s.id Open in urlscan Pro
193.84.85.178  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

• https://ad.doubleclick.net/ddm/trackimp/N4362.2566103PREXPROGRAMMATICEXC/B30605596.379042205;dc_trk_aid=570110505;dc_trk_cid=200041957;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N4362.2566103PREXPROGRAMMATICEXC/B30605596.379042205;dc_pre=CJDK9evKsYIDFQ_OEQgdvuQH1w;dc_trk_aid=570110505;dc_trk_cid=200041957;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1

Request Chain 51

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJy5CrgLHLJI3oljh3s0awY&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJy5CrgLHLJI3oljh3s0awY&google_cver=1&C=1

Request Chain 52

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUoEp1MsOIKIPIedVCYpzAAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGQuueepV4jjSCbiBp1ItkA&google_cver=1

Request Chain 53

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEM3-huGczXGWPkstUm33RqY&google_cver=1

Request Chain 54

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzMzI3NTM4NDk1NTA4MTY2NQ%3D%3D

Request Chain 67

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGQuueepV4jjSCbiBp1ItkA&google_cver=1

Request Chain 68

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUoEp.dTC-bHNTtNwVeztgAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGQuueepV4jjSCbiBp1ItkA&google_cver=1&google_hm=2

Request Chain 69

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEM3-huGczXGWPkstUm33RqY&google_cver=1

Request Chain 70

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzMzI3NTM4NDk1NTA4MTY2NQ%3D%3D

Request Chain 76

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEK-ljBUu4Q9cBYSqMHKd_aE&google_cver=1&google_push=AXcoOmRpjPSVpjsBGkO8RTNDtzBE8IpoHTgcaa5RARqf4T3KFzNnMOnsN0de54MGhajzP3dbGy934hKJvEHSAXvyEbyyCzA_ml4dTW8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRpjPSVpjsBGkO8RTNDtzBE8IpoHTgcaa5RARqf4T3KFzNnMOnsN0de54MGhajzP3dbGy934hKJvEHSAXvyEbyyCzA_ml4dTW8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK-ljBUu4Q9cBYSqMHKd_aE&google_cver=1&google_push=AXcoOmRpjPSVpjsBGkO8RTNDtzBE8IpoHTgcaa5RARqf4T3KFzNnMOnsN0de54MGhajzP3dbGy934hKJvEHSAXvyEbyyCzA_ml4dTW8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRpjPSVpjsBGkO8RTNDtzBE8IpoHTgcaa5RARqf4T3KFzNnMOnsN0de54MGhajzP3dbGy934hKJvEHSAXvyEbyyCzA_ml4dTW8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 77

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPjqzyKZBK6eRjHd3KnYNI4&google_cver=1&google_push=AXcoOmTdLNyH62u_eCP-Vc6q74ysKnA1RrOnju_y2ZjwlcVqUfUmGyt-GHCTrzKsp6x16L8B5Q1mcktmeOKdKLPW8y2_NwvVSnNcxlI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPjqzyKZBK6eRjHd3KnYNI4&google_push=AXcoOmTdLNyH62u_eCP-Vc6q74ysKnA1RrOnju_y2ZjwlcVqUfUmGyt-GHCTrzKsp6x16L8B5Q1mcktmeOKdKLPW8y2_NwvVSnNcxlI

Request Chain 79

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBS_wxTp7wkz0bplh6K02LM&google_cver=1&google_push=AXcoOmSmgfL1K4Msz-cxJtyaW3vsZIz4WKGHaMD8_pfTnqmq6rC51kv9PDGZZIorUcg6TjGPJcO_elrh4-Be9v29uNbhDzjyBLaVMw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSmgfL1K4Msz-cxJtyaW3vsZIz4WKGHaMD8_pfTnqmq6rC51kv9PDGZZIorUcg6TjGPJcO_elrh4-Be9v29uNbhDzjyBLaVMw&google_hm=eS10eDhObXhSRTJwR3M5YmhoZjJ1UjlrQ0VqdHJhR3VtZX5B

Request Chain 80

• https://d5p.de17a.com/cookies/google?google_gid=CAESEACThB-Cv0pAmCgNy1Qr5d0&google_cver=1&google_push=AXcoOmSPiraVB3XTLBD3IeNmlEIqAHvKNOBe2EARErEpBNCWjEPvF8A7o7mNS1ldAG48mG-MiCaYLH4l_22_T4_73ZIqoIx1SsjWeQQ HTTP 302
• https://d5p.de17a.com/cookies/google;c?google_gid=CAESEACThB-Cv0pAmCgNy1Qr5d0&google_cver=1&google_push=AXcoOmSPiraVB3XTLBD3IeNmlEIqAHvKNOBe2EARErEpBNCWjEPvF8A7o7mNS1ldAG48mG-MiCaYLH4l_22_T4_73ZIqoIx1SsjWeQQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSPiraVB3XTLBD3IeNmlEIqAHvKNOBe2EARErEpBNCWjEPvF8A7o7mNS1ldAG48mG-MiCaYLH4l_22_T4_73ZIqoIx1SsjWeQQ

Request Chain 81

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHqXjQqFfr5nA4lqeV3deWE&google_cver=1&google_push=AXcoOmQsjYvzYFRGF5xWcr765f9pR1OtlzRWQBd2hVTcUEoVj-o5FxdSOmzVONoGVzTsxiCOe6K-YKkv3_LlWWbCD0O6RYcNikA1lLA HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHqXjQqFfr5nA4lqeV3deWE&google_cver=1&google_push=AXcoOmQsjYvzYFRGF5xWcr765f9pR1OtlzRWQBd2hVTcUEoVj-o5FxdSOmzVONoGVzTsxiCOe6K-YKkv3_LlWWbCD0O6RYcNikA1lLA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU1ODM1ODQ0OTA4MzA0MTgzNA&google_push=AXcoOmQsjYvzYFRGF5xWcr765f9pR1OtlzRWQBd2hVTcUEoVj-o5FxdSOmzVONoGVzTsxiCOe6K-YKkv3_LlWWbCD0O6RYcNikA1lLA

Request Chain 100

• https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPXp1ukUgmNYm3qmh14ZuJQ&google_cver=1&google_push=AXcoOmTZmlwMEDgq6sYc0ik4DLI7O7FUyEQqREQMjLywXqiBsChgO0ZCpeYmoQlD4uDP1EKfdcgTYZKOcPIf_NiDSa_I5kLeTbEmPOQ HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPXp1ukUgmNYm3qmh14ZuJQ&google_cver=1&google_push=AXcoOmTZmlwMEDgq6sYc0ik4DLI7O7FUyEQqREQMjLywXqiBsChgO0ZCpeYmoQlD4uDP1EKfdcgTYZKOcPIf_NiDSa_I5kLeTbEmPOQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WklsSEVVWWgxUjBpdEY1&google_gid=CAESEPXp1ukUgmNYm3qmh14ZuJQ&google_cver=1&google_push=AXcoOmTZmlwMEDgq6sYc0ik4DLI7O7FUyEQqREQMjLywXqiBsChgO0ZCpeYmoQlD4uDP1EKfdcgTYZKOcPIf_NiDSa_I5kLeTbEmPOQ

Request Chain 103

• https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEH1MRb2QFcNsjU7m4zPYMio&google_cver=1&google_push=AXcoOmQ_y2jxQS9y3uj3Pd9li94Zy49vGTDkAZXgiBjQm0r_inYTGFfG_v-fjy72jNW6EdzmhP7Os6_rvim7kMmm1GGljwhwqlhMzTM HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5ODY1MTI2MTQyNTYxMjk1Mg%3D%3D&google_push=AXcoOmQ_y2jxQS9y3uj3Pd9li94Zy49vGTDkAZXgiBjQm0r_inYTGFfG_v-fjy72jNW6EdzmhP7Os6_rvim7kMmm1GGljwhwqlhMzTM

Request Chain 104

• https://ads.travelaudience.com/google_pixel?google_gid=CAESEEuubmzgfA6iXtMp2hc8xiw&google_cver=1&google_push=AXcoOmRJyJ7fO6fk9kwbnvl35wMVtWJVPpkfznPN4Wu6Dg0cpK8n8Mgb1xdP1AMVWc7nlbxK50uP6vla_cHbKTB8BLPxqKb4zpM31A HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NxK9ss1sQQYL546LQk81yg&google_push=AXcoOmRJyJ7fO6fk9kwbnvl35wMVtWJVPpkfznPN4Wu6Dg0cpK8n8Mgb1xdP1AMVWc7nlbxK50uP6vla_cHbKTB8BLPxqKb4zpM31A

Request Chain 106

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG_EbQo32gEnmIB68LqriE4&google_cver=1&google_push=AXcoOmTmDmDxrk8cAsxS1cVZQzbr6edQ-ILxJXDwAk_K3Uc_P_AUV7aV1Sl9xASMeO0k8OGIgyXPw10VTjMtKEKVOnHxo4zU6QreOQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU1ODM1ODQ0OTA4MzA0MTgzNA&google_push=AXcoOmTmDmDxrk8cAsxS1cVZQzbr6edQ-ILxJXDwAk_K3Uc_P_AUV7aV1Sl9xASMeO0k8OGIgyXPw10VTjMtKEKVOnHxo4zU6QreOQ

Request Chain 109

• https://pixel.adsafeprotected.com/rfw/st/1684627/75968233/skeleton.js?adsafe_url=https%3A%2F%2Fs.id&adsafe_type=g&adsafe_url=https%3A%2F%2Fs.id%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2742216534640545%26output%3Dhtml%26h%3D280%26slotname%3D7246512857%26adk%3D2068013325%26adf%3D2071597077%26pi%3Dt.ma~as.7246512857%26w%3D500%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1699349669%26rafmt%3D1%26format%3D500x280%26url%3Dhttps%253A%252F%252Fs.id%252Fseytaninkoli%26adtest%3Doff%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1699349669870%26bpp%3D2%26bdt%3D739%26idt%3D-M%26shv%3Dr20231102%26mjsv%3Dm202311020101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7644190641501%26frm%3D20%26pv%3D1%26ga_vid%3D1842331448.1699349670%26ga_sid%3D1699349670%26ga_hid%3D2107663078%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D550%26ady%3D833%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31079345%252C44807047%252C44807454%252C31078301%26oid%3D2%26pvsid%3D3583301131410934%26tmod%3D968169148%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DCZcrTJepOn%26p%3Dhttps%253A%2F%2Fs.id%26dtd%3D12&adsafe_type=bed&adsafe_jsinfo=,id:4dba221d-3af5-e52d-2364-71b5c7a8a516,c:thcG6b,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-759fd55744-m2l8z,rg:va,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:161,mot:0,app:0,maw:0,fm:tUUO2wa+11%7C12%7C131*.1684627-75968233%7C1311%7C13121%7C1313%7C1411%7C1412%7C14131%7C1414,idMap:131*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:182,oid:da8b93e7-7d50-11ee-b43f-0adbfdf16f50,v:19.8.458,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://static.adsafeprotected.com/skeleton.js

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request seytaninkoli Show response s.id/	12 KB 4 KB	1726ms 494ms	Document text/html	193.84.85.178 STORMWALL-AS
General Check archive.org Show headers Download Go to Full URL https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_256_GCM Server 193.84.85.178 , Russian Federation, ASN59796 (STORMWALL-AS, SK), Reverse DNS Software nginx / Next.js Resource Hash 2ab3ee0ab165e211b92cde8ed50fa5e19577ba19c3f48c12a30f848b025a6911 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=3600, must-revalidate cf-cache-status HIT cf-ray 822494a71d2246af-SIN content-encoding br content-type text/html; charset=utf-8 date Tue, 07 Nov 2023 09:34:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xcuh5%2BqEwpDSfvhzldniqmmPaWUwGkSRg4bOvmeGZQICO8SX9y5tdmLJx6e1NZMmaOKURYFCB%2FBFImcNbV7LBJg6Y0ez9YvXjSa1796XXssH9JRPv9Bxc1Uqu98Q4GOs"}],"group":"cf-nel","max_age":604800} server nginx strict-transport-security max-age=15724800; includeSubDomains vary Accept-Encoding Accept-Encoding Accept-Encoding x-content-type-options nosniff x-powered-by Next.js
GET H2	200	a342eb84bd68eabe.css microsite.s.id/_next/static/css/	118 KB 18 KB	169ms 27ms	Stylesheet text/css	2606:4700:20::681a:7f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://microsite.s.id/_next/static/css/a342eb84bd68eabe.css Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c4e2611dcd6fbad13d5d3a896902fe1ca68fbd23bb3cf74147478456cd42cde Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 36045 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Mon, 06 Nov 2023 23:16:49 GMT server cloudflare etag W/"1d7e9-18ba6eca6e8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDsbnvXnJbe0ZnArJ8m7NYGJrD0YKtLwx7AbDZiZ5HPxKisLLLOwmMjfTUx0G6nNNiGp8JUOHQaggoC7oDK1KtkO1NkAGtif2RN1ZvRf8KUvF9Rz44CSAbX47gINOZMtzeS03pka43SRcmFo"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 822494a8fb6539bc-FRA
GET H2	200	cd55c7da45ab6994.css microsite.s.id/_next/static/css/	22 KB 7 KB	163ms 21ms	Stylesheet text/css	2606:4700:20::681a:7f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://microsite.s.id/_next/static/css/cd55c7da45ab6994.css Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1e0fa2b58fb4a18b31e919eaad7c621bdd9696fd5368b0b58a4ef85f4db9f4d3 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 36342 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Mon, 06 Nov 2023 23:16:49 GMT server cloudflare etag W/"57d2-18ba6eca6e8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3CBdfQ%2BtjDGIRfIv8E%2BUn%2BYHBft4Un%2BCpbccNAmOnENRiFt3hVcSDQrMu7qbKf2fMtaH4SnyrD7Mg9vBNsT%2BWa744seIq6zkjTtR22zmPol1yC2Fb%2F2F4bEnZ5TU8lIheG%2FMn36QF1JMxOq"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 822494a8fb6339bc-FRA
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	148 KB 51 KB	110ms 70ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545 Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e97928c4807463e8d595642ea3823a3a2abce4569af6842b2d5eccddeb0f78f1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52079 x-xss-protection 0 server cafe etag 9407685998776296741 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Tue, 07 Nov 2023 09:34:29 GMT
GET H2	200	webpack-67ff97eeca71f9dd.js Show response microsite.s.id/_next/static/chunks/	4 KB 2 KB	137ms 28ms	Script application/javascript	2606:4700:20::681a:7f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://microsite.s.id/_next/static/chunks/webpack-67ff97eeca71f9dd.js Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b4779ffe907b6fa0f3c3fcde0687c0a5b22f24d1ac3e9e463dd1d6648d62b0c4 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 36044 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Mon, 06 Nov 2023 23:16:49 GMT server cloudflare etag W/"e46-18ba6eca6e8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obw88rf9XdLZeTH2kNUF%2FfNZ3uuXgahJQy%2FFlbWp1ujMYlCYMR%2FiKVbLxVuaGZoeZFwzphyZkNX0CmDbCii26V0sNfSXTfBY3Vg9nXxD6VOh%2Fb05IdR7mv4FrlK4yCBKwMn55xkOPAM5RplL"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 822494a8fb6e39bc-FRA
GET H2	200	framework-56bc1d2b5d8be648.js Show response microsite.s.id/_next/static/chunks/	138 KB 45 KB	30ms 28ms	Script application/javascript	2606:4700:20::681a:7f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://microsite.s.id/_next/static/chunks/framework-56bc1d2b5d8be648.js Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a5e943c7c5da3617bd2345580b25327364ab5824ba53a3d18bb88c0e105d6d45 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 36539 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Mon, 06 Nov 2023 23:16:49 GMT server cloudflare etag W/"226f3-18ba6eca6e8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4zzbQHLBn6OyHpszzzLxkkF%2FWJM88WLUWOs3BDPiO%2BS9L30piOGCnRKAgm%2BA5xG6wzyn4ZKI6d3Xcg7J5ZgWvWd3r1RD0DOjaOzvFTACBjxzFMIuBNgGZGe0JrA%2FytX9eeankMAovC84r00"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 822494a91b8139bc-FRA
GET H2	200	main-559dbfa8afd7d7a2.js Show response microsite.s.id/_next/static/chunks/	97 KB 29 KB	32ms 31ms	Script application/javascript	2606:4700:20::681a:7f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://microsite.s.id/_next/static/chunks/main-559dbfa8afd7d7a2.js Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e49865b2d3ebcdd42fac21e949bb2a9f5290fde16a9392b78d5d8d49d203753c Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 36044 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Mon, 06 Nov 2023 23:16:49 GMT server cloudflare etag W/"185da-18ba6eca6e8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=paTlyih3Xdn8zyrSTKzmtwe0GCD2X%2B3GrWf%2Fbyi17mHBgELULCA3bObDFcipnV4JvVXk3uXAP9FMoRQSxZ9xx%2FNBrOcWEbb0zjUH1UXCAzfEeVTVDBBI33TxvZ01o8A03dGIO5x4eVxuTN28"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 822494a91b8439bc-FRA
GET H2	200	_app-538933ef5d1d99b9.js Show response microsite.s.id/_next/static/chunks/pages/	315 KB 102 KB	38ms 36ms	Script application/javascript	2606:4700:20::681a:7f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://microsite.s.id/_next/static/chunks/pages/_app-538933ef5d1d99b9.js Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 44700a06a8c514701afd8a1b28e770e23d3d41c13799fa88aa8e5ad21d9666b9 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 36539 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Mon, 06 Nov 2023 23:16:49 GMT server cloudflare etag W/"4ed1d-18ba6eca6e8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehP2%2F8N8KpDOQDOSqmqo8ik1ZAaE4FjwBBta7fv1ghVwp2OU%2FUMSsVJ5vZa%2B%2BswYQfwO6uzQ715kd3w01yfQNM01J%2FmUN0JNMofDiDgdet6wc5H%2Bukgr%2F3iUX872J4G7zbl4Gd6O2ntZsHWQ"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 822494a91b8539bc-FRA
GET H2	200	f85a1fd0-0ccc9e26436af44f.js Show response microsite.s.id/_next/static/chunks/	476 KB 74 KB	37ms 35ms	Script application/javascript	2606:4700:20::681a:7f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://microsite.s.id/_next/static/chunks/f85a1fd0-0ccc9e26436af44f.js Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a51be072c90872986a619bcd424515adfdd3a7c1f8b447c745f203774120a472 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 36539 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Mon, 06 Nov 2023 23:16:49 GMT server cloudflare etag W/"771a6-18ba6eca6e8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBWHTJFkfZxryCznA7Z8vBR5vW4k%2BDcYqXuiKsz%2FifMJHJIDcL8l4ma9H%2B67Ad56m3kSmh4nW3GiqAJs9zqBhg47xRGWbu9KM4vi4fkzwVr9UlpyVxo1ve7b%2BRi0%2FXgRSFIPzM92MdXtkWRm"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 822494a91b8739bc-FRA
GET H2	200	347dd6d2-909e20e25b7384a8.js Show response microsite.s.id/_next/static/chunks/	948 KB 283 KB	46ms 44ms	Script application/javascript	2606:4700:20::681a:7f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://microsite.s.id/_next/static/chunks/347dd6d2-909e20e25b7384a8.js Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb7f315a0371a8b55cfaf220f33822988ac4f5f2758e23738eaaa25258c978b7 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 36539 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Mon, 06 Nov 2023 23:16:49 GMT server cloudflare etag W/"ed138-18ba6eca6e8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxoIbGWx7fdOoL9c8eqAuH7p99IRfWhPsjT14yYv7wq17uH5%2BBjm5qgiTP3TCgb%2FvdDfK9GDqK5me8Us7jpLo%2FKElJeEUbj0aCNHuIVygULldrcjEuTAxS%2BZ1feOHWRDTezy74DczrRusZP2"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 822494a91b8939bc-FRA
GET H2	200	b7322211-d279212bc11c825d.js Show response microsite.s.id/_next/static/chunks/	501 KB 212 KB	60ms 59ms	Script application/javascript	2606:4700:20::681a:7f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://microsite.s.id/_next/static/chunks/b7322211-d279212bc11c825d.js Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d820c5e7d048c0faa442ce5a30a6163fd2ba16c2f3875c9ccd1ea6a6217a23b Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 36043 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Mon, 06 Nov 2023 23:16:49 GMT server cloudflare etag W/"7d3a4-18ba6eca6e8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7Ain1bbgsSdIjab12qqnOltdqk3YQ2JgzBe7VvLlrSYlCRjk4lciGWsElSXgedB9TJq61cafid%2B7wb1HSgOWieaF4I9aRntv99kS28TpF35flkb9yIbMbIwdOJzVS1kNnrcZxr%2FcV9DlKCi"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 822494a91b8b39bc-FRA
GET H2	200	865-541ca60fc46f1bbc.js Show response microsite.s.id/_next/static/chunks/	596 KB 173 KB	59ms 58ms	Script application/javascript	2606:4700:20::681a:7f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://microsite.s.id/_next/static/chunks/865-541ca60fc46f1bbc.js Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a5a62dd07bcb4c7cba95b52327bcd8103798cefa79d0dc7822b5e1aa1a8020e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 36539 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Mon, 06 Nov 2023 23:16:49 GMT server cloudflare etag W/"94fd3-18ba6eca6e8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FB6CrLebUb2aNUVCXVBkD3Xgtro8CWneh6Vjf8Dod6wbzP%2FnOCpRkTAWd6q5oEXDPi%2B1x6pqzJxCQywBvDVNR69o9oYDc6iCJKFGu0RCIC7rS9UXwTKIqpuxVW95mhdB6KwwMlc5Kvj9R8AZ"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 822494a91b8c39bc-FRA
GET H2	200	%5B%5B...any%5D%5D-6b82c22f641f1539.js Show response microsite.s.id/_next/static/chunks/pages/	171 KB 39 KB	36ms 35ms	Script application/javascript	2606:4700:20::681a:7f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://microsite.s.id/_next/static/chunks/pages/%5B%5B...any%5D%5D-6b82c22f641f1539.js Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc12292d0350895cc5ab8d5f58a0b15ef940d1f469cdddb54ec6738c96f72c18 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 36042 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Mon, 06 Nov 2023 23:16:49 GMT server cloudflare etag W/"2ab88-18ba6eca6e8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cf%2BQ0fqkt1qpc6bABNDuOn3%2BMc2PuH%2FzkonkkA4FjjHfanS0Vr%2BUBhGri%2Ba0aPH05ze%2FPGG38cz2i6YBK6B5RW3aKrDKy%2FB8SU6doab31vjZknzT6gmlUTmYJZIunzTs694ODKxtdPYWrNbn"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 822494a91b8d39bc-FRA
GET H2	200	_buildManifest.js Show response microsite.s.id/_next/static/53q7e5pS_1lF6JvdvEkmu/	578 B 622 B	23ms 22ms	Script application/javascript	2606:4700:20::681a:7f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://microsite.s.id/_next/static/53q7e5pS_1lF6JvdvEkmu/_buildManifest.js Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1b33e8eb1375c1728f6c5326b044c42cd6d2212ddfee7d710f795f4e669c12c Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 36042 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Mon, 06 Nov 2023 23:16:49 GMT server cloudflare etag W/"242-18ba6eca6e8" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrQdy61wTUzI87A%2BTNxW1zPQ4tIj1e9i8uaO61QxMoEN9Lt96MARlC8hzOZcFhxXpdCsxH383adnKEVn%2FFxHi4d5zmr2hE4KjDgiegswdaZIDt5mKfgGSjwT1qUQQF4HR2PadbjMPpzgOjv%2B"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 822494a91b8f39bc-FRA
GET H2	200	_ssgManifest.js Show response microsite.s.id/_next/static/53q7e5pS_1lF6JvdvEkmu/	77 B 350 B	28ms 27ms	Script application/javascript	2606:4700:20::681a:7f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://microsite.s.id/_next/static/53q7e5pS_1lF6JvdvEkmu/_ssgManifest.js Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 36042 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Mon, 06 Nov 2023 23:16:49 GMT server cloudflare etag W/"4d-18ba6eca6e8" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zv3last%2FOXKKw9fsnwB%2FtqfFXbXmzkx5kqB5akXIPoct4PF7aHO9vFn6q9RGDiejNdeLLWjHTXyYLOyVJAGxnN5KRnQ2MhC48%2BAuNOq2giLVHuG8bvv%2BBvrRNIuc7X6wX6szAkfJ2twFa6Aj"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 822494a91b9139bc-FRA
GET H2	200	montserrat.css microsite.s.id/assets/fonts/	3 KB 854 B	377ms 235ms	Stylesheet text/css	2606:4700:20::681a:7f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://microsite.s.id/assets/fonts/montserrat.css Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18642b70f14ef53a90293b71467d2ba2002256e61147d3a30f2125485ecf145a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED last-modified Wed, 06 Sep 2023 09:42:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding br etag W/"ca2-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izXYHpWW9%2BkyO%2FuzUjCT8%2FyTZ%2Fa2K0ndN7TIJKWIfbVLjnt7BkfHQ6ljufJ0Z81MguRQSovFs3je6lAnv5NIM2vlTQ%2FpebwQr3RVjXFoc1%2F%2BsfdkcU1YxJBspbTU5%2FQAnbOSGJ%2B%2BOYnIy5th"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=300 cf-ray 822494a8fb6639bc-FRA alt-svc h3=":443"; ma=86400
GET H2	200	work-sans.css microsite.s.id/assets/fonts/	4 KB 727 B	397ms 255ms	Stylesheet text/css	2606:4700:20::681a:7f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://microsite.s.id/assets/fonts/work-sans.css Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40c0e92260f9a8601ddc683627bb20b99d0dfe084a8bdc8cea4923373a05278a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED last-modified Wed, 06 Sep 2023 09:42:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding br etag W/"10bc-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3o1ECdtlmb27Xwz6vWLL6Uma2bafhVEPKEDk352sNlahy01LUoo1x6P0SuZ%2Buz8%2BDhBRayPfW8uAnmLcQffNQ3mq8PttXbUkEGL4CZepkmIlio988iaGdUsE4oc%2BbvV%2BCAhI5kS1qV3T%2BIO"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=300 cf-ray 822494a8fb6739bc-FRA alt-svc h3=":443"; ma=86400
GET H2	200	sid-neu-logo-dark.svg microsite.s.id/images/	8 KB 4 KB	417ms 276ms	Image image/svg+xml	2606:4700:20::681a:7f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://microsite.s.id/images/sid-neu-logo-dark.svg Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e10d40f406bc09e08617c53792cafbe2f8cc9cac8d9db1ae5026d29a98e7338a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED last-modified Wed, 05 Jul 2023 23:09:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding br etag W/"2137-18928513d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxYG8Sli147E7qcO%2FTqIDqeCPbGjPEYD6BN%2BR25l9bqh4E3tncTTmqyXPkyLgReesHKt5IU6mcwvh0%2BJQeYQeNF%2B3Ww7xMgBn4OOqGr1xVnXXLiBsT1FXSwXWmBwq%2BirJyYV1NI0GqG7xAyQ"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=86400 cf-ray 822494a8fb6939bc-FRA alt-svc h3=":443"; ma=86400
GET H2	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/	400 KB 135 KB	87ms 74ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5937f9c21c2e2b1a4ee38947bf5fc57034945ec32f679f978beebe3dd944144f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 138480 x-xss-protection 0 server cafe etag 11104099799482480309 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 07 Nov 2023 09:34:29 GMT
GET H2	200	b39f32fd-350c-4e67-9e76-1f4e29466dc4.svg cdn-sdotid.adg.id/images/	863 B 1 KB	369ms 26ms	Image image/svg+xml	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-sdotid.adg.id/images/b39f32fd-350c-4e67-9e76-1f4e29466dc4.svg Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b93bffc28900c6afcdef1df7fdaceefea744d9df0de2484d2c5a1fbee9dbc8e Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT x-amz-version-id .qw7w5twjRzN_SUDzPlQ25vIbU6qMdzT via 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront) cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-content-type-options nosniff strict-transport-security max-age=0 x-amz-cf-pop FRA53-C1 x-amz-server-side-encryption AES256 content-encoding br x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Mon, 30 Jan 2023 13:08:45 GMT server cloudflare etag W/"d6c331fefd1defc280936895ce3bf526" vary Accept-Encoding, Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbMGUL%2FoO7XNG9y3i%2BoNjGo4OISJhCWwJLwzVn06OV%2FcEczLNk7t21%2BnoKUdiHJvZEG3PoXxpN8KHvTdA8LwBKiAXLxeREC0QxjWF0fO6kIIxyLvK8pNpfo6oz4kecSe7Qq7CpgJgVoNb2gkRzQPWg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 822494ab6ec8904f-FRA x-amz-cf-id VZcArDJATcsDZAk2BDB_QrPoHqOz6A4nk9txyl0QkMPN0Gls-X0pXw==
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231102/r20190131/ Frame 39E6	10 KB 5 KB	222ms 5ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231102/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 35275 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4502 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 06 Nov 2023 23:46:34 GMT etag 251720774729838433 expires Mon, 20 Nov 2023 23:46:34 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	375 B 598 B	68ms 15ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=s.id&callback=_gfp_s_&client=ca-pub-2742216534640545 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 689266b74da8de5703020c18b7ab5df2aa6ce3bc5123d89787566da3155aeebc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 246 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 1231	0 179 B	216ms 211ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&adk=1812271804&adf=3025194257&lmt=1699349669&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fs.id%2Fseytaninkoli&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669314&bpp=5&bdt=184&idt=179&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7644190641501&frm=20&pv=2&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=237 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 09:34:29 GMT expires Tue, 07 Nov 2023 09:34:29 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	40ms 40ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=fixed%20top-0%20left-0%20right-0%20bottom-0%20h-full%20flex&ign=false&pw=1600&ph=1200&x=0&y=1060.8 Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:29 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	41ms 41ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=fixed%20top-0%20left-0%20right-0%20bottom-0%20h-full%20flex&ign=false&pw=1600&ph=1200&x=0&y=0 Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:29 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	work-sans-normal-400.woff2 microsite.s.id/assets/fonts/dist/	47 KB 47 KB	261ms 239ms	Font font/woff2	2606:4700:20::681a:7f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://microsite.s.id/assets/fonts/dist/work-sans-normal-400.woff2 Requested by Host: microsite.s.id URL: https://microsite.s.id/assets/fonts/work-sans.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b4ac8501c4d8d1b24086aaab9eae19524098e7d8cd2a314695791b7af365048 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://microsite.s.id/assets/fonts/work-sans.css Origin https://s.id accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 47800 last-modified Wed, 06 Sep 2023 09:42:59 GMT server cloudflare etag W/"bab8-18a69dfa4b8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Sie3IlpFCU7cTaHuXYzfw6qoy3ZeYwQlrCxSE8FxdiYv0Q%2BJpNtBqvwT83dv6LkO58tUivrOlGkUpp0ALxETkTCop3lSM8ZDoONwiIUu5g5scgwUHDfBjLPWBKvlNoduhjqBhgyy3Qnvrkl"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin https://s.id cache-control public, max-age=300 accept-ranges bytes cf-ray 822494abee2c91de-FRA
OPTIONS H/1.1	204 No Content	adcap app.s.id/api/ Frame	0 0	636ms 175ms	Preflight	45.126.58.90 IDNIC-PANDI-AS-ID...
General Check archive.org Show headers Download Go to Full URL https://app.s.id/api/adcap?short=seytaninkoli Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 45.126.58.90 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept */* Access-Control-Request-Headers ds,x-rpc-lang Access-Control-Request-Method GET Origin https://s.id Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS Access-Control-Allow-Methods GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH Access-Control-Allow-Origin https://s.id Connection close Date Tue, 07 Nov 2023 09:34:30 GMT Strict-Transport-Security max-age=15724800; includeSubDomains Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
GET H2	200	506.9f321d440064bb53.js Show response microsite.s.id/_next/static/chunks/	1 KB 1 KB	24ms 23ms	Script application/javascript	2606:4700:20::681a:7f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://microsite.s.id/_next/static/chunks/506.9f321d440064bb53.js Requested by Host: microsite.s.id URL: https://microsite.s.id/_next/static/chunks/webpack-67ff97eeca71f9dd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c1ad95e8b38e5ca69e79e848a5771f026e40705ace52cb5ba4e6b7b9ce048161 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 36490 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Mon, 06 Nov 2023 23:16:49 GMT server cloudflare etag W/"44a-18ba6eca6e8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iN7kCW5%2F0EtI4loxfoGG7CU0Y24CZuJxoWzn1DEYWjU5xs6VariKWEyJiKHbajCOjGF5MNM3zb7Z5GTbppmI6yyW9bLpazfHBF71lkGbstjFb4%2BrEFGe8e8noesGw%2BlpBvX3YlZJjRN5JHnT"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 822494ac0f0739bc-FRA
GET H/1.1	200 OK	adcap Show response app.s.id/api/	36 B 703 B	542ms 181ms	XHR application/json	45.126.58.90 IDNIC-PANDI-AS-ID...
General Check archive.org Show headers Download Go to Full URL https://app.s.id/api/adcap?short=seytaninkoli Requested by Host: microsite.s.id URL: https://microsite.s.id/_next/static/chunks/pages/_app-538933ef5d1d99b9.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 45.126.58.90 , Indonesia, ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID), Reverse DNS Software / Resource Hash bed10a3fd1f75fd8fbcb1f3be5d120237ed9391d10c2697c551923e8ed9f31e3 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept application/json, text/plain, */* DS 1699349670,xkt7kg,847e6a2380d97ea0e2528675e89080b9 Referer https://s.id/ X-RPC-Lang en accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Tue, 07 Nov 2023 09:34:30 GMT Strict-Transport-Security max-age=15724800; includeSubDomains Content-Encoding br Transfer-Encoding chunked Vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers Content-Type application/json Access-Control-Allow-Origin https://s.id Access-Control-Allow-Methods GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH Access-Control-Allow-Credentials true Connection close Access-Control-Allow-Headers Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
GET H2	200	js Show response www.googletagmanager.com/gtag/	240 KB 83 KB	49ms 23ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5 Requested by Host: microsite.s.id URL: https://microsite.s.id/_next/static/chunks/main-559dbfa8afd7d7a2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash fea01e2724e22e2b918e07d47dbf2fad10d80478d93cf8dbc2cba1a4e75e6f44 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85089 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 07 Nov 2023 09:34:29 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	243 KB 84 KB	66ms 41ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K Requested by Host: microsite.s.id URL: https://microsite.s.id/_next/static/chunks/main-559dbfa8afd7d7a2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e68775ce26a455c4b678b7f6c27ba7ab243c3f5a3fe1574900d08e7a7e05564f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85760 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 07 Nov 2023 09:34:29 GMT
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 429E	105 KB 44 KB	997ms 996ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ae18c63417716b7488a2b0315ad00a64a35a2b93aa7dfd56cf68d520d90a44d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 44783 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 09:34:30 GMT expires Tue, 07 Nov 2023 09:34:30 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 8339	120 KB 46 KB	1093ms 1093ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699349669&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=1&bdt=740&idt=1&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=KBrT1t7WKy&p=https%3A//s.id&dtd=19 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e96c1177245b60586d5fa92c59822a01ed42de2e26e662f09b8a99c02536e79f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 47090 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 09:34:30 GMT expires Tue, 07 Nov 2023 09:34:30 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	23058e1a-37e8-4798-822c-5305637fa010_450x450.png cdn-sdotid.adg.id/images/	58 KB 58 KB	26ms 25ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-sdotid.adg.id/images/23058e1a-37e8-4798-822c-5305637fa010_450x450.png Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4bcb729d76ea62fd0ce73a62dcf6677db23c360168a9b2c5402b9bd264648a28 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:29 GMT x-amz-version-id deePLH.nRPQgJ9dKMF_rJo_BK8837MnJ via 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront) cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-content-type-options nosniff strict-transport-security max-age=0 x-amz-cf-pop FRA53-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 59315 last-modified Sun, 15 Oct 2023 16:06:31 GMT server cloudflare etag "35ba473d82cdc8698c49c61637cc64b7" vary Accept-Encoding, Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6%2FIk3p5OndBRcEp6CLApYCJTtQRkVyTfPHLIvJJ3nR%2FKNZQTza8vJLW101jpmOftNvXlxC9pkS1OxXQY8CzrUNVTMSDroCjWoo8yoTYvaY4vVRHu5KjHaJaVyHf95wMb7SHaqTZz4CaUnAirRru7g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 822494acf85c904f-FRA x-amz-cf-id sManVH_n5o3T5bOaLnu8D_j0uYVkuQg3l60ONr1aPpd6bQ3wxwUoig==
GET H2	200	js Show response www.googletagmanager.com/gtag/	240 KB 83 KB	39ms 25ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a4164b02dc98217782f51d6619fc8dcd7b7f63809312ceafea62e0536915f487 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:30 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 84982 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 07 Nov 2023 09:34:30 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 237 B	222ms 20ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-GTE5CBQ89K&gtm=45je3b60v889124241&_p=1699349669865&_gaz=1&gcd=11l1l1l1l1&cid=1842331448.1699349670&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699349669&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Fseytaninkoli&dt=Arac%20Hasar%20%26%20KM%20Sorgulama%20Hizmeti&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2643 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:30 GMT server Golfe2 content-type text/plain access-control-allow-origin https://s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 246 B	211ms 18ms	Ping text/plain	2a00:1450:400c:c06::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GTE5CBQ89K&cid=1842331448.1699349670&gtm=45je3b60v889124241&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:30 GMT server Golfe2 content-type text/plain access-control-allow-origin https://s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	207ms 18ms	Image image/gif	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GTE5CBQ89K&cid=1842331448.1699349670&gtm=45je3b60v889124241&aip=1&z=947331753 Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 246 B	165ms 21ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je3b60v881303989&_p=1699349669865&gcd=11l1l1l1l1&cid=1842331448.1699349670&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699349670&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Fseytaninkoli&dt=Arac%20Hasar%20%26%20KM%20Sorgulama%20Hizmeti&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2700 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:30 GMT server Golfe2 content-type text/plain access-control-allow-origin https://s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 07D3	624 B 242 B	48ms 47ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhClv9XzARjC5cz7ATAB&v=APEucNUis8aA1dbwBpp0LvDC_E69UMX-qB_R2Rel0g1evXznoErkmKGeyFWG7PeT0L6x1PaYMAuiQzmrk9gmkLl3AMyPuZImwjNjsJcbnTV0vNl_UBZaNYH-tuQXmA8UdCdHrTKICcZIjNP7uy56gWmt4RHS4pEgUPd6IYzGAqpUAhCHPmpmROg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 09:34:30 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/ Frame F3EC	23 KB 9 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/abg_lite_fy2021.js Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 14:26:08 GMT content-encoding br x-content-type-options nosniff age 68902 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9286 x-xss-protection 0 server cafe etag 5170786266788330719 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 20 Nov 2023 14:26:08 GMT
GET H3	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/ Frame F3EC	7 KB 3 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/omrhp_fy2021.js Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 14:43:15 GMT content-encoding br x-content-type-options nosniff age 67875 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3071 x-xss-protection 0 server cafe etag 10674441169935035545 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 20 Nov 2023 14:43:15 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame F3EC	0 0	107ms 49ms	Fetch image/gif	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsszE9SI6Q77Fej8DRAMZ-qyUjcow3LqK4TiEez3jqOzjTx0LxURAHw9IxxBn_1o3QZADM4XelEhSX5qZZcpn-8b6MDpS5Qm4b4JmWY98_4R1qjyuq7GlfTotuNl-y6VfbtvNDx6hocd4aPT6kEui_UxPVWAz1l8LOR7hRdT6r9MBghMbjlnQwGVFmNFpvOCOktVJZs0ThQtgTG--hJR4xh_yWYpIoq7AQD5Cuz0dQRu8Tu7b2NjaSUcoPXOm4njmOUvjg-YcWMWsAfyw_ozAyAbUwqqzpOQYekEgmmUSuxRyNmsZOmpTdrVczYlDi3uwaFajO4mAu9eHwRzBYiAJbPUaVEAcv3_90tQa2ndJ2y7erOtRWg98-zRYI7q53t3ISGwnGC6aSejQyVE5TxoGio9uwNYisIF9SYq4ydvJSRr0mD9EFaVaiaeZD9JB4EAooKmlmKWemEcTYOUzuWMLiI7AHD2FrlQkUceu8hyMrRH_Pup2R-UW8OqxzdTfX7TG2zhNluYaoUqwWDGlBDumR0zFUk5-5cCfhytQ5CEQCqxRkvDHW4zNNQpLLGDBtjJwCxT7YXvM4qukZVr2ol0dDejkPTmeNqRUabixR686_iKELqj50ox5iD6sq-vo4VrM7faaCyCBPIs4YDmgHDmNYrmgf1VP1gZkCnNf5Y6ygMIwAKvAwtWBRMgWTjADuOfOP8_5WpvPe7sagt827C3062PmXYjQlqvqmDIDorr-HBrZY9f_P6kcUMezJsZPxi-gEirNdO5drp1jq0h3L-QP0rAYBAfQgLPZPy826YkESkqfYRGHTkYiKoVOWbMJ_DO6vk8xRlxJXenNXoOWDWIhgU6BIcKikoa_9mvybict2GglqKd5f1dTMtcbKekoLsI9V0tsst_b3xb7bKYNSQwRU0K_mmEmvKk8gSBzuAWHXE2NqMER3lQgOtzLmCDpNE9bz9Ovrpv6z-y9-wi4zkierehmDafmU5Mf1Pl3aaENC3FyxPIi5R32lF2EkDnCCQiQ5mtdxO6_ZkcmtHoFFfgaM0Vyon6PhgdmOMa0mWcuBVPqR3tp-yMM2F9BMXEjR3d8OLjGg5IyIlWRJEnv-2GtKlG5KEZNnZE2rML8IVzDgGyBcgfTM3d34KmWqsd248NUrsHmDo1WUySNguhr7nxeRimzcyPuVcyhgQ9-miRZToIaGAZXlHgU1L28XcuPwKaQQpQa_Dgz9jacheEVeI&sai=AMfl-YT44p-hIjwtN6cNinvwMPOSnBtJCoRSsRJPKfYszQLrwjkEKAS_uAqXwnzR5uCYyYGrxZpvtgX19AOMcokA1LJS0F0nsZpdMNYQK_rAPciAYSdCF5e9mEG7_CT5srtbmbTv9DQZ4lKt5FjpP5Am03uOKLouLjbIl7Ao1rXY1FZ8ArSuVkzjp3l0OdlxoyZW1c3uDA8QPBboFxWRzEPvqgOQyfCeF68ydam2PotM6mywpgwFn8nHtnd6h--ADMmDdNUobz1d7o78O_T9cMva-1MUjZ6NaGBsJ5q6DRzJbZZu5BMjYzpvDvLyWLsfXvNrIWsfI16-FizO4NuCOKPrVSxqdlbNwtPzBkIXZmKkmcFd-xzui3xDCRksrw-GxE4Rj_cAuT3de4129TG49wX9r22nwHBP&sig=Cg0ArKJSzLqyWHk8qlLBEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231102.87253&arae=0&ftch=1&adurl= Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Tue, 07 Nov 2023 09:34:31 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame F3EC	41 KB 14 KB	42ms 9ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 02:22:26 GMT content-encoding br x-content-type-options nosniff age 457924 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 01 Nov 2024 02:22:26 GMT
GET H2	200	skeleton.js Show response pixel.adsafeprotected.com/rjss/st/1684627/75968233/ Frame F3EC	46 KB 12 KB	349ms 98ms	Script application/javascript	52.4.86.207 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/rjss/st/1684627/75968233/skeleton.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.4.86.207 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-4-86-207.compute-1.amazonaws.com Software / Resource Hash 84659d97d9542a8d22c6ed04c7a8dca47d444fae2c7fd870186f8f893ab50f20 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT content-encoding gzip vary accept-encoding content-type application/javascript;charset=utf-8 access-control-allow-origin pixel.adsafeprotected.com cache-control no-cache access-control-allow-credentials true expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame F3EC	3 KB 1 KB	39ms 8ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:57:02 GMT content-encoding br x-content-type-options nosniff age 70648 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 20 Nov 2023 13:57:02 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame F3EC	20 KB 9 KB	38ms 7ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:57:12 GMT content-encoding br x-content-type-options nosniff age 70638 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8543 x-xss-protection 0 server cafe etag 18034338113832500900 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 20 Nov 2023 13:57:12 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame F3EC	0 0	70ms 16ms	Image text/html	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQ-CdkjyOvc01dk7nGQq4VKz_zFHIpUEg7c4JYNGcpTgIMgrNHQ_N0WS7InavBCb3PpHmM34GeMbxojPo8Kdm9tTW7NQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame F3EC	190 KB 60 KB	101ms 49ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:31 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61127 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1699274420466708" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 07 Nov 2023 09:34:31 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame F3EC	42 B 63 B	45ms 45ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BDdV3f0p-5r4olzT-lRkYDW4twz9NDSSSF4jlUZKSy9fJ4Gj54awVoKKyDTpOKrhJfcz3nQSFa8M0EeCFyMUATqoQfMaPTj1LX87wRYYWQ2RUzNDE Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	B30605596.379042205;dc_pre=CJDK9evKsYIDFQ_OEQgdvuQH1w;dc_trk_aid=570110505;dc_trk_cid=200041957;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_... ad.doubleclick.net/ddm/trackimp/N4362.2566103PREXPROGRAMMATICEXC/ Frame F3EC Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N4362.2566103PREXPROGRAMMATICEXC/B30605596.379042205;dc_trk_aid=570110505;dc_trk_cid=200041957;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatm... https://ad.doubleclick.net/ddm/trackimp/N4362.2566103PREXPROGRAMMATICEXC/B30605596.379042205;dc_pre=CJDK9evKsYIDFQ_OEQgdvuQH1w;dc_trk_aid=570110505;dc_trk_cid=200041957;ord=[timestamp];dc_lat=;dc_r...	42 B 246 B	84ms 21ms	Image image/gif	142.250.186.70 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/trackimp/N4362.2566103PREXPROGRAMMATICEXC/B30605596.379042205;dc_pre=CJDK9evKsYIDFQ_OEQgdvuQH1w;dc_trk_aid=570110505;dc_trk_cid=200041957;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1? Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H2 Server 142.250.186.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f6.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ad.doubleclick.net/ddm/trackimp/N4362.2566103PREXPROGRAMMATICEXC/B30605596.379042205;dc_pre=CJDK9evKsYIDFQ_OEQgdvuQH1w;dc_trk_aid=570110505;dc_trk_cid=200041957;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1? content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	638784742026347101 s0.2mdn.net/simgad/ Frame F3EC	32 KB 33 KB	170ms 0ms	Image image/jpeg	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/638784742026347101 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 845c7fd8e7858e94642b2b57254f986d5b70940d95cdd52cc59ed29984c10548 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 31 Oct 2023 23:02:19 GMT x-content-type-options nosniff age 556332 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33011 x-xss-protection 0 last-modified Wed, 25 Oct 2023 06:35:25 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 30 Oct 2024 23:02:19 GMT
GET H2	200	rum dsum-sec.casalemedia.com/ Frame 07D3 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJy5CrgLHLJI3oljh3s0awY&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJy5CrgLHLJI3oljh3s0awY&google_cver=1&C=1	43 B 328 B	27ms 27ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJy5CrgLHLJI3oljh3s0awY&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhClv9XzARjC5cz7ATAB&v=APEucNUis8aA1dbwBpp0LvDC_E69UMX-qB_R2Rel0g1evXznoErkmKGeyFWG7PeT0L6x1PaYMAuiQzmrk9gmkLl3AMyPuZImwjNjsJcbnTV0vNl_UBZaNYH-tuQXmA8UdCdHrTKICcZIjNP7uy56gWmt4RHS4pEgUPd6IYzGAqpUAhCHPmpmROg Protocol H2 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7o0iC686g0hLL1Gp7iIh4Hu6fZ0BOELUlYYlaQq%2FksXOAXXSMhhk2X2ghNPFHpbLOo2DZJfqEt5NixxK6MNb%2BovVPHu%2B9D0Pkv0fABP%2BH6disWTV3KJl7ApK56rNohQYJUAXcTe6%2FjSkA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 822494b4fd102c36-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oeNcRVTHnXJgsq%2BvMClDEc5VrwSuLM57NoXXJBcc7JLKL%2FrZGjVVSylA5L6Q%2FzBwLZYNilynXM%2F8SC7PyN3uPrbVVm4RbEDaDcsIXkBwyNIQsYe05EbZPzrsoAV2lk5UUGB1Ti0zfsBjJg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=45&external_user_id=CAESEJy5CrgLHLJI3oljh3s0awY&google_cver=1&C=1 cache-control no-cache cf-ray 822494b4ccd52c36-FRA alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 07D3 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUoEp1MsOIKIPIedVCYpzAAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGQuueepV4jjSCbiBp1ItkA&google_cver=1	43 B 734 B	31ms 30ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGQuueepV4jjSCbiBp1ItkA&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhClv9XzARjC5cz7ATAB&v=APEucNUis8aA1dbwBpp0LvDC_E69UMX-qB_R2Rel0g1evXznoErkmKGeyFWG7PeT0L6x1PaYMAuiQzmrk9gmkLl3AMyPuZImwjNjsJcbnTV0vNl_UBZaNYH-tuQXmA8UdCdHrTKICcZIjNP7uy56gWmt4RHS4pEgUPd6IYzGAqpUAhCHPmpmROg Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzHFbMFuCw7xU5YOITNrTNdO9l%2BDz6Gm9Ly2VtlrNy%2FqIlP5fIqsjfNN4zXFFiQJi1LQvi6DucfywWH22hTb%2F6H9JpzTAdiw46v707X2c1%2Fm5dvWUB4Ip3ZJeRa1GQslzwtg49rZzkkrzA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 822494b59b512c25-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGQuueepV4jjSCbiBp1ItkA&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame 07D3 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEM3-huGczXGWPkstUm33RqY&google_cver=1	43 B 846 B	22ms 22ms	Image image/gif	37.252.171.85 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEM3-huGczXGWPkstUm33RqY&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhClv9XzARjC5cz7ATAB&v=APEucNUis8aA1dbwBpp0LvDC_E69UMX-qB_R2Rel0g1evXznoErkmKGeyFWG7PeT0L6x1PaYMAuiQzmrk9gmkLl3AMyPuZImwjNjsJcbnTV0vNl_UBZaNYH-tuQXmA8UdCdHrTKICcZIjNP7uy56gWmt4RHS4pEgUPd6IYzGAqpUAhCHPmpmROg Protocol H2 Server 37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT an-x-request-uuid 6a282609-560e-426c-b667-378d7068003b server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 138.199.38.134; 138.199.38.134; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEM3-huGczXGWPkstUm33RqY&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 07D3 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzMzI3NTM4NDk1NTA4MTY2NQ%3D%3D	170 B 243 B	23ms 22ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzMzI3NTM4NDk1NTA4MTY2NQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhClv9XzARjC5cz7ATAB&v=APEucNUis8aA1dbwBpp0LvDC_E69UMX-qB_R2Rel0g1evXznoErkmKGeyFWG7PeT0L6x1PaYMAuiQzmrk9gmkLl3AMyPuZImwjNjsJcbnTV0vNl_UBZaNYH-tuQXmA8UdCdHrTKICcZIjNP7uy56gWmt4RHS4pEgUPd6IYzGAqpUAhCHPmpmROg Protocol H2 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT an-x-request-uuid 7f85c7de-e7e3-4a01-a832-f4a55cfe15d7 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzMzI3NTM4NDk1NTA4MTY2NQ%3D%3D x-proxy-origin 138.199.38.134; 138.199.38.134; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 50E2	624 B 242 B	98ms 75ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjIu7b3ATAB&v=APEucNUea_aQu6y3KBuolzOeJXCAIiUIu8IzYpzm25IW5pfk12ZZUk8mp2uhFNiO-vdl2GYraeSwZLaqJdn7iLaPChF5PL38wNMPvD4-HKLpgaFCeS3J6BBJ8urj0fLtBGk_9mwtNIp2gxOrIxo8vfLdK0RU7NqHB6z-kRmVj4TSxRa-lMsajOE Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699349669&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=1&bdt=740&idt=1&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=KBrT1t7WKy&p=https%3A//s.id&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699349669&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=1&bdt=740&idt=1&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=KBrT1t7WKy&p=https%3A//s.id&dtd=19 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 09:34:31 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 0A12	172 KB 61 KB	106ms 2ms	Script text/javascript	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 07:14:36 GMT content-encoding gzip x-content-type-options nosniff age 8395 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61485 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:43:57 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 08 Nov 2023 07:14:36 GMT
GET H3	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/ Frame 0A12	7 KB 3 KB	44ms 24ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/omrhp_fy2021.js Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 14:43:15 GMT content-encoding br x-content-type-options nosniff age 67876 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3071 x-xss-protection 0 server cafe etag 10674441169935035545 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 20 Nov 2023 14:43:15 GMT
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/ Frame 0A12	23 KB 9 KB	73ms 41ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231102/r20110914/abg_lite_fy2021.js Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 14:26:08 GMT content-encoding br x-content-type-options nosniff age 68903 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9286 x-xss-protection 0 server cafe etag 5170786266788330719 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 20 Nov 2023 14:26:08 GMT
GET H2	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 0A12	41 KB 14 KB	71ms 0ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 02:22:26 GMT content-encoding br x-content-type-options nosniff age 457925 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 01 Nov 2024 02:22:26 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 0A12	3 KB 1 KB	71ms 0ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699349669&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=1&bdt=740&idt=1&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=KBrT1t7WKy&p=https%3A//s.id&dtd=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:57:02 GMT content-encoding br x-content-type-options nosniff age 70649 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 20 Nov 2023 13:57:02 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame AAAA	1 KB 643 B	69ms 40ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699349669&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=1&bdt=740&idt=1&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=KBrT1t7WKy&p=https%3A//s.id&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 11246 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 06:27:05 GMT etag 48472445140208031 expires Wed, 08 Nov 2023 06:27:05 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 0A12	20 KB 8 KB	67ms 0ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699349669&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=1&bdt=740&idt=1&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=KBrT1t7WKy&p=https%3A//s.id&dtd=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:57:12 GMT content-encoding br x-content-type-options nosniff age 70639 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8543 x-xss-protection 0 server cafe etag 18034338113832500900 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 20 Nov 2023 13:57:12 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 0A12	0 0	75ms 0ms	Image text/html	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQLkV0Ci7FCjFomdx_Ipf3MZdxbPRHr-EI842VppMxRb18hyzZtyVf_tYPqfFYeuBfofocTWFiZc7SgMCFqfP8jw1RCWg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699349669&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=1&bdt=740&idt=1&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=KBrT1t7WKy&p=https%3A//s.id&dtd=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 0A12	190 KB 60 KB	81ms 11ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699349669&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=1&bdt=740&idt=1&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=KBrT1t7WKy&p=https%3A//s.id&dtd=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:31 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61127 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1699274420466708" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 07 Nov 2023 09:34:31 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0A12	42 B 63 B	87ms 58ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DNP1Qdd6kOt2kaK9jgdH0tB6itFevbjd9kzRT56HhQhWBavmuKpGPTNyxf9T7nWsltjZDBjoKzn_dThzYzdHDewB1ReGSelO_NsyzCQ-vuShftn4A Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699349669&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=1&bdt=740&idt=1&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=KBrT1t7WKy&p=https%3A//s.id&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 0EC3	38 KB 13 KB	50ms 0ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 350411 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 03 Nov 2023 08:14:20 GMT expires Sat, 02 Nov 2024 08:14:20 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	rum dsum-sec.casalemedia.com/ Frame 50E2 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGQuueepV4jjSCbiBp1ItkA&google_cver=1	43 B 340 B	27ms 26ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGQuueepV4jjSCbiBp1ItkA&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjIu7b3ATAB&v=APEucNUea_aQu6y3KBuolzOeJXCAIiUIu8IzYpzm25IW5pfk12ZZUk8mp2uhFNiO-vdl2GYraeSwZLaqJdn7iLaPChF5PL38wNMPvD4-HKLpgaFCeS3J6BBJ8urj0fLtBGk_9mwtNIp2gxOrIxo8vfLdK0RU7NqHB6z-kRmVj4TSxRa-lMsajOE Protocol H2 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFYRjLKzQ5A0HlqMZDtTM18j8pHKtoa6FFvLaKeMs9lNyfGkUbQjoQY7pRc8FBVRIYb7fVwE5n%2B6FITy49HtJM8D3yuxAzeuRi%2BZVZX%2FVK7QbQbpbQYIWHY2GN%2BeyWhktu9V7dWHA6CyQA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 822494b4fd0d2c36-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGQuueepV4jjSCbiBp1ItkA&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 50E2 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUoEp.dTC-bHNTtNwVeztgAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGQuueepV4jjSCbiBp1ItkA&google_cver=1&google_hm=2	43 B 771 B	29ms 29ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGQuueepV4jjSCbiBp1ItkA&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjIu7b3ATAB&v=APEucNUea_aQu6y3KBuolzOeJXCAIiUIu8IzYpzm25IW5pfk12ZZUk8mp2uhFNiO-vdl2GYraeSwZLaqJdn7iLaPChF5PL38wNMPvD4-HKLpgaFCeS3J6BBJ8urj0fLtBGk_9mwtNIp2gxOrIxo8vfLdK0RU7NqHB6z-kRmVj4TSxRa-lMsajOE Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RbSNYzLi13UfkHzJm2zmOIb3hom2Df%2FmzIwcpmRlLCtbayYn3%2FP0%2FW%2BLgUHqy0uL9f6vyZLeJYEsKVe6ruZHAg3n8LPPguICM6zi40QXsjCGBNeMv%2BnctDnNWVyqf6gugelAC7howEPEWQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 822494b59b502c25-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGQuueepV4jjSCbiBp1ItkA&google_cver=1&google_hm=2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame 50E2 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEM3-huGczXGWPkstUm33RqY&google_cver=1	43 B 846 B	19ms 19ms	Image image/gif	37.252.171.85 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEM3-huGczXGWPkstUm33RqY&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjIu7b3ATAB&v=APEucNUea_aQu6y3KBuolzOeJXCAIiUIu8IzYpzm25IW5pfk12ZZUk8mp2uhFNiO-vdl2GYraeSwZLaqJdn7iLaPChF5PL38wNMPvD4-HKLpgaFCeS3J6BBJ8urj0fLtBGk_9mwtNIp2gxOrIxo8vfLdK0RU7NqHB6z-kRmVj4TSxRa-lMsajOE Protocol H2 Server 37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT an-x-request-uuid 87eee4f0-2e8a-477f-ba40-4698dbbf5d21 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 138.199.38.134; 138.199.38.134; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEM3-huGczXGWPkstUm33RqY&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 50E2 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzMzI3NTM4NDk1NTA4MTY2NQ%3D%3D	170 B 188 B	18ms 17ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzMzI3NTM4NDk1NTA4MTY2NQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjIu7b3ATAB&v=APEucNUea_aQu6y3KBuolzOeJXCAIiUIu8IzYpzm25IW5pfk12ZZUk8mp2uhFNiO-vdl2GYraeSwZLaqJdn7iLaPChF5PL38wNMPvD4-HKLpgaFCeS3J6BBJ8urj0fLtBGk_9mwtNIp2gxOrIxo8vfLdK0RU7NqHB6z-kRmVj4TSxRa-lMsajOE Protocol H3 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT an-x-request-uuid 6cb3d334-33ec-415d-bd4d-d46d2f37f0c0 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzMzI3NTM4NDk1NTA4MTY2NQ%3D%3D x-proxy-origin 138.199.38.134; 138.199.38.134; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame F3EC	0 0	54ms 50ms	Fetch image/gif	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsszE9SI6Q77Fej8DRAMZ-qyUjcow3LqK4TiEez3jqOzjTx0LxURAHw9IxxBn_1o3QZADM4XelEhSX5qZZcpn-8b6MDpS5Qm4b4JmWY98_4R1qjyuq7GlfTotuNl-y6VfbtvNDx6hocd4aPT6kEui_UxPVWAz1l8LOR7hRdT6r9MBghMbjlnQwGVFmNFpvOCOktVJZs0ThQtgTG--hJR4xh_yWYpIoq7AQD5Cuz0dQRu8Tu7b2NjaSUcoPXOm4njmOUvjg-YcWMWsAfyw_ozAyAbUwqqzpOQYekEgmmUSuxRyNmsZOmpTdrVczYlDi3uwaFajO4mAu9eHwRzBYiAJbPUaVEAcv3_90tQa2ndJ2y7erOtRWg98-zRYI7q53t3ISGwnGC6aSejQyVE5TxoGio9uwNYisIF9SYq4ydvJSRr0mD9EFaVaiaeZD9JB4EAooKmlmKWemEcTYOUzuWMLiI7AHD2FrlQkUceu8hyMrRH_Pup2R-UW8OqxzdTfX7TG2zhNluYaoUqwWDGlBDumR0zFUk5-5cCfhytQ5CEQCqxRkvDHW4zNNQpLLGDBtjJwCxT7YXvM4qukZVr2ol0dDejkPTmeNqRUabixR686_iKELqj50ox5iD6sq-vo4VrM7faaCyCBPIs4YDmgHDmNYrmgf1VP1gZkCnNf5Y6ygMIwAKvAwtWBRMgWTjADuOfOP8_5WpvPe7sagt827C3062PmXYjQlqvqmDIDorr-HBrZY9f_P6kcUMezJsZPxi-gEirNdO5drp1jq0h3L-QP0rAYBAfQgLPZPy826YkESkqfYRGHTkYiKoVOWbMJ_DO6vk8xRlxJXenNXoOWDWIhgU6BIcKikoa_9mvybict2GglqKd5f1dTMtcbKekoLsI9V0tsst_b3xb7bKYNSQwRU0K_mmEmvKk8gSBzuAWHXE2NqMER3lQgOtzLmCDpNE9bz9Ovrpv6z-y9-wi4zkierehmDafmU5Mf1Pl3aaENC3FyxPIi5R32lF2EkDnCCQiQ5mtdxO6_ZkcmtHoFFfgaM0Vyon6PhgdmOMa0mWcuBVPqR3tp-yMM2F9BMXEjR3d8OLjGg5IyIlWRJEnv-2GtKlG5KEZNnZE2rML8IVzDgGyBcgfTM3d34KmWqsd248NUrsHmDo1WUySNguhr7nxeRimzcyPuVcyhgQ9-miRZToIaGAZXlHgU1L28XcuPwKaQQpQa_Dgz9jacheEVeI&sai=AMfl-YT44p-hIjwtN6cNinvwMPOSnBtJCoRSsRJPKfYszQLrwjkEKAS_uAqXwnzR5uCYyYGrxZpvtgX19AOMcokA1LJS0F0nsZpdMNYQK_rAPciAYSdCF5e9mEG7_CT5srtbmbTv9DQZ4lKt5FjpP5Am03uOKLouLjbIl7Ao1rXY1FZ8ArSuVkzjp3l0OdlxoyZW1c3uDA8QPBboFxWRzEPvqgOQyfCeF68ydam2PotM6mywpgwFn8nHtnd6h--ADMmDdNUobz1d7o78O_T9cMva-1MUjZ6NaGBsJ5q6DRzJbZZu5BMjYzpvDvLyWLsfXvNrIWsfI16-FizO4NuCOKPrVSxqdlbNwtPzBkIXZmKkmcFd-xzui3xDCRksrw-GxE4Rj_cAuT3de4129TG49wX9r22nwHBP&sig=Cg0ArKJSzLqyWHk8qlLBEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=226&vt=11&dtpt=224&dett=2&cstd=0&cisv=r20231102.87253&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:31 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET DATA	200 OK	truncated / Frame 0A12	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2fb03406864829252da3c745d5ac5ee844196f9c3242e15870921e86348dc055 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/png
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame A2A2	38 KB 13 KB	9ms 8ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 350411 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 03 Nov 2023 08:14:20 GMT expires Sat, 02 Nov 2024 08:14:20 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response pagead2.googlesyndication.com/bg/ Frame 0EC3	38 KB 15 KB	9ms 9ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 22:02:22 GMT content-encoding br x-content-type-options nosniff age 41529 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15096 x-xss-protection 0 last-modified Tue, 31 Oct 2023 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 05 Nov 2024 22:02:22 GMT
GET H2	200	dpixel cms.quantserve.com/ Frame AAAA	35 B 463 B	57ms 9ms	Image image/gif	2620:116:800d:21:ef75:8280:f209:5ba1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJt3HynO9mqjIIHPg9VKxAM&google_cver=1&google_push=AXcoOmQ0aUPHDqyeiKSZQdmud6umAdmwo765PXrzI50fwHg3o8iSnPFIf1NpJgony1eIFFn7d71rLfkRPyYRMp3HWhkN-_K1ECZjJA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699349669&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=1&bdt=740&idt=1&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=KBrT1t7WKy&p=https%3A//s.id&dtd=19 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	i.match s.tribalfusion.com/z/ Frame AAAA Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEK-ljBUu4Q9cBYSqMHKd_aE&google_cver=1&google_push=AXcoOmRpjPSVpjsBGkO8RTNDtzBE8IpoHTgcaa5RARqf4T3KFzNnMOnsN0de54MGhajzP3dbGy934hKJvEHSAXvyEbyyCzA_ml4dT... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK-ljBUu4Q9cBYSqMHKd_aE&google_cver=1&google_push=AXcoOmRpjPSVpjsBGkO8RTNDtzBE8IpoHTgcaa5RARqf4T3KFzNnMOnsN0de54MGhajzP3dbGy934hKJvEHSAXvyEbyyCzA_ml4...	43 B 424 B	185ms 168ms	Image image/gif	2606:4700::6812:18ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK-ljBUu4Q9cBYSqMHKd_aE&google_cver=1&google_push=AXcoOmRpjPSVpjsBGkO8RTNDtzBE8IpoHTgcaa5RARqf4T3KFzNnMOnsN0de54MGhajzP3dbGy934hKJvEHSAXvyEbyyCzA_ml4dTW8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRpjPSVpjsBGkO8RTNDtzBE8IpoHTgcaa5RARqf4T3KFzNnMOnsN0de54MGhajzP3dbGy934hKJvEHSAXvyEbyyCzA_ml4dTW8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699349669&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=1&bdt=740&idt=1&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=KBrT1t7WKy&p=https%3A//s.id&dtd=19 Protocol H2 Server 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 822494b6db63364e-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 713 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK-ljBUu4Q9cBYSqMHKd_aE&google_cver=1&google_push=AXcoOmRpjPSVpjsBGkO8RTNDtzBE8IpoHTgcaa5RARqf4T3KFzNnMOnsN0de54MGhajzP3dbGy934hKJvEHSAXvyEbyyCzA_ml4dTW8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRpjPSVpjsBGkO8RTNDtzBE8IpoHTgcaa5RARqf4T3KFzNnMOnsN0de54MGhajzP3dbGy934hKJvEHSAXvyEbyyCzA_ml4dTW8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 822494b5597a364e-FRA alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame AAAA Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPjqzyKZBK6eRjHd3KnYNI4&google_push=AXcoOmTdLNyH62u_eCP-Vc6q74ysKnA1RrOnju_y2ZjwlcVqUfUmGyt-GH...	170 B 188 B	17ms 17ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPjqzyKZBK6eRjHd3KnYNI4&google_push=AXcoOmTdLNyH62u_eCP-Vc6q74ysKnA1RrOnju_y2ZjwlcVqUfUmGyt-GHCTrzKsp6x16L8B5Q1mcktmeOKdKLPW8y2_NwvVSnNcxlI Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699349669&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=1&bdt=740&idt=1&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=KBrT1t7WKy&p=https%3A//s.id&dtd=19 Protocol H3 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers x-served-by cache-fra-eddf8230122-FRA pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) x-timer S1699349671.258131,VS0,VE100 x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" access-control-allow-origin * location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPjqzyKZBK6eRjHd3KnYNI4&google_push=AXcoOmTdLNyH62u_eCP-Vc6q74ysKnA1RrOnju_y2ZjwlcVqUfUmGyt-GHCTrzKsp6x16L8B5Q1mcktmeOKdKLPW8y2_NwvVSnNcxlI cache-control no-cache accept-ranges bytes content-length 0 x-cache-hits 0
GET H2	200	google match.adsrvr.org/track/cmf/ Frame AAAA	70 B 149 B	105ms 32ms	Image image/gif	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGdfMGT3Dllqpp6l3-V1rbs&google_cver=1&google_push=AXcoOmRtXGcL27XHN9HF2faYYhPSEgKEkkjCRuJnXi4eAsphODD7Swz8OhqrdpSKeBK9rb9xq87Uza0e5mrfj90ndsmwK-5wx0x98NA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699349669&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=1&bdt=740&idt=1&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=KBrT1t7WKy&p=https%3A//s.id&dtd=19 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:31 GMT server Kestrel content-length 70 content-type image/gif
GET H3	200	pixel cm.g.doubleclick.net/ Frame AAAA Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBS_wxTp7wkz0bplh6K02LM&google_cver=1&google_push=AXcoOmSmgfL1K4Msz-cxJtyaW3vsZIz4WKGHaMD8_pfTnqmq6rC51kv9PDGZZIorUcg6TjGPJcO_elrh4-Be9v29uNbhDzj... https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSmgfL1K4Msz-cxJtyaW3vsZIz4WKGHaMD8_pfTnqmq6rC51kv9PDGZZIorUcg6TjGPJcO_elrh4-Be9v29uNbhDzjyBLaVMw&google_hm=eS10eDhObXhSRTJwR3M5...	170 B 188 B	25ms 25ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSmgfL1K4Msz-cxJtyaW3vsZIz4WKGHaMD8_pfTnqmq6rC51kv9PDGZZIorUcg6TjGPJcO_elrh4-Be9v29uNbhDzjyBLaVMw&google_hm=eS10eDhObXhSRTJwR3M5YmhoZjJ1UjlrQ0VqdHJhR3VtZX5B Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699349669&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=1&bdt=740&idt=1&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=KBrT1t7WKy&p=https%3A//s.id&dtd=19 Protocol H3 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 07 Nov 2023 09:34:31 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSmgfL1K4Msz-cxJtyaW3vsZIz4WKGHaMD8_pfTnqmq6rC51kv9PDGZZIorUcg6TjGPJcO_elrh4-Be9v29uNbhDzjyBLaVMw&google_hm=eS10eDhObXhSRTJwR3M5YmhoZjJ1UjlrQ0VqdHJhR3VtZX5B content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame AAAA Redirect Chain https://d5p.de17a.com/cookies/google?google_gid=CAESEACThB-Cv0pAmCgNy1Qr5d0&google_cver=1&google_push=AXcoOmSPiraVB3XTLBD3IeNmlEIqAHvKNOBe2EARErEpBNCWjEPvF8A7o7mNS1ldAG48mG-MiCaYLH4l_22_T4_73ZIqoIx... https://d5p.de17a.com/cookies/google;c?google_gid=CAESEACThB-Cv0pAmCgNy1Qr5d0&google_cver=1&google_push=AXcoOmSPiraVB3XTLBD3IeNmlEIqAHvKNOBe2EARErEpBNCWjEPvF8A7o7mNS1ldAG48mG-MiCaYLH4l_22_T4_73ZIqo... https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSPiraVB3XTLBD3IeNmlEIqAHvKNOBe2EARErEpBNCWjEPvF8A7o7mNS1ldAG48mG-MiCaYLH4l_22_T4_73ZIqoIx1SsjWeQQ	170 B 188 B	31ms 30ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSPiraVB3XTLBD3IeNmlEIqAHvKNOBe2EARErEpBNCWjEPvF8A7o7mNS1ldAG48mG-MiCaYLH4l_22_T4_73ZIqoIx1SsjWeQQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699349669&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=1&bdt=740&idt=1&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=KBrT1t7WKy&p=https%3A//s.id&dtd=19 Protocol H3 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSPiraVB3XTLBD3IeNmlEIqAHvKNOBe2EARErEpBNCWjEPvF8A7o7mNS1ldAG48mG-MiCaYLH4l_22_T4_73ZIqoIx1SsjWeQQ content-length 0 p3p CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
GET H3	200	pixel cm.g.doubleclick.net/ Frame AAAA Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHqXjQqFfr5nA4lqeV3deWE&google_cver=1&google_push=AXcoOmQsjYvzYFRGF5xWcr765f9pR1OtlzRWQBd2hVTcUEoVj-o5FxdSOmzVONoGVzTsxiCOe6K-YKkv... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHqXjQqFfr5nA4lqeV3deWE&google_cver=1&google_push=AXcoOmQsjYvzYFRGF5xWcr765f9pR1OtlzRWQBd2hVTcUEoVj-o5FxdSOmzVONoGVzTsxiCOe6K... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU1ODM1ODQ0OTA4MzA0MTgzNA&google_push=AXcoOmQsjYvzYFRGF5xWcr765f9pR1OtlzRWQBd2hVTcUEoVj-o5FxdSOmzVONoGVzTsxiCOe6K-YK...	170 B 188 B	22ms 22ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU1ODM1ODQ0OTA4MzA0MTgzNA&google_push=AXcoOmQsjYvzYFRGF5xWcr765f9pR1OtlzRWQBd2hVTcUEoVj-o5FxdSOmzVONoGVzTsxiCOe6K-YKkv3_LlWWbCD0O6RYcNikA1lLA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699349669&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=1&bdt=740&idt=1&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=KBrT1t7WKy&p=https%3A//s.id&dtd=19 Protocol H3 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU1ODM1ODQ0OTA4MzA0MTgzNA&google_push=AXcoOmQsjYvzYFRGF5xWcr765f9pR1OtlzRWQBd2hVTcUEoVj-o5FxdSOmzVONoGVzTsxiCOe6K-YKkv3_LlWWbCD0O6RYcNikA1lLA access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame AAAA	0 12 B	16ms 15ms	Image text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J8EhnbBELkvV6_7rJDy3RY3u8x4zYd0T4QlQdHYf-Kka-HZ95p_TCek6ClCSJx5cANBAjO Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=60&slotname=7399768513&adk=3297015004&adf=3298726912&pi=t.ma~as.7399768513&w=500&lmt=1699349669&rafmt=12&format=500x60&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwrattr=false&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=1&bdt=740&idt=1&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C500x280&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&xpc=KBrT1t7WKy&p=https%3A//s.id&dtd=19 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:31 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	320x050.html Show response s0.2mdn.net/sadbundle/15863219371426971648/ Frame E052	47 KB 12 KB	21ms 19ms	Document text/html	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=zqDteglVnM&t=1&renderingType=2&ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 765b69bd873165c3d661be06ea9202b0f16f9296b593bae3f7ec9cc6168557b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 09:34:31 GMT expires Wed, 06 Nov 2024 09:34:31 GMT last-modified Wed, 15 Feb 2023 15:43:57 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 0A12	0 0	54ms 54ms	Fetch image/gif	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvWm8v12mitL3iqiEYyPvzjkPb8q2uWlHJ0akq9JnXa4ouMZwO8vWnkElQeKF49E4bUZHssRlTdEQd_6jVMLJFfSXqF99Ku1Tc2GlBzeWdFnCBcGSbOEUxUsBiJbyex7_4DvNA8BbmVuoStKo1KR8OCvzo23OsZQyALfDTXNA3xGjfBiBjuY1xNzdmQb_voq7R735g_AmNPLcQx354Pi1xs8Qnj0Y-zuDQMkqHQStnWuhu05WFxhJJAjZY1QOQTnlHgePzbTwSDbT2V02dsQKIoRYvUtgQAPx1SQ_lWjc078u3frVlLgOFtQP0za1poYrcB62-D0TUPn3w6yLRkyhzegR1vsoH8g4lnqNdZlVQ7_p40wQyavTJ4U47sJCX3xJrZEPy5qBUK_F583k_A68wohe80PJCAxY8EY5aN3rDe0IWHCtqZG6BMvtr6Bv2gdkgjCn024-MRrIWgQEO0OSMzEuZizBZ1EwSajzrHm5lHUW3nPEYVPvcusam_0fXgWGvWC0TDfG7s_pTKXnmMlsIKAcXHfmTPET1oy0YLHqjBHbcRBT5qykbGaTTqN9qwaCBdVtZXrHbZVnMbEVFBdsUdry3j3IhlxfMUhblP2yA7RO_J02TA-_Uc3DRlRFRw_4BAA7qbRuQp-ob0kUvVsrhEQTw5j2emoNz3WcGL6eZKJKm2JmFvoTVH-AICTy_AI1nKqBNGzZb3a49YSJ9ArfSIdxCAsbqXkh7D_XymxYSf96j7Y8_MyDUpz9-zAnj37SsVvqGkCCsh3jbGUH11OszMh83JFXWRGuJTKENplCGJvYwFirT_hl7ReVlKTIsO-1rNR3oE1ueNokzKlcN7VE9fqoWUD_Ioaf1c59e7VLwDo3UghqPXPyLIdUtoik7s9Cvhb9Zlo4Dp-tT0TCqkXSECdLbngtkxYw3lmXZbupXuMBgRJ3ScmQyng3E_zIEbwnCo8p423vUWC-sF5WNQ9DPt5xX1QFI9konjCu00_psvS0A0Zu9PxDd6Ig_Mqocjoj-glayP2WfOSiKoy7gfhKUi5k0IeDKnHhYAapoI_baiTy8l3c2XVlTWBj0zVIM6OH2vB-lx7yrUxa_GZM_mF5fzgctB3Ja_jYKsEh40KqjRhGH6g3jwnAa9nfTFfdzZbUH876UIbA-NL4H2g6gRgjJ9jTyXmOrT3JCAF5kAT_6ubbweDJ84wDohPzTf4DdDz3qksGBHxGXf7MSzE5tstYSs_sVBcLf4GBB1ddabCt5Nd3naVRFAsXgcuO_d_tT2yjA8EEwfA75gLLrcObrk_UcxtCXF&sai=AMfl-YTrjLDxAJIYItnFk_ivwAmklBxTdeUgWvZ8nKv3cRigr7I_vSmBnBoLgZMQd8Z3m4FPbTbFPQoT4B1POtBxJocZfAnG_ptc7_mKJCLeNfkMF2MSu05pJ_hRce0Zq4tYAO81El_8D0aKP2QBkcEl2haAomYiEM6tqMEE2DgNNdIhVL7zpvh6my09cVBfYrKXGH8biKKRGW_Hp7TbXJJbGFwehPCgCUHsd4kMiRvYwsuVCdXonUufyM7_qrnI-Q-LtdYfj4uD2GjT1ieQQvRcfzWr5GheyGJyk9lkLbmoBKdYJWcdDSS_MwYKm46_reDNk1fVnsGwKpW1CcCbj0kJk9uLpvBurtTmqQfI450O6Zm_TBia8FDjXoJiWs43oxyeYCSdDrrQi2vw3a1myUaZuGHl61rV3UtvPVX5j9QJSCpM69yANg&sig=Cg0ArKJSzE_8JFsWzeIoEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=254&cbvp=1&cstd=243&cisv=r20231102.87463&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Tue, 07 Nov 2023 09:34:31 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response pagead2.googlesyndication.com/bg/ Frame A2A2	38 KB 15 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 22:02:22 GMT content-encoding br x-content-type-options nosniff age 41529 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15096 x-xss-protection 0 last-modified Tue, 31 Oct 2023 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 05 Nov 2024 22:02:22 GMT
GET H3	200	Enabler_01_247.js Show response s0.2mdn.net/879366/ Frame E052	118 KB 40 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_247.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=zqDteglVnM&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=zqDteglVnM&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 04:40:24 GMT content-encoding gzip x-content-type-options nosniff age 17647 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41099 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:07 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 08 Nov 2023 04:40:24 GMT
GET H3	200	gsap_3.9.1_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame E052	63 KB 25 KB	18ms 18ms	Script text/javascript	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=zqDteglVnM&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=zqDteglVnM&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:31 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25329 x-xss-protection 0 last-modified Wed, 29 Dec 2021 19:08:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 07 Nov 2023 09:34:31 GMT
GET H2	200	main.19.8.458.js Show response static.adsafeprotected.com/ Frame F3EC	210 KB 65 KB	52ms 7ms	Script application/javascript	2600:9000:223f:6c00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/main.19.8.458.js Requested by Host: pixel.adsafeprotected.com URL: https://pixel.adsafeprotected.com/rjss/st/1684627/75968233/skeleton.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:6c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 04f44895e6e1176e6e98a25135be71a57d3e55a33623183114a31a0166a19c04 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 26 Oct 2023 20:21:12 GMT x-amz-version-id sdzXBL3P.lnLAccw3ZO3IW6gHZS.CO.3 content-encoding gzip via 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 998000 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Thu, 26 Oct 2023 16:02:02 GMT server AmazonS3 etag W/"42267cae2551f30d025f7cb1e89c9f73" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id xtA128zITcaswGGzgvenn_OKqzrzUuqTHnmsRPKN6FbAY8TNzue85Q==
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 8DB8	1 KB 643 B	7ms 6ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 11246 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 06:27:05 GMT etag 48472445140208031 expires Wed, 08 Nov 2023 06:27:05 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame F3EC	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8ede21f1a4a579ae9608a9cdfad417b6a5370139500ec45939c77b3ab38863d2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 0A12	0 0	45ms 44ms	Fetch image/gif	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvWm8v12mitL3iqiEYyPvzjkPb8q2uWlHJ0akq9JnXa4ouMZwO8vWnkElQeKF49E4bUZHssRlTdEQd_6jVMLJFfSXqF99Ku1Tc2GlBzeWdFnCBcGSbOEUxUsBiJbyex7_4DvNA8BbmVuoStKo1KR8OCvzo23OsZQyALfDTXNA3xGjfBiBjuY1xNzdmQb_voq7R735g_AmNPLcQx354Pi1xs8Qnj0Y-zuDQMkqHQStnWuhu05WFxhJJAjZY1QOQTnlHgePzbTwSDbT2V02dsQKIoRYvUtgQAPx1SQ_lWjc078u3frVlLgOFtQP0za1poYrcB62-D0TUPn3w6yLRkyhzegR1vsoH8g4lnqNdZlVQ7_p40wQyavTJ4U47sJCX3xJrZEPy5qBUK_F583k_A68wohe80PJCAxY8EY5aN3rDe0IWHCtqZG6BMvtr6Bv2gdkgjCn024-MRrIWgQEO0OSMzEuZizBZ1EwSajzrHm5lHUW3nPEYVPvcusam_0fXgWGvWC0TDfG7s_pTKXnmMlsIKAcXHfmTPET1oy0YLHqjBHbcRBT5qykbGaTTqN9qwaCBdVtZXrHbZVnMbEVFBdsUdry3j3IhlxfMUhblP2yA7RO_J02TA-_Uc3DRlRFRw_4BAA7qbRuQp-ob0kUvVsrhEQTw5j2emoNz3WcGL6eZKJKm2JmFvoTVH-AICTy_AI1nKqBNGzZb3a49YSJ9ArfSIdxCAsbqXkh7D_XymxYSf96j7Y8_MyDUpz9-zAnj37SsVvqGkCCsh3jbGUH11OszMh83JFXWRGuJTKENplCGJvYwFirT_hl7ReVlKTIsO-1rNR3oE1ueNokzKlcN7VE9fqoWUD_Ioaf1c59e7VLwDo3UghqPXPyLIdUtoik7s9Cvhb9Zlo4Dp-tT0TCqkXSECdLbngtkxYw3lmXZbupXuMBgRJ3ScmQyng3E_zIEbwnCo8p423vUWC-sF5WNQ9DPt5xX1QFI9konjCu00_psvS0A0Zu9PxDd6Ig_Mqocjoj-glayP2WfOSiKoy7gfhKUi5k0IeDKnHhYAapoI_baiTy8l3c2XVlTWBj0zVIM6OH2vB-lx7yrUxa_GZM_mF5fzgctB3Ja_jYKsEh40KqjRhGH6g3jwnAa9nfTFfdzZbUH876UIbA-NL4H2g6gRgjJ9jTyXmOrT3JCAF5kAT_6ubbweDJ84wDohPzTf4DdDz3qksGBHxGXf7MSzE5tstYSs_sVBcLf4GBB1ddabCt5Nd3naVRFAsXgcuO_d_tT2yjA8EEwfA75gLLrcObrk_UcxtCXF&sai=AMfl-YTrjLDxAJIYItnFk_ivwAmklBxTdeUgWvZ8nKv3cRigr7I_vSmBnBoLgZMQd8Z3m4FPbTbFPQoT4B1POtBxJocZfAnG_ptc7_mKJCLeNfkMF2MSu05pJ_hRce0Zq4tYAO81El_8D0aKP2QBkcEl2haAomYiEM6tqMEE2DgNNdIhVL7zpvh6my09cVBfYrKXGH8biKKRGW_Hp7TbXJJbGFwehPCgCUHsd4kMiRvYwsuVCdXonUufyM7_qrnI-Q-LtdYfj4uD2GjT1ieQQvRcfzWr5GheyGJyk9lkLbmoBKdYJWcdDSS_MwYKm46_reDNk1fVnsGwKpW1CcCbj0kJk9uLpvBurtTmqQfI450O6Zm_TBia8FDjXoJiWs43oxyeYCSdDrrQi2vw3a1myUaZuGHl61rV3UtvPVX5j9QJSCpM69yANg&sig=Cg0ArKJSzE_8JFsWzeIoEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=451&vt=11&dtpt=197&dett=3&cstd=243&cisv=r20231102.87463&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:31 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	OnAir-Bold.woff2 s0.2mdn.net/creatives/assets/4140742/ Frame E052	47 KB 47 KB	9ms 8ms	Font font/woff2	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2 Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=zqDteglVnM&t=1&renderingType=2&ev=01_250 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:23 GMT x-content-type-options nosniff age 8 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47676 x-xss-protection 0 last-modified Thu, 06 May 2021 11:38:39 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 07 Nov 2023 09:49:23 GMT
GET H3	200	OnAir-Light.woff2 s0.2mdn.net/creatives/assets/4140742/ Frame E052	46 KB 46 KB	10ms 10ms	Font font/woff2	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2 Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=zqDteglVnM&t=1&renderingType=2&ev=01_250 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:26:27 GMT x-content-type-options nosniff age 484 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46936 x-xss-protection 0 last-modified Thu, 06 May 2021 11:38:50 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 07 Nov 2023 09:41:27 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame E052	8 KB 6 KB	67ms 50ms	XHR application/json	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 22863372af0c469ac9f39de32db12e8d971d6d1f6e807ea1cdaacadc51be6738 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:31 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5833 x-xss-protection 0
GET H3	200	60005582_20210507060843268_Asset_Transparent.png s0.2mdn.net/ads/richmedia/studio/60005582/ Frame E052	2 KB 2 KB	11ms 10ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=zqDteglVnM&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 08:09:36 GMT x-content-type-options nosniff age 5095 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2040 x-xss-protection 0 last-modified Fri, 07 May 2021 13:08:43 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 08 Nov 2023 08:09:36 GMT
GET H3	200	60005582_20231030031114907_Neutral_320x050_02.png s0.2mdn.net/ads/richmedia/studio/60005582/ Frame E052	8 KB 8 KB	13ms 12ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20231030031114907_Neutral_320x050_02.png Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bdace6716ac8d1d1d5fb946588d9621b6e57915c478704823493808041c74990 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=zqDteglVnM&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:45:37 GMT x-content-type-options nosniff age 71334 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8210 x-xss-protection 0 last-modified Mon, 30 Oct 2023 10:11:15 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 07 Nov 2023 13:45:37 GMT
GET H3	200	60005582_20230831012213353_Neutral_320x050_03.png s0.2mdn.net/ads/richmedia/studio/60005582/ Frame E052	8 KB 8 KB	12ms 10ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230831012213353_Neutral_320x050_03.png Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ca6a545f2d1838c63df01e2524cf81a62c5d0b5ab354961fca9e42f5f676acbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=zqDteglVnM&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 14:45:32 GMT x-content-type-options nosniff age 67739 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8553 x-xss-protection 0 last-modified Thu, 31 Aug 2023 08:22:13 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 07 Nov 2023 14:45:32 GMT
GET H3	200	60005582_20230831012205999_Neutral_320x050_01.png s0.2mdn.net/ads/richmedia/studio/60005582/ Frame E052	9 KB 9 KB	14ms 12ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230831012205999_Neutral_320x050_01.png Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6ff10e38820fc13cd9c74933fb4ba85e1ac1683239e0471d1f17c6c3a38a3292 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=zqDteglVnM&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 14:45:32 GMT x-content-type-options nosniff age 67739 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9125 x-xss-protection 0 last-modified Thu, 31 Aug 2023 08:22:06 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 07 Nov 2023 14:45:32 GMT
GET H/1.1	200 OK	postview.gif portal.o2online.de/nws/img/ Frame E052	43 B 608 B	60ms 17ms	Image image/gif	141.101.90.97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_PEF_HAV_14123_PV&mediacode=30520114_4307561_376315632_145324559_DIV1006A20230925&ref=30520114_4307561_376315632_145324559_DIV1006A20230925 Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.101.90.97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Tue, 07 Nov 2023 09:34:31 GMT via 1.1 varnish-live-2-1 CF-Cache-Status HIT age 1510635 x-cache MISS p3p policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Connection keep-alive Content-Length 43 last-modified Mon, 16 Oct 2023 12:55:26 GMT Server cloudflare etag "2b-607d4eb83ab80" Vary Accept-Encoding Content-Type image/gif x-varnish 36076712 cache-control public, max-age=31536000 Accept-Ranges bytes CF-RAY 822494b75edf9b88-FRA Expires Wed, 06 Nov 2024 09:34:31 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8DB8 Redirect Chain https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPXp1ukUgmNYm3qmh14ZuJQ&google_cve... https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPXp1ukUgmNYm3qmh14ZuJQ&goog... https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WklsSEVVWWgxUjBpdEY1&google_gid=CAESEPXp1ukUgmNYm3qmh14ZuJQ&google_cver=1&google_push=AXcoOmTZmlwMEDgq6sYc0ik4DLI7O7FUyEQqREQMjLywXqi...	170 B 188 B	18ms 18ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WklsSEVVWWgxUjBpdEY1&google_gid=CAESEPXp1ukUgmNYm3qmh14ZuJQ&google_cver=1&google_push=AXcoOmTZmlwMEDgq6sYc0ik4DLI7O7FUyEQqREQMjLywXqiBsChgO0ZCpeYmoQlD4uDP1EKfdcgTYZKOcPIf_NiDSa_I5kLeTbEmPOQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H3 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 07 Nov 2023 09:34:31 GMT Strict-Transport-Security max-age=2592000; includeSubDomains Server PingMatch/v2.0.30-794-ga594423#rel-ec2-master i-062149d55703cc53e@eu-central-1a@dxedge-app-eu-central-1-prod-asg Location https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WklsSEVVWWgxUjBpdEY1&google_gid=CAESEPXp1ukUgmNYm3qmh14ZuJQ&google_cver=1&google_push=AXcoOmTZmlwMEDgq6sYc0ik4DLI7O7FUyEQqREQMjLywXqiBsChgO0ZCpeYmoQlD4uDP1EKfdcgTYZKOcPIf_NiDSa_I5kLeTbEmPOQ Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	i.match a.tribalfusion.com/ Frame 8DB8	43 B 399 B	218ms 216ms	Image image/gif	2606:4700::6812:18ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b6&u=CAESEPG3B1-MCnYo5_XWKrErwLQ&google_cver=1&google_push=AXcoOmTI7EYeXoolZuRXZUu_d2QvUAYtzNoiEA6IjWuyCRPgV9WDAtYWeJ63siG7zfRWPpa8kRBRGlgZlOZuRH8Qx9jEcpGV8S25mJk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTI7EYeXoolZuRXZUu_d2QvUAYtzNoiEA6IjWuyCRPgV9WDAtYWeJ63siG7zfRWPpa8kRBRGlgZlOZuRH8Qx9jEcpGV8S25mJk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 822494b73be0364e-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	google match.adsrvr.org/track/cmf/ Frame 8DB8	70 B 148 B	34ms 33ms	Image image/gif	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFyKGaK-m0r1libOBcpq2AI&google_cver=1&google_push=AXcoOmSORzk7Kq-61tb_qzy2Ui_mEPXd5-O3PkfiLZ_95AjzVe8KYOfnOTb38hXT-P7CS-E0klY0GYsR-JLrIbsddsCYlQx8psP-zIQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:31 GMT server Kestrel content-length 70 content-type image/gif
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8DB8 Redirect Chain https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEH1MRb2QFcNsjU7m4zPYMio&google_cver=1&google_push=AXcoOmQ_y2jxQS9y3uj3Pd9li94Zy49vGTDkAZXgiBjQm0r_inYTGFfG_v-fjy72jNW6EdzmhP7Os6_rvim7kM... https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5ODY1MTI2MTQyNTYxMjk1Mg%3D%3D&google_push=AXcoOmQ_y2jxQS9y3uj3Pd9li94Zy49vGTDkAZXgiBjQm0r_inYTGFfG_v-fjy72jNW6EdzmhP7Os6_rvim7kMmm1G...	170 B 188 B	17ms 17ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5ODY1MTI2MTQyNTYxMjk1Mg%3D%3D&google_push=AXcoOmQ_y2jxQS9y3uj3Pd9li94Zy49vGTDkAZXgiBjQm0r_inYTGFfG_v-fjy72jNW6EdzmhP7Os6_rvim7kMmm1GGljwhwqlhMzTM Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H3 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5ODY1MTI2MTQyNTYxMjk1Mg%3D%3D&google_push=AXcoOmQ_y2jxQS9y3uj3Pd9li94Zy49vGTDkAZXgiBjQm0r_inYTGFfG_v-fjy72jNW6EdzmhP7Os6_rvim7kMmm1GGljwhwqlhMzTM Date Tue, 07 Nov 2023 09:34:31 GMT Server nginx Connection keep-alive Transfer-Encoding chunked p3p policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8DB8 Redirect Chain https://ads.travelaudience.com/google_pixel?google_gid=CAESEEuubmzgfA6iXtMp2hc8xiw&google_cver=1&google_push=AXcoOmRJyJ7fO6fk9kwbnvl35wMVtWJVPpkfznPN4Wu6Dg0cpK8n8Mgb1xdP1AMVWc7nlbxK50uP6vla_cHbKTB8... https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NxK9ss1sQQYL546LQk81yg&google_push=AXcoOmRJyJ7fO6fk9kwbnvl35wMVtWJVPpkfznPN4Wu6Dg0cpK8n8Mgb1xdP1AMVWc7nlbxK50uP6vla_cHbKTB8BLPxqKb4zpM31A	170 B 188 B	17ms 17ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NxK9ss1sQQYL546LQk81yg&google_push=AXcoOmRJyJ7fO6fk9kwbnvl35wMVtWJVPpkfznPN4Wu6Dg0cpK8n8Mgb1xdP1AMVWc7nlbxK50uP6vla_cHbKTB8BLPxqKb4zpM31A Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H3 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 07 Nov 2023 09:34:31 GMT via 1.1 google x-engine-version 0.0.0 server nginx/1.21.6 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC" location https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NxK9ss1sQQYL546LQk81yg&google_push=AXcoOmRJyJ7fO6fk9kwbnvl35wMVtWJVPpkfznPN4Wu6Dg0cpK8n8Mgb1xdP1AMVWc7nlbxK50uP6vla_cHbKTB8BLPxqKb4zpM31A x-host tde-deliveryengine-production-bb588bf9-v7qsq alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	usersync.aspx dis.criteo.com/dis/ Frame 8DB8	43 B 363 B	54ms 12ms	Image image/gif	178.250.1.9 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS7PInrldqb8hfGzyQVbXRgKlJ7m3w5sTRD9qb9ZaTzIiXmHFnQZJ9FKsMkiFdpjsurh89eOHoVAl0gyYOMcRxxzbbJGNqEti8&google_gid=CAESEHFC48OvMYacgKb5mmCFgX4&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 254879 expires Tue, 07 Nov 2023 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8DB8 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG_EbQo32gEnmIB68LqriE4&google_cver=1&google_push=AXcoOmTmDmDxrk8cAsxS1cVZQzbr6edQ-ILxJXDwAk_K3Uc_P_AUV7aV1Sl9xASMeO0k8OGIgyXPw10V... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU1ODM1ODQ0OTA4MzA0MTgzNA&google_push=AXcoOmTmDmDxrk8cAsxS1cVZQzbr6edQ-ILxJXDwAk_K3Uc_P_AUV7aV1Sl9xASMeO0k8OGIgyXPw1...	170 B 188 B	18ms 17ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU1ODM1ODQ0OTA4MzA0MTgzNA&google_push=AXcoOmTmDmDxrk8cAsxS1cVZQzbr6edQ-ILxJXDwAk_K3Uc_P_AUV7aV1Sl9xASMeO0k8OGIgyXPw10VTjMtKEKVOnHxo4zU6QreOQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H3 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTU1ODM1ODQ0OTA4MzA0MTgzNA&google_push=AXcoOmTmDmDxrk8cAsxS1cVZQzbr6edQ-ILxJXDwAk_K3Uc_P_AUV7aV1Sl9xASMeO0k8OGIgyXPw10VTjMtKEKVOnHxo4zU6QreOQ access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 8DB8	0 12 B	15ms 15ms	Image text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J6zN9Odto99BcrQpkEKkr3jUdKHB3_xEaijsuDHOIAB7kykBcI4kBiAVY7jlX6HwOO8_zc Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:31 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	bubblespritesheettiny.png s0.2mdn.net/creatives/assets/4085730/ Frame E052	26 KB 26 KB	9ms 8ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=zqDteglVnM&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:26:51 GMT x-content-type-options nosniff age 460 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27068 x-xss-protection 0 last-modified Fri, 12 Mar 2021 15:44:55 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 07 Nov 2023 09:41:51 GMT
GET H2	200	skeleton.js Show response static.adsafeprotected.com/ Frame F3EC Redirect Chain https://pixel.adsafeprotected.com/rfw/st/1684627/75968233/skeleton.js?adsafe_url=https%3A%2F%2Fs.id&adsafe_type=g&adsafe_url=https%3A%2F%2Fs.id%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g... https://static.adsafeprotected.com/skeleton.js	17 B 463 B	6ms 6ms	Script application/javascript	2600:9000:223f:6c00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/skeleton.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H2 Server 2600:9000:223f:6c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 16 Jan 2023 03:51:51 GMT x-amz-version-id nylqTweorRThFHMBJSrf_fHcWx3KVKN3 via 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 25508561 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 17 last-modified Mon, 17 Aug 2020 23:54:35 GMT server AmazonS3 etag "53fab767ecbd3bf07990b10246befbd4" content-type application/javascript cache-control max-age=315360000 accept-ranges bytes x-amz-cf-id 3y9B3-KFse2V36iinkkn56NLF4KhLscwy2ejucJJi2edTC7WAmyHYA== Redirect headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT server nginx x-server-name app03.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/skeleton.js cache-control no-cache content-length 0
GET H2	200	sca.17.6.2.js Show response static.adsafeprotected.com/ Frame 51F5	91 KB 23 KB	7ms 7ms	Script application/javascript	2600:9000:223f:6c00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.6.2.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:6c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 21 Sep 2023 00:09:11 GMT x-amz-version-id go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy content-encoding gzip via 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 4094721 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 20 Sep 2022 19:21:34 GMT server AmazonS3 etag W/"1f3488247c90bb5de253d3d0cb3b7458" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id 6NlVchhbgFE03AEHNI8XrMhN1zaEe3xh85FIRQfGtEV3BvMk5WtcaA==
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame E052	17 KB 6 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:31 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 07 Nov 2023 09:34:31 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame F3EC	43 B 215 B	384ms 119ms	Image image/gif	2600:1f18:1aca:4281:c8d0:2194:599f:af64 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1684627&asId=4dba221d-3af5-e52d-2364-71b5c7a8a516&tv=%7Bc:thcG7k,pingTime:-3,time:252,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:180%7D,%7Bpiv:0,vs:o,r:l,t:251%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:252,n:251,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:180,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B88~1,0~0%5D,as:%5B88~300.250%5D%7D%7D,%7Bsl:o,t:251,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUUO2wa+11%7C12%7C131*.1684627-75968233%7C1311%7C13121%7C1313%7C1411%7C1412%7C14131%7C1414,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs,siq:182%7D&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:c8d0:2194:599f:af64 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT server nginx x-server-name dt24.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame F3EC	43 B 216 B	380ms 119ms	Image image/gif	2600:1f18:1aca:4281:c8d0:2194:599f:af64 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1684627&asId=4dba221d-3af5-e52d-2364-71b5c7a8a516&tv=%7Bc:thcG7m,pingTime:-6,time:254,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:254,n:251,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:180,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B88~1,0~0%5D,as:%5B88~300.250%5D%7D%7D,%7Bsl:o,t:251,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUUO2wa+11%7C12%7C131*.1684627-75968233%7C1311%7C13121%7C1313%7C1411%7C1412%7C14131%7C1414,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs,siq:182%7D&tpiLookup=ao:s.id*%2Cgoogleads.g.doubleclick.net*&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:c8d0:2194:599f:af64 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT server nginx x-server-name dt23.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame F3EC	43 B 215 B	363ms 120ms	Image image/gif	2600:1f18:1aca:4281:c8d0:2194:599f:af64 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1684627&asId=4dba221d-3af5-e52d-2364-71b5c7a8a516&tv=%7Bc:thcG7G,pingTime:-2,time:274,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:47,bdZ:486,beA:522,beZ:524,mfA:683,cmA:685,inA:685,inZ:690,prA:690,prZ:696,si:704,poA:705,poZ:724,cmZ:724,mfZ:724,loA:776,loZ:778,ltA:796,ltZ:796,mdA:524,mdZ:586%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.268,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:180%7D,%7Bpiv:0,vs:o,r:l,t:251%7D,%7Bpiv:100,vs:i,r:,t:273%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1,o:273,n:251,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:180,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B88~1,0~0%5D,as:%5B88~300.250%5D%7D%7D,%7Bsl:o,t:251,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B21~0%5D,as:%5B21~300.250%5D%7D%7D,%7Bsl:i,t:273,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUUO2wa+11%7C12%7C131*.1684627-75968233%7C1311%7C13121%7C1313%7C1411%7C1412%7C14131%7C1414,idMap:131*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:182,sinceFw:91,readyFired:true%7D&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:c8d0:2194:599f:af64 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT server nginx x-server-name dt20.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response pagead2.googlesyndication.com/bg/ Frame 0CDC	38 KB 15 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 22:02:22 GMT content-encoding br x-content-type-options nosniff age 41529 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15096 x-xss-protection 0 last-modified Tue, 31 Oct 2023 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 05 Nov 2024 22:02:22 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0EC3	0 20 B	43ms 42ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bb8U5pQRKZe74N6udiM0PjdCNsAMAAAAAOAHgBAI&bg=!NjWlNXrNAAb4oU7C2KE7ADQBe5WfOKKwnSN2zb7_IhpzF3m0qD23bNzn6fcmkpv1pxvaw7ewD2sJlpBHx0g0hQRZf6NJAgAAAXRSAAAAB2gBB5kDNN16PGB28FaARyaFJ20srTFlwHBKkHjYGrZNEq1Akr3oWzTWIc9j10z51-ke-U-rcYZ42z3JhVaLdQwU2rFy_VOnrN0JYvnXQ1v-s-qYjJySxLr-lSDSZ02wj67lBGmgKZlj7_vQLev5LTSnX62qKRxLwCQkf3d35PPyOi44wYsvknb2ftCpiOOp_AqU7j16JnaFsM45XbmTY0LTtYYvXgzlBBU_TJAsXT56zLe9s2yPk73cGvCtpEVHMhpou3JHmYVzuA3yQknvGKl9raxlaP1fZ0ulQ6gTp4Ww04dmCN4w_30a-PhWO63OJEucAjYu76yzkNo0HkIRTpCJZMU2doNuCcDyUFITcDDUXWxbxV-OpTVfnZx2IPYHyn1bib3RAnbLZLTQ8SOgtIe6J-5ythgJAt710W8j4YFp3huHDFaUBoSIg34fpjPFYHypvfx4tb7TXwwELoT0cUffPdEVbaBs4KVIHT68E2lPVPul0MlDiWfh8IyZg6rgaZjsLdf3YKkAAagu-3QLrp19rYH-6X0y_ujMClwRsBcReh8OpVG_emDsJqVYFVYMxkWqedEsnbgBwpJU2yVoO8Sx1PtRpSZo__zMIJcQ4pQQd9cL5bOcDhqbudZdq9MiLs-KT3nKY99qWF4X0TaL117KNc5GNadiZihtYQk1WOLMgaeIGvQQXuvNA7T2Mto37LmvS3jtA15lZwn5B3OOmN4LNK9kCNPHVKhEjlk-zGmuUCbMAEiKFomEZrxw5jHJJQUffCzpzsDygwpl_Qr3F4TcLZtmioZfSikhuCzDTMNZnXG6k7a2tir4e6ia_9iZIRi86KhnVVnhoHormVHhIs5IT8cTi9fyRG-hxUXcbsFCN1ZDVtfrNhiYIpF8T0ggNNu_ne8VsZXpgT2V9scwaZOHjYolmWR6HPAbYB--r6lesNEzWI-FzwPQWIZQgKAmYeCN61APHjmc3w9btw13QvIm18KKNuItkKlAD4MbPoGRpQMQGPR3AfodHS00SMAo7dKXjS-4VuiyX3fGgTtKmpi9ob-Us6mEEkUgRELGBoQ3SlY7vnXJjyqo1_Ep5oUw_rpBLMIB6-a6aXY Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame A2A2	0 20 B	43ms 43ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BGDWDpQRKZYjWOMeRiM0P_rmOuAgAAAAAOAHgBAI&bg=!ammlaSbNAAb4oU7C2KE7ADQBe5WfOFEgh7nJbZGtNI5fWg4qnCfBJV8EIwD3XnR_aV0R81TNWQQUtCRdBgKM2_75bDk9AgAAAURSAAAABWgBB5kDOO3T7lvAgGjNcAE3jooCCig7vobMLIEj7uMk5KU06hYdAQTtKsCwrP8zBT1Lg1weDUy9mi2bD3lBhpPRJZMhfAIBrpVhnmNBdT3isB4WKXCP4ofBCpTm-8J6J-L-261Cd8dZPqVBsJ83GrhVryebFLiFwJREj91nmyWwsQnVh63KOLMFMkqoTllpV-nTRIUMLwL6gmYuA96720JmWHHzujyw23tZyNc_Cvrv1myeVm7ySxqDBy1Bx53IkVRNBNFkjpy_2Q1DBTWWut-_pLgighLtvPzXCLsc5HIRh0gEdkFvnShRiomKewQNr5EoqUTiEZRpLR8-VwXNLnfRF3voJ9c-WxYaoTE9c5f9sK84xFy5whfTc2Wl-3jEcidZ4pjC681vr8AQ0Jry3gZdGY-XlZw-Or1KZPXVxjJWwmAKQ3v_EqjvPHtRrC28wsS57-LTtkETcGzbxuiGfhpfU0WLYUUyuJVaRAW9XHsaZZJWp6Mn2vGooIDnbO5eMmK-24Val_tLyT54PqWm3u-GVJGc751fc-d68Jk0MZE00PzB-iE6YiW7rBD86ha_4QgmRGt9PIzrmEnIX4pE2O45fznWW7nTylpgmm1-GcZmsWloh9vNenst6VF0AOSlE5Wr4zQzWJhTcmZNxCg-RtAtkm9vC1o8f0XuWlqgYXOPDKf75QcqtNiAqxqVrRrNu3b2jKq4AYK1d5mLwRCAlzU1m99EFXrJg_eGzCN2tIkjlMxocQnZaUI3Rawy9f2ClsL2vh1aYum1rSYcZRRX-Nim31Y-kTPVFwzP123c1hp9t1PfR-sgziGEsd71Zj85HhovEkeFxRI8UMncshZ2Ce8bTy9hHJPVQKpBG8FhBvZ-voe_4SR0hERhqMmP5Hevfcjo9yKkOPVsYVNC68VUXdP72ZdAmSsjLySmljsfYO6IamezFQcBRno0Y1C8JGlv3sUnYdHbE0akizQ4REzg32toXmG3SIT-5xZX3mpFzEfR8rAAWL1n4Xr2VWKM8IOy3Madtx6WwCG507zEQtRfwSr1Zr6sOOa0dJLsevCeyT1CQgUu-FfrqdMzyEY5RoUXF2YT6nBk7bW3El28--Bb Requested by Host: s.id URL: https://s.id/seytaninkoli Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame F3EC	43 B 215 B	269ms 120ms	Image image/gif	2600:1f18:1aca:4281:c8d0:2194:599f:af64 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1684627&asId=4dba221d-3af5-e52d-2364-71b5c7a8a516&tv=%7Bc:thcG9c,time:368,type:e,im:%7Bimprf:%7Bttecl:804,ecd:126,tsecr:20%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:95,o:273,n:251,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:180,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B88~1,0~0%5D,as:%5B88~300.250%5D%7D%7D,%7Bsl:o,t:251,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B21~0%5D,as:%5B21~300.250%5D%7D%7D,%7Bsl:i,t:273,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B95~100%5D,as:%5B95~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tUUO2wa+11%7C12%7C131*.1684627-75968233%7C1311%7C13121%7C1313%7C1411%7C1412%7C14131%7C1414,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs,siq:182,sis:328%7D&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:c8d0:2194:599f:af64 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:31 GMT server nginx x-server-name dt27.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame F3EC	43 B 215 B	170ms 169ms	Image image/gif	2600:1f18:1aca:4281:c8d0:2194:599f:af64 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1684627&asId=4dba221d-3af5-e52d-2364-71b5c7a8a516&tv=%7Bc:thcGcB,pingTime:-10,time:579,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjEwNSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1699349672005%7C%7Ccaa7412cbaab25f25b2120dadc47d099%7C%7Cadc68e3ec772ef714cd200e23f927f85%7C%7C834508f7030dac8b239ad3fd5fceb913%7C%7Cace0ef33a4951d360d74019f6e761fdd%7C%7C4eae1788b916c12346e5bd091d40c1ee%7C%7C92c044c94a6a38c136eb78799362da64%7C%7Cbe19aee49cbdfaaf734eb8044f24ad77%7C%7C1663701684%7D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2742216534640545&output=html&h=280&slotname=7246512857&adk=2068013325&adf=2071597077&pi=t.ma~as.7246512857&w=500&fwrn=4&fwrnh=100&lmt=1699349669&rafmt=1&format=500x280&url=https%3A%2F%2Fs.id%2Fseytaninkoli&adtest=off&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699349669870&bpp=2&bdt=739&idt=-M&shv=r20231102&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7644190641501&frm=20&pv=1&ga_vid=1842331448.1699349670&ga_sid=1699349670&ga_hid=2107663078&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=833&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079345%2C44807047%2C44807454%2C31078301&oid=2&pvsid=3583301131410934&tmod=968169148&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=CZcrTJepOn&p=https%3A//s.id&dtd=12 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:c8d0:2194:599f:af64 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:32 GMT server nginx x-server-name dt25.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	57ms 56ms	XHR application/json	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231102&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 073eedb1fe4d0e16dea0cb2beb25b3294beb70204b854d8aa3ca5d35a39348b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:32 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12198 x-xss-protection 0
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=s.id Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:32 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 07 Nov 2023 09:34:32 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame AB0D	13 KB 5 KB	8ms 7ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 26515 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 02:12:37 GMT expires Wed, 06 Nov 2024 02:12:37 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame E705	829 B 561 B	18ms 18ms	Document text/html	2a00:1450:4001:810::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash ee00e86d5e00d65d7d4d828049f8025b3c6d232291d08c0abeeac247a249e325 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-MKGmClV4ANBO_rI99bQnFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://s.id/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-MKGmClV4ANBO_rI99bQnFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 09:34:32 GMT expires Tue, 07 Nov 2023 09:34:32 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response pagead2.googlesyndication.com/bg/ Frame AB0D	38 KB 15 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 22:02:22 GMT content-encoding br x-content-type-options nosniff age 41530 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15096 x-xss-protection 0 last-modified Tue, 31 Oct 2023 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 05 Nov 2024 22:02:22 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame E705	0 0	40ms 40ms	Image text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231102&jk=3583301131410934&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame AB0D	0 10 B	7ms 6ms	Image text/plain	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?el9rmw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:34:32 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 0A12	42 B 64 B	50ms 50ms	Fetch image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNWgZgnY4xNpu9woT8jwKj55ikYMImKHuij5VmmtjBK8J1MQb74Gq1ondjQyYc8s8_hqy62fkE_e8m6fMIL1EPjbuLHp2KtZZi-yhxVHjLAFqGgLbWSdP2EhGbJd7P3gCMdTddyJFhvXde&sai=AMfl-YR66nFZsRlvYvDAc_qpROLnRW-INFG-ZNbuQLEDaIbYIlKaa8Lsk9GRP7m-upV7d8bPrHxwndEetH6rPN6VFbenVZshueofWH_XqVOQqKTyjvxdz-K6vsyCe7o&sig=Cg0ArKJSzJIJYXfVl-pKEAE&cid=CAQSOwDICaaN0JF6x4ELMQUAMpf-B-j1L2MPHxnaOJPoFPS2YSh4crquA5ccnQtGHMfPgpGlPEUxoQg1v4vPGAE&id=lidar2&mcvt=1008&p=0,0,50,320&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3297015004&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699349671007&rpt=340&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:32 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame F3EC	42 B 64 B	49ms 49ms	Fetch image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLREl8f5xV-vmyH0dLLsVg8cM1TzP-A3WWd1URaFetj8taKUF0ZfxqXTfctwGIiC6EUCMz5DvRgXOcsqH1jyKD878yuVCpToiheqYWZWDqEij9wEqrfAP--CqaHpq-LdPThrWfyes4yUGo&sai=AMfl-YQzi3KB15JHxOlJUf6TP8Nsuvqad73DGGRmFwWYOKttkqVuGHUP4okLatgMy-ISvNEUUpWUuhjWkJk6uqP-ZYJV1xetGT6t7xu1uzl_AmG9RH7TNeuDy0b93vRE&sig=Cg0ArKJSzIqFdh947tgrEAE&cid=CAQSPADICaaNP-E2tM4Hnu46whXYT3Vt8frQZ0Maj8Xyom1uF65dCnBLhCNzATa2nVDa3INsZe2cLHr79yZ1LxgB&id=lidar2&mcvt=1000&p=0,0,268,300&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=0.93&if=1&vu=1&app=0&itpl=20&adk=2068013325&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699349670905&rpt=549&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:32 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame F3EC	43 B 215 B	119ms 119ms	Image image/gif	2600:1f18:1aca:4281:c8d0:2194:599f:af64 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1684627&asId=4dba221d-3af5-e52d-2364-71b5c7a8a516&tv=%7Bc:thcGnO,pingTime:1,time:1274,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:180%7D,%7Bpiv:0,vs:o,r:l,t:251%7D,%7Bpiv:100,vs:i,r:,t:273%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1001,o:273,n:251,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:180,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B88~1,0~0%5D,as:%5B88~300.250%5D%7D%7D,%7Bsl:o,t:251,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B21~0%5D,as:%5B21~300.250%5D%7D%7D,%7Bsl:i,t:273,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:173,fm:tUUO2wa+11%7C12%7C131*.1684627-75968233%7C1311%7C13121%7C1313%7C1411%7C1412%7C14131%7C1414,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs,siq:182,sis:328%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:c8d0:2194:599f:af64 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:32 GMT server nginx x-server-name dt25.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame F3EC	43 B 215 B	120ms 119ms	Image image/gif	2600:1f18:1aca:4281:c8d0:2194:599f:af64 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1684627&asId=4dba221d-3af5-e52d-2364-71b5c7a8a516&tv=%7Bc:thcGnO,pingTime:1,time:1274,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:180%7D,%7Bpiv:0,vs:o,r:l,t:251%7D,%7Bpiv:100,vs:i,r:,t:273%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1001,o:273,n:251,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:180,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B88~1,0~0%5D,as:%5B88~300.250%5D%7D%7D,%7Bsl:o,t:251,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B21~0%5D,as:%5B21~300.250%5D%7D%7D,%7Bsl:i,t:273,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:173,fm:tUUO2wa+11%7C12%7C131*.1684627-75968233%7C1311%7C13121%7C1313%7C1411%7C1412%7C14131%7C1414,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs,siq:182,sis:328%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:1aca:4281:c8d0:2194:599f:af64 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:32 GMT server nginx x-server-name dt26.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	43ms 43ms	Image text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231102&jk=3583301131410934&bg=!FxSlFFvNAAb4oU7C2KE7ADQBe5WfOCa3ptuuSqRlMAfL7UGWa4ft-T5CEfsNVcKu3IbDmBdwVAYnobpZZmoT_fl15Y8NAgAAAEVSAAAABmgBB5kC65Pr0CQSxz7O5gAxBCgS4cy9F7i2oYymFY0_5b3Yk5HgNxVsJFA_nXYWS4Qk2oHiMOn8Cw3zfz7v_ue51Mn0p5YlZPFEWE7WIm1No6Rzp93DQZ52sohCEHkQkdIhF2D9LhMSypJNkVfjyB0XfqEVQ6QwGjKFMnTdYN0I6pRR0_D5OMnV279dPLFtP4zvFlwJoRrq-AFo-fxcx2dShOWMDdSBMgtvI7zewU7U8nC4-rzn_LE7NLvvJILqncJDD8VtO-WKqGrM7GqUSpr-lmOgZfYHXQpJBdi8xa8jsfuDmF9XPEJ8I6VF7TdviRcUmnAfB6mIQcISBMlfWvIEGcBi9gqUKSFSxso8YJdmNI4IgC6omQb1aQjm4IOo3icJFO0f0vlhQ8ziABVrsiXrUyxUXinwgXg8aAytbUJE7Didyff2ZCMHX_ZtdEU0JcltChLGIRmbRsKc2UwLMpOUp9tQ71jf7qoxysV4pHVqveLqNmKCYttKSQ_9kNyaNrcz7078DRNksuq-Jk1qkolfujhtFlB60c3wyh35pkpoegoOKFI-8j51uaP-CwpUmpdHnBz4Kep1rG-m1C-OlmpcJ2VDhOdY730-hzLraCZszG1H_-TSG5meKmWFzUtvyXV3PYw2pc1hZFxMJPmHC0F5VsaVW-RNkAdzYa4qH1SHI1Sf-nitVv-uSXpBvkuBPS_Kk8NyVSWkbFLUbo-sqaNub5AnTfQp5R7gCLjziHaHF8OB57Hf6MI5iBPPyShV-Ip3vx0auPUkJN-xS8RF0Q6AHK-DIwXHQe5bFerf9O6HrRwtzrlRVgj74BYFuKIfXskZ0fO5Vi_u-FQ_UPyi-_oOaBhPVUK9b2JS6EC4SMN41H0huqujHjS_k_AIx30OjdzZjdRdF2lVZqxvYShSXajfymeRfBLnAkheLP7iUKSsH5tZW6JjpH6AQBEcdQwE0CIIJXAjwZLCZFeB0sfBEbfTGrleOTHWWdigdyVyq2KYnw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers
POST H2	204	collect region1.analytics.google.com/g/	0 55 B	15ms 14ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-GTE5CBQ89K&gtm=45je3b60v889124241&_p=1699349669865&gcd=11l1l1l1l1&cid=1842331448.1699349670&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1699349669&sct=1&seg=0&dl=https%3A%2F%2Fs.id%2Fseytaninkoli&dt=Arac%20Hasar%20%26%20KM%20Sorgulama%20Hizmeti&en=scroll&epn.percent_scrolled=90&_et=26&tfd=7672 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GTE5CBQ89K Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://s.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 09:34:35 GMT server Golfe2 content-type text/plain access-control-allow-origin https://s.id cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT