPzFcq2Cv2mJg&google_push=PUSH_DATA
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

43 B
368 B

57ms
56ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 86061
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C00
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAMNd0ygBwWPEAMmN7ZQqBU&google_cver=1&google_push=AaAOQGHx-FNpc8B5vp2sUH4C-SrltEj9dP0Ft4bTcjT6V6YcTspqi4AyqCQ40bNTV-Nb9xR4VSb...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpSQjdKQ1QtMUotNllaVQ==&google_push=AaAOQGHx-FNpc8B5vp2sUH4C-SrltEj9dP0Ft4bTcjT6V6YcTspqi4AyqCQ40bNTV-Nb9xR4VSbNB5pJu46f5QGpwkvUEkbITpE

170 B
188 B

87ms
85ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpSQjdKQ1QtMUotNllaVQ==&google_push=AaAOQGHx-FNpc8B5vp2sUH4C-SrltEj9dP0Ft4bTcjT6V6YcTspqi4AyqCQ40bNTV-Nb9xR4VSbNB5pJu46f5QGpwkvUEkbITpE

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpSQjdKQ1QtMUotNllaVQ==&google_push=AaAOQGHx-FNpc8B5vp2sUH4C-SrltEj9dP0Ft4bTcjT6V6YcTspqi4AyqCQ40bNTV-Nb9xR4VSbNB5pJu46f5QGpwkvUEkbITpE
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 2fcb300b847bad3e7dd1184ec8a1c2f5
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C00
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH-tSbIcX0Rtm2BhuuZRf9U&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEH-tSbIcX0Rtm2BhuuZRf9U&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH-tSbIcX0Rtm2BhuuZRf9U&google_hm=ZKbfPFdUbEP1nPqs59EgOgAABTAAAAIB&google_nid=index&google_push=AaAOQGGZ0h0B1CId1N66ow3dacjTz-eJcw0Ek...

170 B
188 B

83ms
79ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH-tSbIcX0Rtm2BhuuZRf9U&google_hm=ZKbfPFdUbEP1nPqs59EgOgAABTAAAAIB&google_nid=index&google_push=AaAOQGGZ0h0B1CId1N66ow3dacjTz-eJcw0EkAB9CoMiGc9fHLBgxEc4-EqwE3xNuPky1IW8iZV_qol1NSYpks5S2ps4NuWhaF4

Protocol

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 15:35:24 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH-tSbIcX0Rtm2BhuuZRf9U&google_hm=ZKbfPFdUbEP1nPqs59EgOgAABTAAAAIB&google_nid=index&google_push=AaAOQGGZ0h0B1CId1N66ow3dacjTz-eJcw0EkAB9CoMiGc9fHLBgxEc4-EqwE3xNuPky1IW8iZV_qol1NSYpks5S2ps4NuWhaF4
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C00
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMoKT8dt9c6fE6aeMfRq4_w&google_cver=1&google_push=AaAOQGHATXsJ9RGWMYmJBDkzeb-5sFR8n1fW7WsDCy-PL3aMaXUx5tRZOlHbOLryJN7ekQ4l4c...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FcWsxM2t0RTJ1R19jWkxfaURLQ1BmSjRlcWNfNGFsQn5B&google_push=AaAOQGHATXsJ9RGWMYmJBDkzeb-5sFR8n1fW7WsDCy-PL3aMaXUx5tRZO...

170 B
188 B

89ms
77ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FcWsxM2t0RTJ1R19jWkxfaURLQ1BmSjRlcWNfNGFsQn5B&google_push=AaAOQGHATXsJ9RGWMYmJBDkzeb-5sFR8n1fW7WsDCy-PL3aMaXUx5tRZOlHbOLryJN7ekQ4l4cddULCBzy8-80S70EhPRkS5LSyl

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FcWsxM2t0RTJ1R19jWkxfaURLQ1BmSjRlcWNfNGFsQn5B&google_push=AaAOQGHATXsJ9RGWMYmJBDkzeb-5sFR8n1fW7WsDCy-PL3aMaXUx5tRZOlHbOLryJN7ekQ4l4cddULCBzy8-80S70EhPRkS5LSyl
date: Thu, 06 Jul 2023 15:35:24 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 6C00
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIBfbJrZY5UsK-5_NLfwip4&google_cver=1&google_push=AaAOQGFLgj5Rz9XRTZvEnGeR30NtQF2hgdyYEl1si8n_SfVpnS3z2fFrxoz32T8WIwa4AkbbirXe3u-Ernv...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGFLgj5Rz9XRTZvEnGeR30NtQF2hgdyYEl1si8n_SfVpnS3z2fFrxoz32T8WIwa4AkbbirXe3u-ErnvN9S0wJ74Pmphj-MWF
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

86ms
68ms

Image
text/plain

51.222.39.184
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.222.39.184 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip184.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C00
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEOs3FIq0C6zZEgjw3CA0-Yc&google_cver=1&google_push=AaAOQGFDc6tCBOgbWLJISkL3Y4WoGAzh0SiU8giKybdRfq93xXk9faoynLTJcM7mpF9XzbNvFfDE5mz2bRwN19PaCb1mfgdtRM2A
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AaAOQGFDc6tCBOgbWLJISkL3Y4WoGAzh0SiU8giKybdRfq93xXk9faoynLTJcM7mpF9XzbNvFfDE5mz2bRwN19PaCb1mfgdtRM2A&google_hm=2fcba4773d0973...

170 B
188 B

87ms
85ms

Image
image/png

142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AaAOQGFDc6tCBOgbWLJISkL3Y4WoGAzh0SiU8giKybdRfq93xXk9faoynLTJcM7mpF9XzbNvFfDE5mz2bRwN19PaCb1mfgdtRM2A&google_hm=2fcba4773d0973ecc365482b6f6a7916

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AaAOQGFDc6tCBOgbWLJISkL3Y4WoGAzh0SiU8giKybdRfq93xXk9faoynLTJcM7mpF9XzbNvFfDE5mz2bRwN19PaCb1mfgdtRM2A&google_hm=2fcba4773d0973ecc365482b6f6a7916
date: Thu, 06 Jul 2023 15:35:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6C00 0
12 B 114ms
89ms Image
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JxNkSfP1fKv6rD3ETdTbLFdfQbF0J0xQczgk90Ki5M_vNlEubKapzokVJz-1L385XLUQNL8oBY

Requested by

Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame A39D 12 KB
6 KB 67ms
64ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 30 Jun 2024 15:35:24 GMT

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 44F0 0
0 160ms
82ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.09795541328574364
Requested by: Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:24 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
DATA 200
OK truncated
/ Frame 44F0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58c8ad05ba1577c827e8af29036aa1f98b9e0179adf239c8843d1f0f246a049d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 44F0 15 KB
15 KB 68ms
66ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 10:25:13 GMT
x-content-type-options: nosniff
age: 191411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jul 2024 10:25:13 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 44F0 15 KB
16 KB 72ms
70ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:55:38 GMT
x-content-type-options: nosniff
age: 466786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 05:55:38 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame A39D 169 KB
170 KB 557ms
128ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?m=0&partner=52383&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F52383%2F4774029%2F19619d59e0614046b0e973faeebefb1a_1861.jpg&v=3&s=iK5Fjm_W-Kmf79SCL6lU8Jjj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b2b6d0cd1c8508b645d3a745731641564c941db3c7e8dff55a6fdbfc9e036a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 173358
expires: Sat, 01 Jun 2024 17:02:46 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame A39D 16 KB
16 KB 533ms
105ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=172&m=0&partner=52383&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F52383%2F4774029%2Fd776ec11ea57494ba0020202cc6e56d5_black_logo_600.png&v=3&w=512&s=vYfr7Zv5NqqRhq8alkbpr1vg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

348ae6c59546908968bfa9630eff57eb5d00ae49dff5d85a41af130c9fa8f763

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 15908
expires: Sat, 01 Jun 2024 17:02:46 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame A39D 0
128 B 469ms
57ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=KcCHOcZxevsToQ9JctX-CrwaUGngwi7gHTLrtPRTzUurv1Hrmc1iMEC1nnikhki7zimd6SbEzI5z51kElWKkLQseVv0ghug7GRPgOG6sm9VhToCra0L-UE_bToTBdeRxq0WZ9KDm0XXzjf2ZZpU6NoWPEuLTakrwjeEufFXwLMsjcxLofCT1kkxo8HIUiPxo7x1kmi8qHiotp95UCLuICN-ciOwTbI4PHEEEi9S8Oe3ono_2UMpn04vdpHDJB3kmNLBEbg&sds=2&rev=87360&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 06 Jul 2023 15:35:25 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A39D 2 KB
1 KB 69ms
61ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 30 Jun 2024 15:35:24 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A39D 2 KB
1 KB 68ms
59ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 30 Jun 2024 15:35:24 GMT

POST
H2 204 rtimp
g.bidbrain.app/ Frame 44F0 0
181 B 73ms
72ms Ping
text/plain 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=b858fe3c-1c12-11ee-9ee3-f2f404a1948a&d=blog.s.id&cr=ext_gen2_v10_start_sec7__3&gid=CAESECTSp5DLIGr5fvPE729rD7Q&a=load&p=ZKbfOgAB_1MIaADBAAjBGzWA1ZpiYbyJj02woQ&r=417016561&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:24 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

POST
H2 204 rtimp
g.bidbrain.app/ Frame 44F0 0
129 B 86ms
75ms Ping
text/plain 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=b858fe3c-1c12-11ee-9ee3-f2f404a1948a&d=blog.s.id&cr=ext_gen2_v10_start_sec7__3&gid=CAESECTSp5DLIGr5fvPE729rD7Q&a=vw_100&p=ZKbfOgAB_1MIaADBAAjBGzWA1ZpiYbyJj02woQ&r=417016561&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by: Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:24 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 44F0 0
0 79ms
72ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.7308891443805261
Requested by: Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:24 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 44F0 0
0 86ms
76ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.11893877223066673
Requested by: Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:25 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 204 ev
g.bidbrain.app/rt/ Frame 44F0 0
0 76ms
74ms Fetch 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rt/ev?ka=0.6688594884826304
Requested by: Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:25 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

POST
H3 204 rtimp
g.bidbrain.app/ Frame 44F0 0
18 B 76ms
75ms Ping
text/plain 34.102.128.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp?sid=b858fe3c-1c12-11ee-9ee3-f2f404a1948a&d=blog.s.id&cr=ext_gen2_v10_start_sec7__3&gid=CAESECTSp5DLIGr5fvPE729rD7Q&a=ev_prf&p=ZKbfOgAB_1MIaADBAAjBGzWA1ZpiYbyJj02woQ&r=417016561&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1&ps=%5B%22308.30%22%2C%22275.90%22%2C%2291.30%22%2C%2282.80%22%5D
Requested by: Host: 7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.128.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 115.128.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:25 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A8BC 42 B
64 B 90ms
90ms Fetch
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsup4v7cqeaQ3pFfMsotgl6M7EmYhnJyykugNndsK3hNxci1jFb0HP_ucetirDxuPIdJW8RcVv66wG8IIGp93zKRs7c&sig=Cg0ArKJSzP_KuYkilUbtEAE&id=lidar2&mcvt=1009&p=286,1086,886,1386&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=182523439&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688657722921&rpt=1541&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 44F0 42 B
64 B 113ms
104ms Fetch
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssABfHDNhBQkPNjjDb4fxQ4uvezSCu0UiyjTkPq6LQ5BekGa9F0JC67_PcVBMKrSy2Ld9LZH5xDrp_004YzvoK9sL-y&sig=Cg0ArKJSzNf9PTXM1C3qEAE&id=lidar2&mcvt=1000&p=414,426,714,894&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2238348835&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688657722876&rpt=1421&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 15:35:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame A39D 0
127 B 58ms
57ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 06 Jul 2023 15:35:25 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 83ms
83ms Script
application/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blog.s.id

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
653 B 543ms
543ms Fetch
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

650bc773d3c858eba39404ca1e085a8875101979f37ebe9b82190dac459fe92d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 623
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blog.s.id
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/ 37 KB
13 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d6256c00ec47909aed0ff141dc3ade34b82dc1eaa57922edaa443409d0f768a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog.s.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 14:16:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4766
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13151
x-xss-protection: 0
server: cafe
etag: 13663737688922070526
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 05 Jul 2024 14:16:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sdotid.zendesk.com
URL: https://sdotid.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088

Domain: sdotid.zendesk.com
URL: https://sdotid.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je36s0&_p=773512382&cid=647534918.1688657718&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1688657717&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=scroll&epn.percent_scrolled=90&_et=50

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je36s0&_p=773512382&cid=647534918.1688657718&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1688657717&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=user_engagement&_et=1475

Domain: analytics.google.com
URL: https://analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je36s0&_p=773512382&cid=647534918.1688657718&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1688657717&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=scroll&epn.percent_scrolled=90&_et=44

Domain: analytics.google.com
URL: https://analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je36s0&_p=773512382&cid=647534918.1688657718&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1688657717&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=user_engagement&_et=1473

Domain: home.s.id
URL: https://home.s.id/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.s.id/	1970-01-20 15:13:53	Name: _gcl_au Value: 1.1.2074861385.1688657718
.s.id/	1970-01-20 15:13:53	Name: _fbp Value: fb.1.1688657717989.2065530174
.s.id/	1970-01-20 13:05:44	Name: _gid Value: GA1.2.1565088666.1688657718
.s.id/	1970-01-20 13:04:17	Name: _gat_gtag_UA_225238330_2 Value: 1
.s.id/	1970-01-20 22:40:17	Name: _ga_LJQ0V44EV5 Value: GS1.1.1688657717.1.0.1688657719.0.0.0
.s.id/	1970-01-20 22:40:17	Name: _ga_98MWVCBDD7 Value: GS1.1.1688657717.1.0.1688657719.58.0.0
.s.id/	1970-01-20 22:40:17	Name: _ga_GJLS9JMJCK Value: GS1.1.1688657721.1.0.1688657721.0.0.0
.s.id/	1970-01-20 22:40:17	Name: _ga Value: GA1.1.647534918.1688657718
.s.id/	1970-01-20 22:40:17	Name: _ga_LBWQJM5WLF Value: GS1.1.1688657721.1.0.1688657721.60.0.0
.doubleclick.net/	1970-01-20 22:40:17	Name: IDE Value: AHWqTUlEA5filXIm389HG-7gd6v8uUoBsMMsJlS8kFHwkLzhDBsyrsY2xO_OjHilNuY
.s.id/	1970-01-20 22:25:53	Name: __gads Value: ID=5e59c32ed25ecc6d-22ee3f3d91e20037:T=1688657721:RT=1688657721:S=ALNI_MaZyRbttFo78FKlwGUnAFLtRg2MAg
.s.id/	1970-01-20 22:25:53	Name: __gpi Value: UID=00000ca0c0a280b6:T=1688657721:RT=1688657721:S=ALNI_MZAQCF0969RtZefh0o8bXXIq_ZQdg
.s.id/	1970-01-20 13:04:17	Name: lotame_domain_check Value: s.id
.openx.net/	1970-01-20 21:49:53	Name: i Value: f79be4ed-76d8-46f6-80fa-80a128eb25cb\|1688657722
.criteo.com/	1970-01-20 22:25:53	Name: uid Value: b3964b2a-b6e3-4f1f-aac2-3fb81f9a91ef
.crwdcntrl.net/	1970-01-20 19:33:03	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 19:33:03	Name: _cc_id Value: ad750fe63145ad44f16759879be274e
.s.id/	1970-01-20 19:33:05	Name: _cc_id Value: ad750fe63145ad44f16759879be274e
.s.id/	1970-01-20 13:05:44	Name: panoramaId_expiry Value: 1688744122569
.openx.net/	1970-01-20 13:25:53	Name: pd Value: v2\|1688657722\|vMgavPkWgy
.s.id/	1970-01-20 22:25:53	Name: cto_bundle Value: 9zLU9V9OUlNaNndMaG5iNEg1WFp0UTZhMXhSWHBpTmcxaVl2cGpkUnR5ZXNrSk8lMkZBSjVUQ2Z0TmFkVktKMkV5aUd0bkZ2T0VBakFMcnJjTXE5UldRcU5BdFhNaWx1NGowZXp6czRuWUM1NlNCZkRWd3JmUVFzODZCM3E4Y3Z2NjY1RU4zd0tBSjFsWnpmR2oyJTJCTGxBcmVFdUlRJTNEJTNE
.adsrvr.org/	1970-01-20 21:51:20	Name: TDID Value: cc270e8e-7f5a-409b-9b0d-4ba00d77f91f
.yahoo.com/	1970-01-20 21:50:15	Name: A3 Value: d=AQABBDvfpmQCEG8AJmFsdHY8Zqc45CC0G2sFEgEBAQEwqGSwZAAAAAAA_eMAAA&S=AQAAAo9QY5TFORyC5OLAsjs1JSM
.bidbrain.app/	1970-01-20 22:40:17	Name: uid_cross Value: b8f4375c-1c12-11ee-be72-c28dc7bbd994
.bidbrain.app/	1970-01-20 13:04:24	Name: sid_cross Value: b858fe3c-1c12-11ee-9ee3-f2f404a1948a
.adsrvr.org/	1970-01-20 21:51:20	Name: TDCPM Value: CAEYBSABKAIyCwj0x6yDq5D_OxAFOAE.
.openx.net/	1970-01-20 13:25:53	Name: univ_id Value: 537072971\|cc270e8e-7f5a-409b-9b0d-4ba00d77f91f\|1688657723457220
.amazon-adsystem.com/	1970-01-20 19:33:05	Name: ad-id Value: A7W6c-zVnkrIhzWJh5RPFyA
.amazon-adsystem.com/	1970-01-20 22:40:17	Name: ad-privacy Value: 0
.adkernel.com/	1970-01-20 13:24:27	Name: ADK_EX_11 Value: 1
.adkernel.com/	1970-01-20 13:47:29	Name: ADKUID Value: A5876814120933304361
.smaato.net/	1970-01-20 13:34:32	Name: SCM Value: ed909fb1
.smaato.net/	1970-01-20 13:19:24	Name: SCMg Value: ed909fb1
.tremorhub.com/	1970-01-20 21:50:14	Name: tvid Value: cf6c2e354e564a49966619dc1a952de4
.tremorhub.com/	1970-01-20 22:40:17	Name: tv_UIDF Value: CAESEKQX_xrybw1cs3lIX81hV80
.tremorhub.com/	1970-01-20 13:11:29	Name: tvssa Value: 1688657723693
.ctnsnet.com/	1970-01-20 21:49:53	Name: cid_78f9d7358f8545aabbf9b0e870f36662 Value: 1
.ctnsnet.com/	1970-01-20 21:49:53	Name: gid_CAESECnpSC_P9Xz2t4aG8twhzxA Value: 1
beacon.lynx.cognitivlabs.com/	1970-01-20 21:51:20	Name: UID Value: ed23fd7c-221c-4240-bae0-3958f125c02f
beacon.lynx.cognitivlabs.com/	1970-01-20 21:51:20	Name: ss Value: %2B35ER4E%2B3rftMuqDVhTkuxai4i9si4l9EXHRl3%2B0TN%2FquZVmAv1tYzyiBUyQUpUNKb2Q9MDl9Bl8Fhi%2FeX4WuQ%3D%3D
.yieldmo.com/	1970-01-20 21:49:53	Name: yieldmo_id Value: gf01218d9542dc323903%7C1688657723768%7C0%7C
.analytics.yahoo.com/	1970-01-20 21:49:53	Name: IDSYNC Value: 18yx~2cmf
.casalemedia.com/	1970-01-20 21:49:53	Name: CMID Value: ZKbfPFdUbEP1nPqs59EgOgAA
.casalemedia.com/	1970-01-20 15:13:53	Name: CMPS Value: 1328
.casalemedia.com/	1970-01-20 15:13:53	Name: CMPRO Value: 1328
.mediago.io/	1970-01-20 21:49:53	Name: __mguid_ Value: 2fcba4773d0973ecc365482b6f6a7916
.inmobi.com/	1970-01-20 15:13:53	Name: idsp_c Value: 376d4f88-b02e-4e79-b093-47090f3582ca

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://app.s.id/api/user/me Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://shortener.zendesk.com/embeddable/config Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7b215e5dbcb5815869455ed782bd5be6.safeframe.googlesyndication.com
ads.us.criteo.com
ads.yieldmo.com
adservice.google.com
analytics.google.com
app.s.id
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
blog.s.id
cat.va.us.criteo.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.s.id
cm.g.doubleclick.net
connect.facebook.net
csm.us.criteo.net
d3li60t7cgizua.cloudfront.net
dis.criteo.com
dsp.adkernel.com
ekr.zdassets.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
g.bidbrain.app
google-bidout-d.openx.net
google.partners.tremorhub.com
googleads.g.doubleclick.net
gum.criteo.com
home.s.id
id5-sync.com
imageproxy.us.criteo.net
invstatic101.creativecdn.com
ius.ctnsnet.com
match.adsrvr.org
mug.criteo.com
mweb.ck.inmobi.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pixel.yabidos.com
pr-bh.ybp.yahoo.com
pre.glotgrx.com
protagcdn.com
rtb.va.us.criteo.com
s.ad.smaato.net
s.amazon-adsystem.com
s.id
sdotid.zendesk.com
securepubads.g.doubleclick.net
shortener.zendesk.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
static.criteo.net
static.zdassets.com
stats.g.doubleclick.net
tags.crwdcntrl.net
tpc.googlesyndication.com
trace.mediago.io
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
analytics.google.com
home.s.id
sdotid.zendesk.com
www.google-analytics.com
104.16.53.111
104.18.70.113
104.19.232.122
108.138.128.28
142.250.80.98
15.197.193.217
162.159.138.6
162.19.138.119
174.137.133.49
192.40.39.223
20.85.134.6
2600:1f18:4e9:5a02:d9f:2dfc:836e:42c0
2600:1f18:612b:4280:4e85:b7eb:52a7:1574
2600:9000:2209:5200:1b:5138:8a40:93a1
2600:9000:23ca:e000:8:217d:7c80:93a1
2606:4700:10::6816:3456
2606:4700:20::681a:6f9
2606:4700:20::681a:78e
2606:4700::6810:3965
2606:4700::6811:6bd4
2607:f8b0:4004:c08::9c
2607:f8b0:4006:808::2002
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::2001
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::200e
2607:f8b0:4006:824::2002
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
2620:100:a001::c
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f13a:83:face:b00c:0:25de
2a04:4e42:400::485
3.218.124.205
3.225.218.10
34.102.128.115
34.102.146.192
34.120.135.53
34.230.233.1
34.96.70.87
34.98.64.218
35.186.193.173
35.190.39.111
35.208.249.213
51.222.39.184
52.46.130.91
54.88.198.127
69.173.151.100
74.119.119.139
74.119.119.147
74.119.119.150
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
022484e6df8c5445ea000accb47ec97e28646a29b3466eefe42b5e9465caf600
02d5267190e72466ca3a4ce018b4d9dcbb65839812f366f22dbacaf2d3ef5ae7
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674
05e444577f8778658f61e66a715aa5c44ccb9a553b01a838bd7ea608059bb864
069b165afd8c89304455de078a01fb19e943a35bd3925b2f50865c2ecfbd9ed7
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ac22ebf2e4c548e6b1f01b79672929184e0626822b651ceba6766f880cc2d27
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
13dce7936f57fa89585edcddf8d2f5240046df372af43e94fc0a0d4b806a3857
155a57fb53bc0ee1f96820c46581918528a323d35ccfac6d990699f26a3fc40a
16b6dfe206e80475057176362642d11f0ba0b9149a3fbecee7f016ce503dca0c
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1af5eacc5472d595046d8320feb556463d66ca3711b5fc2e6449e5cc49cd167f
1c47c23e57e44c1206678fcea2854a507dbd61c7db44ec7429767d82e09e6527
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8
20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8
2959fb9be4098abac4edfe10cf70a4838f3bf46a05fc7e9350074d49dc36cc4c
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
345dd805b52864848882d8f89c24661f408925f549a626e5bcd33b6f072e146a
348ae6c59546908968bfa9630eff57eb5d00ae49dff5d85a41af130c9fa8f763
38ea73ab67fc116151506874fc35620aacfc4d7465b5b76b307bd38c4fb9fdd8
3ac30ba8f6137bc1f50ed2159fe5f85833c7ac8d15527efe4834f6b1c2a7c5df
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3dbc055fa70adab633d7f5afaf300f69c41f15eb8316f184b035db12f087d4d8
3fd155d8504c42656f9a67bde0f6fa8c8313701dce4ca486a7d598dff22e1801
45846a73cd8e7104566dc077dc84a32ba523fe106dca353042b09c1561bfcaa1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47853e202ba9347d970795203607b77acd0c6afc556fdeb7586d30af4b4968d7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58c8ad05ba1577c827e8af29036aa1f98b9e0179adf239c8843d1f0f246a049d
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
60d657fd1a5462b366ee8ffff28d1e0e402e28f299c47ed941dd5ef8b5d068d2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622be2eb8ef5825d74867a56c04c9274812a7276da1f7bd218401deb24fdc045
64c066dcca5756160fd8b8d206b49d714d595465d87cfdf8a72fbc45934f2b47
650bc773d3c858eba39404ca1e085a8875101979f37ebe9b82190dac459fe92d
6b42586e7f6fa3cf9188f973296af7bc8068fdc2424acfd065a59d608f368bdf
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74cf06fe85f0cf030317a95bd68f552217c2dac04411983f353823f2677cbfc7
7601d6af50f9dbb29789ebb85c153c0aa883261c733fdcd1743ed5bf8c17fa7d
7d6256c00ec47909aed0ff141dc3ade34b82dc1eaa57922edaa443409d0f768a
82fb6c50373e78b327bd2006e88c7ee71940234a98a0140899c8711065bdc5bc
842389fa6e59bda1663fa1925b5eebb360d3c28e949f43e343200e5fc038981e
8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154
8bff37c44ba4023072dee8ba63c87854060cd384b95a6db1969ccb711da267de
8ebde9abc085f64172bd6905d7d01989a39041e1ae5ef32a3a17f9ea1745fb7d
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
92c39b5c986c8a9c713d77081a0272187a847c57192fe03fc152d25fc4c35668
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c5459222980fa54ef588f474e1ba50892188a2c78e9215738f35461cc3b09e7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a43a85671aa2a1213a227d35f431fda095d3cceea034518b415370b820591c96
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ab19746876d40e5b2334546e90ef2d03e421cfc4ee60346cb2dd2ea36a780b8d
ac2af12c81be58d6906f22b9dbdb6d9753a775ca31d71c993839c8674acd020f
acd70c81273d8627395a6fc3c96217b3596f24c59c428a8ba2ea8daab13fd6b7
b1e0354048342615ee678931bb922fcb098fc4f42b3edae6df7624a2b812fb95
b2b6d0cd1c8508b645d3a745731641564c941db3c7e8dff55a6fdbfc9e036a32
b96799097df4785d3246b51f1f389c8749892d490f088bfc3a6acf7e5e0a3352
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c55952069ebe6d94242e49d5c1453df0258c982288e9cf20c1649c09be103f22
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
c62efa11e56d452e201244a46cc0c80d5bbd7d676487f6bb4953d71ac55e4f04
c7fb840478ca64f3410fff0ffa40eb38fd8a7cfc36c10f117c3869ea93c00182
c7fe077505a08fef79eca4979b3eb08495c6e18c2ef9b54388918d01024cf503
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d6f83766abba78768b2bcba2cafb4b60f341b54a750a05a5c59975c2cc44687b
d90fc9f6bee5dc1325b1533fe1ff6157aa364d95fd76f3cb13e9a067243cc3ea
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6cafba2d8fd7a8d76f356f7f298fc1cf743ca78f9f17f997e9000ba587cc748
ec9099a1e78c190ed16337af79087737f0082c9014401f7bdb19171924378656
ecf1b45e741c358105ec165c66cc44e962e6dbfe4948ea4a4094791472e03c6d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0614957fc34143cbef52b81cebd60f557ff3c3a490b32e70cb1693c77aa65d4
f1181f845db285df5fd22d07af5e1b79842cb90f51cadad31fb47f1fd91b0030
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
f7e26a7ab7bdbbd6c06388eccea2561a1167cc880ea69ed354d2532c8ba279d8
f926e6e28c2cc42192b11d48b31cc743db18131dbeb856bfb07656d220192f9c
fa8cfe9fe7581bdf35e892bd0daf7de6767c3451e4a934a99b1465672296ea35
fb277c3f3d2b374ed140a82233dc7eaf0c25bd659117ff2780e9a05ca51c6598

blog.s.id Open in urlscan Pro 2606:4700:20::681a:6f9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

199 Requests

87 %HTTPS

52 %IPv6

43 Domains

68 Subdomains

50 IPs

4 Countries

4144 kBTransfer

9412 kBSize

47 Cookies

15 Outgoing links

Page URL History

Redirected requests

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.s.id Open in urlscan Pro
2606:4700:20::681a:6f9 Public Scan

Screenshot
Live screenshot

Full Image

199
Requests

87 %
HTTPS

52 %
IPv6

43
Domains

68
Subdomains

50
IPs

4
Countries

4144 kB
Transfer

9412 kB
Size

47
Cookies

199 HTTP transactions
2 data transactions