pemerintahkota.com Open in urlscan Pro
2606:4700:3037::6815:520 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pemerintahkota.com:443/
Effective URL:
https://pemerintahkota.com/
Submission: On September 14 via api (September 14th 2023, 7:52:19 am UTC) from ID — Scanned from DE

Summary HTTP 64 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 12 domains to perform 64 HTTP transactions. The main IP is 2606:4700:3037::6815:520, located in United States and belongs to CLOUDFLARENET, US. The main domain is pemerintahkota.com. The Cisco Umbrella rank of the primary domain is 989661.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 27th 2023. Valid for: a year.

This is the only time pemerintahkota.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	2606:4700:303... 2606:4700:3037::6815:520	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
1	2606:4700:10:... 2606:4700:10::6814:91f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	149.56.240.27 149.56.240.27	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:402... 2607:f8b0:4025:815::2003	15169 (GOOGLE) (GOOGLE)
1	64.233.184.157 64.233.184.157	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:26::9	15169 (GOOGLE) (GOOGLE)
64	17

22 2606:4700:3037::6815:520 (United States)

ASN13335 (CLOUDFLARENET, US)

pemerintahkota.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.pemerintahkota.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:91f (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.27 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534106.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4025:815::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.184.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:26::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5lznls.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	pemerintahkota.com pemerintahkota.com — Cisco Umbrella Rank: 989661 app.pemerintahkota.com	218 KB
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 152	338 KB
4	gstatic.com csi.gstatic.com	396 B
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 56 imasdk.googleapis.com — Cisco Umbrella Rank: 501	133 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 47 bid.g.doubleclick.net — Cisco Umbrella Rank: 949	60 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1293 r4---sn-4g5lznls.c.2mdn.net — Cisco Umbrella Rank: 433757	962 B
2	histats.com s10.histats.com — Cisco Umbrella Rank: 12396 s4.histats.com — Cisco Umbrella Rank: 12421	5 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 364	41 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1183	610 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 44	256 B
1	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 2511	38 KB
64	12

	Domain	Requested by
20	pemerintahkota.com	pemerintahkota.com
11	pagead2.googlesyndication.com	pemerintahkota.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
9	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net imasdk.googleapis.com
4	csi.gstatic.com	imasdk.googleapis.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	r4---sn-4g5lznls.c.2mdn.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	cdn.jsdelivr.net	app.pemerintahkota.com
2	app.pemerintahkota.com	pemerintahkota.com app.pemerintahkota.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	www.google-analytics.com	pemerintahkota.com
1	s10.histats.com	pemerintahkota.com
1	ajax.aspnetcdn.com	app.pemerintahkota.com
64	18

This site contains links to these domains. Also see Links.

Domain
dinaspendapatan.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-27` - `2024-02-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
histats.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-08-29` - `2023-11-07`	2 months	crt.sh

This page contains 9 frames:

Primary Page: https://pemerintahkota.com/
Frame ID: 9FD92B09C1D15F7BC618D4FC94BE1821
Requests: 31 HTTP requests in this frame

Frame: https://app.pemerintahkota.com/LandingP2/
Frame ID: FA23D29700F077FD87CC2DEA473A0471
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230912/r20190131/zrt_lookup.html
Frame ID: D444429439472D3D7CFC40E8EF96E429
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4421926339437546&output=html&adk=1812271804&adf=3025194257&lmt=1694670736&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fpemerintahkota.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694677935865&bpp=4&bdt=1555&idt=230&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6896771606071&frm=20&pv=2&ga_vid=2076130509.1694677936&ga_sid=1694677936&ga_hid=882984229&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31076839%2C44796700%2C20222282&oid=2&pvsid=1887539195735270&tmod=1988778200&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=253
Frame ID: 4FE7B7265803A4A9B20B340A3EB18B92
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6277D5F1C8892AE78E79839420071029
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 598D3462A5856C4186E0B8EC84C4521E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230912/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5E7338BB83672D2BBE4B3C2A794BEC39
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/abg_lite_fy2021.js
Frame ID: A08B9CDC8FA61BDF7BF081EEA28FDAE1
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: A08C4286897FE8150CDE189C73910F9F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Website Informasi Pajak Motor dan Pajak Mobil - Pemerintah Kota

Page URL History Show full URLs

http://pemerintahkota.com:443/ HTTP 307
https://pemerintahkota.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

64
Requests

98 %
HTTPS

82 %
IPv6

12
Domains

18
Subdomains

17
IPs

3
Countries

835 kB
Transfer

2637 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://dinaspendapatan.com/
Title: dinaspendapatan.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pemerintahkota.com:443/ HTTP 307
https://pemerintahkota.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://gcdn.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726213936/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/AECFB7A7BCE383542B886A00F91D3686317E2BA2.AD1078CD0D57B986133396649CBC57925A9955A8/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5lznls.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726213936/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7E1DA41FA2AB8BBF8049CAA3F989E1F3E51C6E35.60D24F81B6E0BB18162501576D8B519DF58A6E42/key/cms1/cms_redirect/yes/mh/qX/mip/2001:1b60:1010:3:1012:f83f:6017:32aa/mm/42/mn/sn-4g5lznls/ms/onc/mt/1694677036/mv/u/mvi/4/pl/29/file/file.mp4

64 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
pemerintahkota.com/
Redirect Chain

http://pemerintahkota.com:443/
https://pemerintahkota.com/

152 KB
32 KB

3092ms
2925ms

Document
text/html

2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pemerintahkota.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6ae92152c0e92d8e59192ac9e393cf2359f7df5f1b398231d9a861c0d0419dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-apo-via: origin,no-cache
cf-cache-status: BYPASS
cf-edge-cache: cache,platform=wordpress
cf-ray: 80670c8f2ccb1c73-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 14 Sep 2023 07:52:14 GMT
link: <https://pemerintahkota.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbL4Kw03%2FeNOqMkg96INA3D7fxXi7apbqhNidsgl89XTalnhOPqDEJ3m6QxQacsw4eFeyn9%2FgiyEQ5jOg7erc3k4iYnJNq31oVqM0pmnb8UOgm9Tdw7xOpLjWNou5S66%2FOnQgDfOlYUGp69c0FESiJs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://pemerintahkota.com/
Non-Authoritative-Reason: HSTS

GET
H2 200 rocket-loader.min.js Show response
pemerintahkota.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 25ms
23ms Script
application/javascript 2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pemerintahkota.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: pemerintahkota.com
URL: https://pemerintahkota.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 Sep 2023 13:04:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ff1056-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQ9jRZpjutEdxaYp1mWLV7KewQpA2TSyh6Ye%2BIMKfrp61HdEogXCYMx0Du72vbuNfUa8YgHacRg15SMwfXYi8CUA2H8L2MBMghhxqd%2BjyHrtVZXVxWuta0LXUpWNI9ZiKBePQ795x9fC3nwQ23PPkHU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 80670ca18a521c73-FRA
expires: Sat, 16 Sep 2023 07:52:14 GMT

GET
H2 200 style.min.css
pemerintahkota.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 34ms
33ms Stylesheet
text/css 2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pemerintahkota.com/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: pemerintahkota.com
URL: https://pemerintahkota.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 712001
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 17 May 2023 00:24:01 GMT
server: cloudflare
etag: W/"64641ea1-17ced"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdkJ3amCQHuFimZXFvtgkMJRPG%2F%2FPg3aBkL6OInC4RxtIa0CQOAwcCrVRrAKIFz%2BG2LS7Svw8mCqO0m1ilI9%2FGWhMv6XQRT6bUaiCWHEQjPM%2FDqHb68FRGmNLsVG%2BUjRewpLRgvvoaJSj8tL%2F7jBb7k%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 80670ca18a541c73-FRA
expires: Thu, 05 Sep 2024 02:09:14 GMT

GET
H2 200 classic-themes.min.css
pemerintahkota.com/wp-includes/css/ 291 B
537 B 31ms
30ms Stylesheet
text/css 2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pemerintahkota.com/wp-includes/css/classic-themes.min.css

Requested by

Host: pemerintahkota.com
URL: https://pemerintahkota.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 712001
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 17 May 2023 00:24:01 GMT
server: cloudflare
etag: W/"64641ea1-123"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypG%2FR%2B%2FuBPb7h6OSaXZm1fD5VKprfbt7Zs%2BCiHrbJM08seb4hH3t1021mhozwgAl0tXYIME3ZqaFL7kiJOgqRO3pHCChlWz9YAbSgesZ3JB8JIEPFMXL14hvqz1rHx%2FyUavrOCw%2B2Wq0abEY%2FgRThhQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 80670ca18a561c73-FRA
expires: Thu, 05 Sep 2024 02:09:14 GMT

GET
H2 200 wp-quiz.css
pemerintahkota.com/wp-content/plugins/wp-quiz-pro/assets/frontend/css/ 37 KB
8 KB 33ms
32ms Stylesheet
text/css 2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pemerintahkota.com/wp-content/plugins/wp-quiz-pro/assets/frontend/css/wp-quiz.css?ver=2.1.11

Requested by

Host: pemerintahkota.com
URL: https://pemerintahkota.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b43fe1f5fe20d8304f2fc279f83939160e461abc9d64d57f84a800dabf4e64d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 504767
cf-polished: origSize=38530
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 02 Sep 2022 00:54:52 GMT
server: cloudflare
etag: W/"6311545c-9682"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyNLt0c7Lb7ODBodXYJwDZJQ9vomatzrvi0%2Fn9Pf9npEHrrgcRMnJGeGi7Jb%2Fipfq0qu746c1uh2G910sgrKt8yXfnIawL%2F5obpV%2BNs9nrsoc5ZWLZmuUHyLNsyy1sBmdK022wUeAxpAUQuUoMUvoM8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 80670ca18a581c73-FRA
expires: Sat, 07 Sep 2024 11:43:09 GMT

GET
H2 200 all.min.css
pemerintahkota.com/wp-content/themes/generatepress/assets/css/ 31 KB
7 KB 32ms
30ms Stylesheet
text/css 2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pemerintahkota.com/wp-content/themes/generatepress/assets/css/all.min.css?ver=3.3.0

Requested by

Host: pemerintahkota.com
URL: https://pemerintahkota.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a494cb8a3fc5345ca81844d27d3e0834aa754aeaa0056f1710a1df56acd983c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20454
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Apr 2023 04:09:39 GMT
server: cloudflare
etag: W/"6427ae83-7a6b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=koLE0PrPSwYL4Id7wZGLniimwt1GciQMWqjRTo4JrpBWTq45pSTHRrYKgMDmQxnOgT9R3MXWkgyURFVL5%2BH6M0XogPYgWAq1REPFKwknvJMIRg3Uovr0Bsz%2FukBPBeJ7%2BRKIEzy28lafenDfq%2Fd1wqw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 80670ca18a591c73-FRA
expires: Fri, 13 Sep 2024 02:15:07 GMT

GET
H2 200 font-icons.min.css
pemerintahkota.com/wp-content/themes/generatepress/assets/css/components/ 3 KB
1 KB 29ms
28ms Stylesheet
text/css 2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pemerintahkota.com/wp-content/themes/generatepress/assets/css/components/font-icons.min.css

Requested by

Host: pemerintahkota.com
URL: https://pemerintahkota.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

584b10df5af4716257aae636285c55f27e9a970412fa831dd66023efabb84b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 504767
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Apr 2023 04:09:39 GMT
server: cloudflare
etag: W/"6427ae83-b94"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRGTuRcgwdABZTHaaMKSqCp0IJgh1Uuc6z1O6vwSWu7pplj%2FwpfoeGrsXyHo0Gz1GE4bvF7WajDGcmhTketmMgvW%2F4nAZFMrNE46JCickwuq%2FtiUG78ev1yk6KEY59q%2Fpz3mddIoHsxk%2BYodG1miLs4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 80670ca18a5c1c73-FRA
expires: Sat, 07 Sep 2024 11:43:09 GMT

GET
H2 200 featured-images.min.css
pemerintahkota.com/wp-content/plugins/gp-premium/blog/functions/css/ 3 KB
872 B 752ms
751ms Stylesheet
text/css 2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pemerintahkota.com/wp-content/plugins/gp-premium/blog/functions/css/featured-images.min.css?ver=2.2.2

Requested by

Host: pemerintahkota.com
URL: https://pemerintahkota.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cdc8768b77b752d62d488cda4d7917a5df5d334da0f7fa7c9f86aeae573923b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Dec 2022 07:39:30 GMT
server: cloudflare
etag: W/"63904332-cdd"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3z7xIhLAtW7PDy6riXznSuNAoMwptL2TAiUWU97bD5zwkIzM5lvO0fd%2FDXASqtXMsqvsyOf%2BYBdRbuYoAcj7GlumSwIRE%2Bz3DcuxTkX2alZwzKabGAdJCA32qh0ChkdWeWzHgNR69a%2BrjCWtgWroNo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 80670ca18a5d1c73-FRA
expires: Fri, 13 Sep 2024 07:56:01 GMT

GET
H2 200 sticky.min.css
pemerintahkota.com/wp-content/plugins/gp-premium/menu-plus/functions/css/ 2 KB
807 B 30ms
29ms Stylesheet
text/css 2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pemerintahkota.com/wp-content/plugins/gp-premium/menu-plus/functions/css/sticky.min.css?ver=2.2.2

Requested by

Host: pemerintahkota.com
URL: https://pemerintahkota.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e858a3bf02390ad4f8a5db4f1b4b979d96db387f48f1c6069557bc369ee6662

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 697858
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Dec 2022 07:39:29 GMT
server: cloudflare
etag: W/"63904331-74d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVliwTSqr0nAiJAoGiTFxNsUI74Kyu1gboRszyjfs8mttZUkUq4qOSNKhxzZ8krlO1n7%2B99Jc%2FJRGxjxa6yQDvR2dwMrMDHxcJ6zIPwB%2Bl9QfP0YYX%2FS7az3b1AhD1oP5KR68wKc4am9PHpAsqNO79g%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 80670ca18a5e1c73-FRA
expires: Thu, 05 Sep 2024 06:04:56 GMT

GET
H2 200 navigation-branding.min.css
pemerintahkota.com/wp-content/plugins/gp-premium/menu-plus/functions/css/ 3 KB
959 B 32ms
32ms Stylesheet
text/css 2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pemerintahkota.com/wp-content/plugins/gp-premium/menu-plus/functions/css/navigation-branding.min.css?ver=2.2.2

Requested by

Host: pemerintahkota.com
URL: https://pemerintahkota.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cc5fba1b17b26c8975d63d581f375152c583264b4ba58a2d2eacac2d11d90ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 697858
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Dec 2022 07:39:29 GMT
server: cloudflare
etag: W/"63904331-b00"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQXAvXh1vFmkO%2Fi9VF%2FcgZpa%2FdEcFmU3QM5Ijontvh3PIdVjpPB0cLuW%2BB866wmVjUM9XHyX23orqlOushx9hEYI7AOVGbI4fiDxF8jxCC1yJo2gWu3%2BqG1gyN0e3CpNBN3SGyJhEYc2IDqbwLFIR5k%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 80670ca18a5f1c73-FRA
expires: Thu, 05 Sep 2024 06:04:56 GMT

GET
H2 200 menu.min.js Show response
pemerintahkota.com/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 32ms
31ms Script
application/javascript 2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pemerintahkota.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.0

Requested by

Host: pemerintahkota.com
URL: https://pemerintahkota.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 712001
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Apr 2023 04:09:39 GMT
server: cloudflare
etag: W/"6427ae83-1b3f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ie6ReyLQmwbEdmPfReMA8hYKmUEkcfffgFhk6a1NhHZf9elwPHWNohFjvxYzNQO340iI5T5%2Ft2LxoI2X%2F73yPjSbi3CZe88pCHoT86qhD%2FcNqZyKwRV2vALRuAthjV%2BtOuHNYlS2PM4EWYDL03k5AKk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 80670ca18a601c73-FRA
expires: Thu, 05 Sep 2024 02:09:14 GMT

GET
H3 200 Screenshot_86.jpg
pemerintahkota.com/wp-content/uploads/2020/07/ 52 KB
53 KB 32ms
31ms Image
image/jpeg 2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pemerintahkota.com/wp-content/uploads/2020/07/Screenshot_86.jpg

Requested by

Host: pemerintahkota.com
URL: https://pemerintahkota.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5b81c3748550c423173be0e5d54647ec313ad80316f15fbf2d409fb6e409b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53865
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jul 2020 08:06:39 GMT
server: cloudflare
etag: W/"5f17f38f-d099"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HAxB0VULeEG6vTdGTkmALYOp2wVV4D3PCKKynPAwyMQN0gcuyzIqGOo1%2F3IL%2BF8Nb8TLmr2FGJ%2FDS2Ul77kvPuyQdZzV0jNPESfDMqRd6hJvQNz5kyK%2Bt85tPv74XwgwnBsvZCaSzb5rTibmK%2FhZU2U%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 80670ca1fff2bc04-FRA
expires: Thu, 12 Sep 2024 16:58:15 GMT

GET
H3 200 wp-emoji-release.min.js Show response
pemerintahkota.com/wp-includes/js/ 18 KB
5 KB 31ms
30ms Script
application/javascript 2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pemerintahkota.com/wp-includes/js/wp-emoji-release.min.js?ver=3e7e96fad5e237fb2d5a081c6cb11212

Requested by

Host: pemerintahkota.com
URL: https://pemerintahkota.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 229965
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 17 May 2023 00:23:56 GMT
server: cloudflare
etag: W/"64641e9c-4904"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2ainayujGtcoh8lGXGrOgz0v9YVBGgTc7x2FUCzQOrsgO2O7KQXRpGKodx56171TJJKSybI0Z7NmEIvhVjLVpMrEFucq3LrtkKjst2EkPVTmG9RNroXt1BzdOrmH3guYEen9fa7l4dV9%2BCHawqm51w%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 80670ca1fff6bc04-FRA
expires: Tue, 10 Sep 2024 16:03:14 GMT

GET
H2 200 / Show response
app.pemerintahkota.com/LandingP2/ Frame FA23 11 KB
4 KB 576ms
563ms Document
text/html 2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.pemerintahkota.com/LandingP2/
Requested by: Host: pemerintahkota.com
URL: https://pemerintahkota.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aad4bba4186ae8d8a8bd6bdc903bb55be6f2d69a8c58031953e8ce34a73ccced

Request headers

Referer: https://pemerintahkota.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-ray: 80670ca20add1c73-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 14 Sep 2023 07:52:14 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQmo9C92MFxCkbcdDYPU%2FCmntEvaPZG5dBfE3REr1Qren%2FaKGxMLgg0QcIajckF9WHEyG96JNTSkDf7XMQbnf6%2BmYrfrvKg7QTfyDqmxh%2FYh3k8zhs1uo81eFBte7O4VTrfZncQzu7DgoUhABrzLq1hGyZbI"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ Frame FA23 158 KB
25 KB 80ms
34ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css

Requested by

Host: app.pemerintahkota.com
URL: https://app.pemerintahkota.com/LandingP2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.pemerintahkota.com/
Origin: https://app.pemerintahkota.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12186174
x-jsd-version: 4.6.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230111-FRA, cache-yyz4545-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jxen0tAITVXPMM7hwM9oTDDQXI1m2YEgxVlKGNuFa9ndtLyvWxtJWGmH4wLfhof66Qr2tirpFPo6ff37f40BZdMPxlnPRnoiINtWxmSKrQ%2BZ9i5I9QLtxn%2BZk62cAw8dweaLJwqhun8fE94a90s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 80670ca66ef03616-FRA

GET
H3 200 rocket-loader.min.js Show response
app.pemerintahkota.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame FA23 12 KB
4 KB 26ms
25ms Script
application/javascript 2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.pemerintahkota.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: app.pemerintahkota.com
URL: https://app.pemerintahkota.com/LandingP2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pemerintahkota.com/LandingP2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 Sep 2023 13:04:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ff1056-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWw1AfSgQ%2BSD0Q8R4X15CCgzySJkgkbBHr1bzhCRKw6RLMEKXkcpOxjPdlz06WEZkOvXarzntC0bl5om2Thne6dXEGF9OxIysUrsQQjSgtgDg%2FADOCIj3RCtZVR0kcj%2BpDD%2Blqb%2BpjrQlDXVUjo0eCHfWKye"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 80670ca61d86bc04-FRA
expires: Sat, 16 Sep 2023 07:52:15 GMT

GET
H3 200 gtagv4.js Show response
pemerintahkota.com/wp-content/plugins/flying-analytics/js/ 91 KB
35 KB 34ms
33ms Script
application/javascript 2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pemerintahkota.com/wp-content/plugins/flying-analytics/js/gtagv4.js

Requested by

Host: pemerintahkota.com
URL: https://pemerintahkota.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f48532ed0175b589d37f3325a8fc8974b8f7207a5414ac4ea548c1dc9b6d94e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 636240
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 11 Jul 2023 02:36:31 GMT
server: cloudflare
etag: W/"64acc02f-16ada"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0j3%2Fl3cuvRzYGgbrrHKYJvOWzTN2cQnaa6b1cKe4ZyBMmd4RDNfQmG5qXhVNPJWmeueTcq54zWUJ3%2Bjn3ptuhFKNBCfqCdL5HK7vPxCKT9ZUElf6LgtBnlqTHeSp8ynOwDoUQfHQsKR4U5UixMC3FU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 80670ca63daabc04-FRA
expires: Thu, 05 Sep 2024 23:11:56 GMT

GET
H3 200 frontend.min.js Show response
pemerintahkota.com/wp-content/plugins/link-whisper-premium/js/ 5 KB
2 KB 31ms
30ms Script
application/javascript 2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pemerintahkota.com/wp-content/plugins/link-whisper-premium/js/frontend.min.js?ver=1692802973

Requested by

Host: pemerintahkota.com
URL: https://pemerintahkota.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

141ac568be4ebb63260741515cc6e4a81fe3abaa2599567ed81922801800fc5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 229965
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Aug 2023 15:02:53 GMT
server: cloudflare
etag: W/"64e61f9d-128e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQPGPW3KL27riFdfp6153DigfS3vL3A1fehhoJKs7XCrQT9Xc54QGtuOTHAiu7SZ%2FOLxbtslgC5OeMH10nteEIr0gMBOeA8RLNDPpO52D8QMoBXTXRKKKg16%2Bz%2BX%2FD5zEye9QbOlHGhlZmCjizZTk9w%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 80670ca63dabbc04-FRA
expires: Tue, 10 Sep 2024 16:03:15 GMT

GET
H3 200 sticky.min.js Show response
pemerintahkota.com/wp-content/plugins/gp-premium/menu-plus/functions/js/ 8 KB
3 KB 30ms
29ms Script
application/javascript 2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pemerintahkota.com/wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js?ver=2.2.2

Requested by

Host: pemerintahkota.com
URL: https://pemerintahkota.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

033c75b293fe53bd9330531b8ff1ed4bcc4722563ea908d73e0b6e4b115202fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 229965
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Dec 2022 07:39:29 GMT
server: cloudflare
etag: W/"63904331-2146"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcWcEv7G%2B19j6Tog1ujV3WURzvbrdkFOdv01LTvc5hRHw%2F69tIaDq3V2ssEthcMWOEajJ22T0E81UaS%2FWTf1vHRCTr1cY3CFGxdFxuTtA7Ju6ru8S439sVLGEDecicnve4cf5uDF1FAUlzkbJFgbPhk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 80670ca63dacbc04-FRA
expires: Tue, 10 Sep 2024 16:03:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
50 KB 120ms
72ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4421926339437546

Requested by

Host: pemerintahkota.com
URL: https://pemerintahkota.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

538e6737341ae885ac68e54c1d9f3782799d08f454352360718e98b436f2aaac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pemerintahkota.com/
Origin: https://pemerintahkota.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51040
x-xss-protection: 0
server: cafe
etag: 16626549010525642919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 14 Sep 2023 07:52:15 GMT

GET
H3 200 track-the-click-public.js Show response
pemerintahkota.com/wp-content/plugins/track-the-click/public/js/ 2 KB
1 KB 29ms
28ms Script
application/javascript 2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pemerintahkota.com/wp-content/plugins/track-the-click/public/js/track-the-click-public.js?ver=0.3.10

Requested by

Host: pemerintahkota.com
URL: https://pemerintahkota.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

328cf20924853ea7c27dccf0425c5b7158e29fb21ce647273052f8fc270363a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 636241
cf-polished: origSize=2404
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 07 Jul 2023 16:25:36 GMT
server: cloudflare
etag: W/"64a83c80-964"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FLV9KiSrrEqrT30vcbbRu1OH4qwWGB2HIQWx4yNdo3Nm68Lp3kRTDs2sKb2olhmR9jlD7OmxClgVn9Zhbtb4Aned68evEWavlTyRiD1Wycl5dscwmPHH16uVH3g6odjaM9bRO52C0Pi5XGgQ0DwJmM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 80670ca63dadbc04-FRA
expires: Thu, 05 Sep 2024 23:11:56 GMT

GET
H3 200 jquery-migrate.min.js Show response
pemerintahkota.com/wp-includes/js/jquery/ 13 KB
5 KB 49ms
48ms Script
application/javascript 2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pemerintahkota.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0

Requested by

Host: pemerintahkota.com
URL: https://pemerintahkota.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 665359
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 17 May 2023 00:23:55 GMT
server: cloudflare
etag: W/"64641e9b-3470"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQAV3bvtIsXr4jXgTofiffmwYTZnAmE0rPRXOM4H6soc3U0ATWaNAeWzZl%2FW82NuJDZ5VJ%2FSmAamqiKYoLqxCiLIHza3TsAUq0d7EFLlnEnLSKjAB9CgcFHnjK3Gj0JCrFWGrJU3BgEvtBS6%2BzfK0kc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 80670ca63db1bc04-FRA
expires: Thu, 05 Sep 2024 15:06:37 GMT

GET
H3 200 jquery.min.js Show response
pemerintahkota.com/wp-includes/js/jquery/ 88 KB
32 KB 49ms
49ms Script
application/javascript 2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pemerintahkota.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4

Requested by

Host: pemerintahkota.com
URL: https://pemerintahkota.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 692299
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 17 May 2023 00:23:55 GMT
server: cloudflare
etag: W/"64641e9b-15ed7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGWDRNK1XMmTDPMLfPY%2BXNBHha8pMVDxEp3powsP0r6xnmk5ckQyIb5tNePy6bbVxzmccxsNWwd8XTkJYVhYRxnTEaf26kmxe6HmilU7A%2BXiZdQf%2FA1zbp4rzurja8ssBcwCp3KntNwa1H2gGpQ00Sc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 80670ca63db4bc04-FRA
expires: Thu, 05 Sep 2024 07:37:36 GMT

GET
H3 200 generatepress.woff2
pemerintahkota.com/wp-content/themes/generatepress/assets/fonts/ 1 KB
2 KB 758ms
758ms Font
font/woff2 2606:4700:3037::6815:520
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pemerintahkota.com/wp-content/themes/generatepress/assets/fonts/generatepress.woff2

Requested by

Host: pemerintahkota.com
URL: https://pemerintahkota.com/wp-content/themes/generatepress/assets/css/components/font-icons.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pemerintahkota.com/wp-content/themes/generatepress/assets/css/components/font-icons.min.css
Origin: https://pemerintahkota.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1264
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Apr 2023 04:09:39 GMT
server: cloudflare
etag: "6427ae83-4f0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8IxP5Hxh0UuEf0nrB%2FqYEqSwS78zng%2BV6RF%2BC9bk0u78whna54HFWKIRT3Jpmvgup1H5XA01WMkRU9efAvL0XpNT3s3FTJE3%2FTFigW3ozRAfEdwSON2%2BWA1n6w4evxDGJVV6u%2FRAaoCcaYAbkb7%2BTs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 80670ca64dc8bc04-FRA
expires: Fri, 13 Sep 2024 07:56:02 GMT

GET
H2 200 jquery-3.2.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ Frame FA23 85 KB
38 KB 196ms
35ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.2.1.min.js

Requested by

Host: app.pemerintahkota.com
URL: https://app.pemerintahkota.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48B8) /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24128458
x-cache: HIT
content-length: 38743
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Mar 2017 19:54:12 GMT
server: ECAcc (ama/48B8)
etag: "20bed8beb3a1d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame FA23 183 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8708a251cbe604441f89714998b456fdc039f43e286e9aabbfa292801a4947ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ Frame FA23 62 KB
16 KB 30ms
29ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js

Requested by

Host: app.pemerintahkota.com
URL: https://app.pemerintahkota.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.pemerintahkota.com/
Origin: https://app.pemerintahkota.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17623108
x-jsd-version: 4.6.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-yyz4520-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"f7eb-O+7WjtfXU8a/T2HCY4bd15KboDA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ChdOg71pZebUYt3C84O%2B1r9ztv63XRP5ECXtKz2Q65tmYCQSeikvux%2FVO8aFgHWw4fAMlTc9CwZimEL5cVtiCsIwQKhJ%2F6oN978FalIsGPTOXZOIaBlCCQcZtb2Z5Tdj%2BOwwAfaJ08wJN5fyp0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 80670ca8395d3616-FRA

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 100ms
35ms Script
text/javascript 2606:4700:10::6814:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: pemerintahkota.com
URL: https://pemerintahkota.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:91f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 57144
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 80670cab892d03ec-FRA
content-length: 4547

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ 379 KB
129 KB 130ms
85ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4421926339437546&plah=pemerintahkota.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4421926339437546

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89c1463be5b0d25bd18d3902791917887417b0d6f4744936247b8851e0762a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131799
x-xss-protection: 0
server: cafe
etag: 16365306178805112190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Sep 2023 07:52:15 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230912/r20190131/ Frame D444 10 KB
5 KB 69ms
20ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230912/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4421926339437546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pemerintahkota.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35815
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 21:55:20 GMT
etag: 8554266389219770021
expires: Wed, 27 Sep 2023 21:55:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
256 B 76ms
27ms Ping
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-R1DP2TV9V2&gtm=2oeae1&_p=882984229&sr=1600x1200&ul=en-us&cid=2076130509.1694677936&_s=1&dl=https%3A%2F%2Fpemerintahkota.com%2F&dr=&dt=Website%20Informasi%20Pajak%20Motor%20dan%20Pajak%20Mobil%20-%20Pemerintah%20Kota&sid=1694677935&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: pemerintahkota.com
URL: https://pemerintahkota.com/wp-content/plugins/flying-analytics/js/gtagv4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 07:52:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pemerintahkota.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 115 B
250 B 330ms
107ms Script
text/html 149.56.240.27
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4352929&@f16&@g1&@h1&@i1&@j1694677935956&@k0&@l1&@mWebsite%20Informasi%20Pajak%20Motor%20dan%20Pajak%20Mobil%20-%20Pemerintah%20Kota&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-53455907&@b3:1694677936&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fpemerintahkota.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.27 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534106.ip-149-56-240.net
Software: /
Resource Hash: 609286b80cc99d0f11fd6ce3fcd275ffdaae70b3506e143befe417d31c5d7b41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 07:52:16 GMT
Connection: close
Content-Length: 115
Content-Type: text/html;charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
610 B 91ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=pemerintahkota.com&callback=_gfp_s_&client=ca-pub-4421926339437546

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4421926339437546&plah=pemerintahkota.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b63d8fc592ff3e6c6c055030976dc54e6fde7aec1e50d17df21f136b0f6f6b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4FE7 126 KB
34 KB 234ms
233ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4421926339437546&output=html&adk=1812271804&adf=3025194257&lmt=1694670736&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fpemerintahkota.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694677935865&bpp=4&bdt=1555&idt=230&shv=r20230912&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6896771606071&frm=20&pv=2&ga_vid=2076130509.1694677936&ga_sid=1694677936&ga_hid=882984229&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31076839%2C44796700%2C20222282&oid=2&pvsid=1887539195735270&tmod=1988778200&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=253

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fae5741f813dcb34b26445f8c9393295acbb3efeeb2ef60885aa50ce6e15dde4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pemerintahkota.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34172
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 07:52:16 GMT
expires: Thu, 14 Sep 2023 07:52:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 07:52:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 70ms
69ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230912&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9fbdb6263c674586fb54c423810aa3dcec7c85ae6397553e9e8b590a3c05ea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11834
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 114ms
66ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 07:52:16 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6277 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pemerintahkota.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2237
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 07:14:59 GMT
expires: Fri, 13 Sep 2024 07:14:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 598D 829 B
1 KB 78ms
30ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

168263481bdb4198a57f7c305e7397916ac74d8ccf2db1c3a25dbf2130f1fbc9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G7zQJoVHhWOmf3Uc2I9eRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pemerintahkota.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-G7zQJoVHhWOmf3Uc2I9eRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 07:52:16 GMT
expires: Thu, 14 Sep 2023 07:52:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js Show response
pagead2.googlesyndication.com/bg/ Frame 6277 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:36:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Sep 2024 07:36:12 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ 154 KB
52 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67b87b48b899a7881c90a30140275d5bd915b5156a1fce89f609c1392d73d5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53662
x-xss-protection: 0
server: cafe
etag: 7608431445456182611
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Sep 2023 07:52:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 598D 0
0 58ms
58ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230912&jk=1887539195735270&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6277 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?YN-_0A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230912/r20110914/ Frame 5E73 10 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230912/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pemerintahkota.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35681
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 21:57:35 GMT
etag: 8554266389219770021
expires: Wed, 27 Sep 2023 21:57:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 5E73 4 KB
1 KB 80ms
29ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Sep 2023 07:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 06:53:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Sep 2023 07:52:16 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/elements/html/ Frame 5E73 15 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 21:23:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 511223485441000916
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 21:23:36 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/elements/html/ Frame 5E73 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 19:11:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 19:11:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/ Frame A08B 23 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 18:34:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47869
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 18:34:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A08B 8 KB
823 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Sep 2023 07:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 06:54:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Sep 2023 07:52:16 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame A08B 15 KB
3 KB 83ms
21ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 21:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124124
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Sep 2024 21:23:32 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame A08B 368 KB
128 KB 84ms
22ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 21:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124124
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130842
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Sep 2024 21:23:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/ Frame A08B 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 07:15:18 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame A08B 0
234 B 488ms
168ms Ping
image/gif 2607:f8b0:4025:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lmivhktj&c=7638230102457&slotId=3819115051228.5&qqid=CMKMkqPPqYEDFUoJVQgdqmUOYQ&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4025:815::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 07:52:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A08B 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cj8K8sLsCZcL0CMqS1PIPqsu5iAbRidjtcozQ8uW8EeeY3v3RCBABIK718nVglQKgAfujjoYqyAEFqQLU9tqn2-1jPqgDAcgDmwSqBJACT9Bd7cG7LCouv0mBmW39d8FUReNI6kDREl8epxc7DbfXApYNpzIpJfJF6Llbs9sPuPfHMP4OwmyJ1esiFf9sB8VYLWYhvDhb5f1wg57wlgFkMzJtMv1cCgQ3JoOzRzoFH9nMvlLpbIkNAIFkWVp9QkJjbcod_N-6aEPaiytPqlNWCdml7TElwSPFsbTSQvp8RAhqRzCYrbvDaLWZIpeKQp8G3_LHeZNk34wLXpA6iiEXsHL3gKnlobvpSOxd4vKSE-9WbDBq-7rMpkHnhSeDIiYBMqa3uK_v-kANapVZwNUVNPK2vImN-edsjEkGt0Ti5u9NRqNBmbZ9aPL5bhlMAxS3OZn3iSDAsDOs_6LOYaDABKjKu6PUBOAEA4gF8auEvUyQBgGgBnaAB_vb3uUEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHgCwGADAGqDQJERcgNAbATx4vbFMgT4azW4wPQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1694677936817&ai=Cj8K8sLsCZcL0CMqS1PIPqsu5iAbRidjtcozQ8uW8EeeY3v3RCBABIK718nVglQKgAfujjoYqyAEFqQLU9tqn2-1jPqgDAcgDmwSqBJACT9Bd7cG7LCouv0mBmW39d8FUReNI6kDREl8epxc7DbfXApYNpzIpJfJF6Llbs9sPuPfHMP4OwmyJ1esiFf9sB8VYLWYhvDhb5f1wg57wlgFkMzJtMv1cCgQ3JoOzRzoFH9nMvlLpbIkNAIFkWVp9QkJjbcod_N-6aEPaiytPqlNWCdml7TElwSPFsbTSQvp8RAhqRzCYrbvDaLWZIpeKQp8G3_LHeZNk34wLXpA6iiEXsHL3gKnlobvpSOxd4vKSE-9WbDBq-7rMpkHnhSeDIiYBMqa3uK_v-kANapVZwNUVNPK2vImN-edsjEkGt0Ti5u9NRqNBmbZ9aPL5bhlMAxS3OZn3iSDAsDOs_6LOYaDABKjKu6PUBOAEA4gF8auEvUyQBgGgBnaAB_vb3uUEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHgCwGADAGqDQJERcgNAbATx4vbFMgT4azW4wPQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230912/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 07:52:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame A08B 0
54 B 476ms
168ms Ping
image/gif 2607:f8b0:4025:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lmivhktu&c=7638230102457&slotId=3819115051228.5&qqid=CMKMkqPPqYEDFUoJVQgdqmUOYQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.jo&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4025:815::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 07:52:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame A08B 28 KB
17 KB 137ms
62ms XHR
text/xml 64.233.184.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DR4l12YkTeedy6zpFOn7XC5YUzFaP166592VsSELaMUrdeQQIG4DanLHFa8o8l58Tznzu9cqRF11CxOMCcVmBHu-L0XA&cry=1&dbm_d=AKAmf-BXnj6RLCAxr4KcXQHwqfZmZN4h3YjgE0z3q1MnCyKmGa3ltskMayB7wmiYvOuzeuCA_7247iNSaY0VlT3wppRuDKR2TtHMWbijS839Plz9l1fBrJK6Z9H7K3GoGzn86Q0WPZ0QAltPfwHFfPOXpa9DwSLl2F9d3sW7s-NhVOTGEzwUmb_7rEbAZW6prN255jvDUxRjwphzgDjyG4AkAZ0-K67Kf6NgMMAEtqjJLRMl1GrCPatlwbEalB9EO4AHtFbe0hbVevrkSZ1esmNJWqyJZK3KHZsQe8OjZYXSpswoQ-oNJPzekZh4gVllWdFR94-FLBkQjjmYVPh7ZaMetQodV1AAPnVi4punLbPTsHqaajShnTAUbHZFk1baDVn9MiHCY2afyiLSdmxbFoA3RVhIijVbhqsKGZ0S01voq4a1Z8CUUA7eOcfYvbagGgAx_MJyRK9kCBc_ftkulBS7BynbIrO-PB-I9TnB6lrtcWoKmFgaHSygmHdkqUH6Nbe2Oz48LbrcU7F24szwDtKtJWk9SOWjqm5gO1-vbvcj-NWGPe3M8UPrk-thT4usPU0jfl_78To3M29gzeEQwceUppvl57rm4rQHQiXtyNvn9Qbxh4FWmW79PqiWbjnh9wulHCi2DtsLVf91f6tpCW7-QKDUXgWZ8wAcqx9eb6RQPMhkR-5oSas0eMPRzmqFglg0HbsQZ0H9w1tnxUBSxO-WtPYBj99QAsNy1gpnjhOV1Z5m-s23VwCqaVsszrn1wI--XbGWETHZ9FpRUon-hq5HORxzijzBxV_GEL4c9QKE71CrGOaii9Wqwhk7gnpcpfRzpGpyJC6i7lqJa3KODaUPtAAekmHBmy82t7yJ-azG01DGlYFKw65SvtsByYOW2a5uRcUhUuoGfYzV3mIXNAQZVMeibBV-qfcLLn140iGw_Ki7Ebu5WrXy5wzi8TzxU4OonNI6l4BkM4DaxCkwl3Q_3vw0byIG4I3IIjE2o1XB_3T_GSJs6ZlG3YYnWzwtFFilm-bd1TwWFiLtsdbofUb85mCvmsvk-9QBVILEiHlyzHZTI2H4Xl2zXIQluPVu_q4QZBnqzzYoL_UTZmPDdf2-rE_ZbeAnKU7Mgy5JIuNa2CkCal5Gx_0ltnt_5Qvpwt1FVaCAkWoZmYXETiQHu1VFpN-Vj2wwCAGhL5HyEa4O4w8ngfNfGcHU6VICRF0hyqcfXgRO24dlfifT1xHtqA_wx0OKsF4wV3kZ6D8ceKZadPvf8a0Qk8YRhNyL_qlb8jSGAN3rRxG5T33QgdDjvNesEDtwNPw0FrHWtlM9RW0vGSdGuY60ZbXh8DpojuRrtO_mmyD_jWT7dSESguqt6atmmWcHhENZVx5wwu2WpLeABQ9_uXJIGrX1DFZQMbHHam7HueWrFNYjcIc4062LdKa2h1FqiZYMVYT34rsFMH8H-ZXRR9Ow3DOAC-rRdL3pc7wNPUamM6UMs-yFQPmjJn1SQdK0pr-pUeXm9mXK7F7S5aEX3cFeFrc6UvoVRva3r4Or-BVm7_uv6J3oLXpEaOc_bv9tBKgmbFtKDx3mvV1Z3p6zo5UH6yP9dGmG-_mSmFYkl0icvLwalCMsRpMLGbtBNyyOSvTYWobIv9r-TNJM7sI2bT5gV_t2WYY3mq5wCWVbZ2KuU3rnE4hZp99yRRNUutv9FVMnoxtPexqNaLlbywJTPPbs0Jmvn8KQG1Tp9l92p1MaOrSYJofUddoM7_mbP3Itiu8qI-xQ8hXD2GN6zRPJylEWZKrdPQpPBIIn4RWEQpL6yKBTBp6Sc6ZubTpfWeYIfu2mb3xuL6vtgxsOWFj9_Sgnmr0psJaBqk70NROzMXXjTKeZiTiK_7O0mM_MeoDQ1uH62H4o-OysHS9_IygY_Ik9B5kuWZVL51PW19vUPzuEph2FkQadcnPg4CEDDeSi17OdsPuNZZzUbC2sf1MdRtuaMdhTOQ_xVPB0hl1PcIEaQYEN3Ysyjc2qgIBn3SnY7w2hd3TC5Mc5_XLpMyR0nhF83eB_U856IL6rZAB4DfbAcaoml3H1b7q9sueVQR6QwT8T0eT9oziiySfCaEOdToDJEiJVXwSn6k1U06kEWkjxRHHDVtAr7sngcm-0btSba-JXCeImV2LOVIwofszt9K170WH8cAZzo-VS346pY9sDnIjMbaVbmo41mV_EU_UpISDCnld4bsPvYSVGO7zAm3YNcbsiqbhTBy4AoGsNIC1k34lFtM6yiacNIXsMkhwFlKHIWyAogEMM_3oYTFAMOx6be9p7XnXFRaL5cG4CQBNqDNCjMu0UoYol-1TgxDypE6VFvpXoxUX_hNTDwKlLsLeVw38ZWzKyS7Zsm45VbQPHzBwqK0fdJxqOHh3aMCjusC6ODfpzN7dK7vMBYLpVot3xQ3xTvltXBAKQhgk_JTp7_fAvxa4v_a59Hfz8lzOWm1eGJ9zWexywSD--j1RxHkaorlXWTFJPRlvTUU3J9TRQt5TIOF78Ii2e_FxjiYBAjtvh7zVPoglxS2gywDyNWIFztNPWYclkUigXE5HmdWavbfdwyDWTkCufselSfNH0G-4WdoEmMzbByezwBWsJ-BGMF887zFUThHW0lIBGcKCrWRzRwR-fb8VVLCWAk0fxexPEvN9CsgUGoHItF70Vo8sCu_nMjwcPPqo-py-gfrq8Vxkyt8KwzuoahZ9xjkfMJQJpfDzh57c10L1Fgcg5T8H8lf9lqAAkLrJMweJNAd8NwRpWanViFIYDjKWi029XBXo3glVFI9wC6ppr5qMDvkoW_sWQRu9jEyf0x0I6D6sxDke08IMmTaSydH-aJawd4uCKkmQTjUmRuu1bybcTppd99y5m3QSDsAwyG_BemrzYUmlh3lwQw9u9xK5gLnLUV5UCrx75BCxTI9Ffqewp_UMUvlUsmKvNfX-4PqFmaKNBsoDhQTbKEKmIzHO-Et_k0gLIYZTs62_jS3JqBrHHWKsD_UBRcPLKK-VfSeLqtFV1guDEyfVpFXWV7XAxfKoPMJnjK1ozz96AvUmZ5o7DEiW-sGOB0HC6Uu2R49VZqkJOxSQbfvlOc3mYABq7IxodKlMYltCrdi6-FNVuCOY4_tQHEB3Ka_WEQ4YVRNJbfzYEx4NVdphBVL5mfYcI_gxrYr8HP-dw8gcmYTUFv6iVrYf2DIpU4zO_ujvspMfg4bmiA0NSkl2YztYx61XnWDvH5602zkX9DippDQx-j3Yz6zNPj4iGY0bO1StcsOa9CNOf52nc5gApT8drctKF_oomJ-WDIumdtK_QqvM9zzbagWZch08mwcheyYe7jF609l6_DqEdolGIUTTORw8u7bnZvF8jMMBu7DosUsCZ1qZ4sQ_E5GoqhmsttWhPOZX-r14mmucL3Vkw_LhghGUlu1K54nyhN-1C_39yJQyocSGnlM6D3RF-z48KojIL08QS_1xVCT2wgCcAWMzCiLWmewRRwS6gBTlzeO57B31DCn3GoiuN8QIhGTcZoYkICxhRKQtXhOQXmM-73gkO-bHIRxUH9c17fa1F3GUPxEP9aFHxBPZ6m8urI0RE-CuAHN_Hp53SvF5zd6AdFnpuQFl9FXwqq6ySc1RBSerqTKwgjQHtyo9-OkQQjksZEQyb579sqTwTeX8K0-4SFNQMiHwbnbXt0yTFlQ&cid=CAQSGwBpAlJWRyBBZEYiWjb4O_j3emUTvyUkOL56nRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f157.1e100.net

Software

cafe /

Resource Hash

9bbb3456ff3635374cbed3fa9bd25c47fe89e2a6f9ad1d424660a69ae450a51d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16480
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame A08B 0
54 B 328ms
169ms Ping
image/gif 2607:f8b0:4025:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lmivhku6&c=7638230102457&slotId=3819115051228.5&qqid=CMKMkqPPqYEDFUoJVQgdqmUOYQ&fb=outstream-lima&vast_v=2.0&vmfc=7&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4025:815::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 07:52:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame A08B 41 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 07:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259037
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Sep 2024 07:54:59 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-4g5lznls.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726213936/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame A08B
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726213936/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r4---sn-4g5lznls.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726213936/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

102ms
20ms

Fetch
video/mp4

2a00:1450:4001:26::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5lznls.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726213936/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7E1DA41FA2AB8BBF8049CAA3F989E1F3E51C6E35.60D24F81B6E0BB18162501576D8B519DF58A6E42/key/cms1/cms_redirect/yes/mh/qX/mip/2001:1b60:1010:3:1012:f83f:6017:32aa/mm/42/mn/sn-4g5lznls/ms/onc/mt/1694677036/mv/u/mvi/4/pl/29/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:26::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 07:52:17 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 9011109
Last-Modified: Tue, 08 Aug 2023 11:35:04 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Thu, 14 Sep 2023 07:52:17 GMT

Redirect headers

date: Thu, 14 Sep 2023 07:52:17 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 666
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-4g5lznls.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726213936/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7E1DA41FA2AB8BBF8049CAA3F989E1F3E51C6E35.60D24F81B6E0BB18162501576D8B519DF58A6E42/key/cms1/cms_redirect/yes/mh/qX/mip/2001:1b60:1010:3:1012:f83f:6017:32aa/mm/42/mn/sn-4g5lznls/ms/onc/mt/1694677036/mv/u/mvi/4/pl/29/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame A08C 23 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 219058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 19:01:19 GMT
expires: Tue, 10 Sep 2024 19:01:19 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js Show response
pagead2.googlesyndication.com/bg/ Frame A08C 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:36:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Sep 2024 07:36:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230912&jk=1887539195735270&bg=!BwSlBEvNAAa6D61Rmg87ADQBe5WfOOssP8MHgRZxjNVxurJi2ceevf6klLqRiTCbfqe8P4ejtyJVDX8FnTpTF7JCZ-duAgAAAINSAAAABWgBB5kCv8GSBxL1RtBN5Z8-L2F-kje01O6rNM5tKYg5JqxTbvb2MuvDG7d5c9Y9kp-M6-GMvaDiW5VRvdka1z9NJ216tdUVyx8YiiGHtcce6t6zGUm0kUXuHF7gYMz4aTEGsiRaZ5jTcl9ACB9ACJNJJe_4ccmDMUcn5zC7hAh3VNvF9DXVCdHHmhxUaWuYzk6dpGWb8I55jS45YRU3cnRXJsl5h__I8zIruxT5OhuV1I4KrLVpxN6Z0rhCa1OeXvMaTEdZhuJe-EVVdztpuzgFCtiGHmJzqN40j7xcp3iuiaM62pWeWDvzboNc3s5YOaNDwz34g-ZYI9kofeOHl0k7Q5hfs_h-xCnr-EeKs5W1XWk_YjIi5p0UCKSRflajHHgRX6zeo6H-YtcCHp_2iSX-7QiUtPTVSJ8aM-iwRZOLWKURlmbuVtI_5pSu_TlzsS1cjOQAyPHfPwnsIqZamumWpMXTI4uYVuYWuxXojxvYsF_zvo1B--1ar4IhS-2S5s2LvVLcilpwy6VQIAkKZ0Mjhy_RHaQ1k0robmTlrrha1-vjWY2kMa1laiEnVzKK-CjzUWgvRSf_-pq-CsfdW_idws5YJ0hS0Ceuzy3Z-PjHVaxB82UoyHD0Hs1TBmuc0OoN8qeEwUScuShhcPnSS7eFcXCdBJBdNujcid0wllRb06_lsfp_2UKLaUf_fNTcwbHR-qaLqG7BinY1TNQ2PKlapvBgauXCzalx9TRCGaSb9h3t61RS50dlKQwZewjGepnHLt2iLRs1eYnQ1pRw5Qmksr2clE27xKobxV2mLfP1hZFm_S1LNedTWbhvZmI2olBwI-icbuMAGNzGfv-xrWqVz6oKUjrjepJdutSRGhIRzTC-x8PVk3LOU-7-82yMYo4B6JFkdm0dnHJRbXWh06BSd2nNaepFLwnZT8YBewCf1rAUkFw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pemerintahkota.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A08C 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BKPKBsLsCZenwOJqokdUPh-WPgAMAAAAAOAHgBAI&bg=!8_Cl8L_NAAa6D61Rmg87ADQBe5WfOCMXz8Ptfv6iNWqgm8NwnM5tkB-V0JGGc5Sfz7ZQQFMh_NwECj5-yXdMDFfcaCJWAgAAAExSAAAABWgBB5kDC9r7xA39QEVkO39eg8yKIZRLJA9WuHMceTZxWTOCCPLaMPpMIUwUVZttr_P9hU_Dsm7kFhCwtUUU73sKbeCJUEtMgvo4JAYedZSoSVjcnWNReyBwfGXEfrVze4u4O5ifiBiuYQzOz2RT3FTfZzgc-xkdCp-N1jHD4_PlKXBE2Ag4oQ_OQlWTNSu9R1sRY_MFue-NsEh3U8z90nT_TLmSD4i9ao2OUZ96f80VnfSII34-FJ0Hq71P3yTeBoGX7tMZN-wrUX8hCmBvdmJG_HKt-HirhjL-O7S95AtNhcNZyEmOiKgMXURDLPTLtRuwMcdFSQKa8NGhiXjvWrDbSzupxT4blfV2DfNoAXXILjjwzUL1bXvJQrwfI81UvxGr8AGNerPBDs5a567FXi-MvPHARC7W4tzzmNNqj6UDxpEZFClHAtoHvscxW7WNaMu0HJfc2_vsL7e4F_KU2tRGRfaX7IrqEbA2e48Azx2sY-CVN2hxKi7gC8q5Uw7FzUK3apdX2MisUe0TU0RRlIrpRNuM-vswOa0Ng5T2rFo9a_f5lJmb0EeakMmK7kgZZV2co8dhqjbOU4tSoClMmUPm6Z9nH271dI0Z5tsiNgiyfVlNjHlMbXbPOT891XZrP8Yv3OFc8D9A8f_vPFSemswtl7huFLirwieA56nHIPC-9v41GrPc7JHLjQK68BNouvl8dyTxJUxSuK3vpHYQURzK0UK2VQhQAcCE332Zz9BCHUaPB8vs1LCXvBE-Ins1OY9RIk2hHwhS5cvotIuay4N2scRHJvXmpqNncufttpEFMOMSiqFliuJogYlAIMJTpphUQcyNXAaTbfBJJGDIkThLTJN86Jpqse7CqcvNo-pYFbg7ds9ZCJkr1QOkwPBG1c5UbgoeDNNifBA3X5LfzKhFALjvJjesa6S8M_ZgTxM9TdCmjRV0qPcc43e_uX7PcxP2g8yT70hyAIvxGalGwKuvSQrPMF265pNmY64GvnUaNBsQQhhyCHslFvQTX791EumibKf__GSecvMEhXBdy6MO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 07:52:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r4---sn-4g5lznls.c.2mdn.net/videoplayback/id/b682cd7a5b5d3655/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726213936/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame A08B 160 KB
0 45ms
21ms Media
video/mp4 2a00:1450:4001:26::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:26::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Range: bytes=0-

Response headers

expires: Thu, 14 Sep 2023 07:52:17 GMT
date: Thu, 14 Sep 2023 07:52:17 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-9011108/9011109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 9011109
last-modified: Tue, 08 Aug 2023 11:35:04 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

POST
H2 204 csi
csi.gstatic.com/ Frame A08B 0
54 B 171ms
171ms Ping
image/gif 2607:f8b0:4025:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lmivhkyb&c=7638230102457&slotId=3819115051228.5&qqid=CMKMkqPPqYEDFUoJVQgdqmUOYQ&fb=outstream-lima&gpm_i=6&gpm_c=6&gpm_a=6&smb=1000&br=984&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C59%2C342%2C343%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.o0~vil.w0&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4025:815::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 07:52:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.pemerintahkota.com/	1970-01-20 14:44:45	Name: ci_session Value: 7a1d3b270a78f5c1757e4fbcba6f6189caf10705
.pemerintahkota.com/	1970-01-21 00:20:37	Name: _ga_R1DP2TV9V2 Value: GS1.1.1694677935.1.0.1694677935.0
.pemerintahkota.com/	1970-01-21 00:20:37	Name: _ga Value: GA1.1.2076130509.1694677936
pemerintahkota.com/	1970-01-20 23:30:13	Name: HstCfa4352929 Value: 1694677935956
pemerintahkota.com/	1970-01-20 23:30:13	Name: HstCla4352929 Value: 1694677935956
pemerintahkota.com/	1970-01-20 23:30:13	Name: HstCmu4352929 Value: 1694677935956
pemerintahkota.com/	1970-01-20 23:30:13	Name: HstPn4352929 Value: 1
pemerintahkota.com/	1970-01-20 23:30:13	Name: HstPt4352929 Value: 1
pemerintahkota.com/	1970-01-20 23:30:13	Name: HstCnv4352929 Value: 1
pemerintahkota.com/	1970-01-20 23:30:13	Name: HstCns4352929 Value: 1
.pemerintahkota.com/	1970-01-21 00:06:13	Name: __gads Value: ID=c99a754e5328acb9-227b694875de005b:T=1694677936:RT=1694677936:S=ALNI_MZKliwCd7zar6kCbq2gLqwJP8E1Jg
.pemerintahkota.com/	1970-01-21 00:06:13	Name: __gpi Value: UID=00000d92a25cb743:T=1694677936:RT=1694677936:S=ALNI_MaDlwwjFZVeRXdzPbpLWRfqoCYGjQ
.doubleclick.net/	1970-01-21 00:06:13	Name: IDE Value: AHWqTUliWWv2cgXKY9zm6CcilUyiiPXQu2x_0dnqXsFo-H4mGLc5QgXtGPphtHC3tFw
.doubleclick.net/	1970-01-20 19:03:49	Name: APC Value: AfxxVi5HacZy-EZ6qGRnWJsQha_mIL5EQTRru-Lch_Yf11yPm1quqg

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
app.pemerintahkota.com
bid.g.doubleclick.net
cdn.jsdelivr.net
csi.gstatic.com
fonts.googleapis.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pemerintahkota.com
r4---sn-4g5lznls.c.2mdn.net
s10.histats.com
s4.histats.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
149.56.240.27
152.199.19.160
2606:4700:10::6814:91f
2606:4700:3037::6815:520
2606:4700::6810:5514
2607:f8b0:4025:815::2003
2a00:1450:4001:26::9
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2004
2a00:1450:4001:813::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::200a
64.233.184.157
033c75b293fe53bd9330531b8ff1ed4bcc4722563ea908d73e0b6e4b115202fd
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
0f48532ed0175b589d37f3325a8fc8974b8f7207a5414ac4ea548c1dc9b6d94e
141ac568be4ebb63260741515cc6e4a81fe3abaa2599567ed81922801800fc5a
168263481bdb4198a57f7c305e7397916ac74d8ccf2db1c3a25dbf2130f1fbc9
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
1cc5fba1b17b26c8975d63d581f375152c583264b4ba58a2d2eacac2d11d90ee
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e858a3bf02390ad4f8a5db4f1b4b979d96db387f48f1c6069557bc369ee6662
328cf20924853ea7c27dccf0425c5b7158e29fb21ce647273052f8fc270363a1
3a494cb8a3fc5345ca81844d27d3e0834aa754aeaa0056f1710a1df56acd983c
3cdc8768b77b752d62d488cda4d7917a5df5d334da0f7fa7c9f86aeae573923b
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797
538e6737341ae885ac68e54c1d9f3782799d08f454352360718e98b436f2aaac
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
584b10df5af4716257aae636285c55f27e9a970412fa831dd66023efabb84b48
5b63d8fc592ff3e6c6c055030976dc54e6fde7aec1e50d17df21f136b0f6f6b4
609286b80cc99d0f11fd6ce3fcd275ffdaae70b3506e143befe417d31c5d7b41
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67b87b48b899a7881c90a30140275d5bd915b5156a1fce89f609c1392d73d5a8
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8708a251cbe604441f89714998b456fdc039f43e286e9aabbfa292801a4947ab
89c1463be5b0d25bd18d3902791917887417b0d6f4744936247b8851e0762a01
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9bbb3456ff3635374cbed3fa9bd25c47fe89e2a6f9ad1d424660a69ae450a51d
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
aad4bba4186ae8d8a8bd6bdc903bb55be6f2d69a8c58031953e8ce34a73ccced
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b43fe1f5fe20d8304f2fc279f83939160e461abc9d64d57f84a800dabf4e64d8
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d6ae92152c0e92d8e59192ac9e393cf2359f7df5f1b398231d9a861c0d0419dd
d9fbdb6263c674586fb54c423810aa3dcec7c85ae6397553e9e8b590a3c05ea7
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba
f5b81c3748550c423173be0e5d54647ec313ad80316f15fbf2d409fb6e409b4b
fae5741f813dcb34b26445f8c9393295acbb3efeeb2ef60885aa50ce6e15dde4

pemerintahkota.com Open in urlscan Pro 2606:4700:3037::6815:520 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

98 %HTTPS

82 %IPv6

12 Domains

18 Subdomains

17 IPs

3 Countries

835 kBTransfer

2637 kBSize

14 Cookies

1 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pemerintahkota.com Open in urlscan Pro
2606:4700:3037::6815:520 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

98 %
HTTPS

82 %
IPv6

12
Domains

18
Subdomains

17
IPs

3
Countries

835 kB
Transfer

2637 kB
Size

14
Cookies

64 HTTP transactions
1 data transactions