otodiva.id Open in urlscan Pro
2606:4700:3036::ac43:d8c1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
Effective URL:
https://otodiva.id/
Submission: On July 30 via api (July 30th 2023, 11:34:40 am UTC) from US — Scanned from DE

Summary HTTP 217 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 30 IPs in 8 countries across 24 domains to perform 217 HTTP transactions. The main IP is 2606:4700:3036::ac43:d8c1, located in United States and belongs to CLOUDFLARENET, US. The main domain is otodiva.id.
TLS certificate: Issued by E1 on July 4th 2023. Valid for: 3 months.

This is the only time otodiva.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::ac43:a996	13335 (CLOUDFLAR...) (CLOUDFLARENET)
69	2606:4700:303... 2606:4700:3036::ac43:d8c1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4 7	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
40	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4 8	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
8	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:25e... 2600:9000:25eb:a400:1b:f040:3600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	154.58.197.185 154.58.197.185	174 (COGENT-174) (COGENT-174)
1	2600:9000:224... 2600:9000:2248:c400:3:4706:a6c0:93a1	() ()
1	52.28.142.138 52.28.142.138	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	18.158.83.223 18.158.83.223	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1 2	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
217	30

1 2606:4700:3035::ac43:a996 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

otodiva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 2606:4700:3036::ac43:d8c1 (United States)

ASN13335 (CLOUDFLARENET, US)

otodiva.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.66 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25eb:a400:1b:f040:3600:93a1 (United States)

ASN16509 (AMAZON-02, US)

ads.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.58.197.185 (Philippines)

ASN174 (COGENT-174, US)
PTR: staticip-hv4m185.hispavista.com

t.hspvst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2248:c400:3:4706:a6c0:93a1 (United States)

ASN- ()

cti.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.142.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-142-138.eu-central-1.compute.amazonaws.com

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.83.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-83-223.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.35.84 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	otodiva.id otodiva.id	2 MB
61	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	679 KB
36	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 114 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 347 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	255 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	220 KB
9	google.com 4 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 3	2 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 213	449 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 79	6 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 624	3 KB
3	w55c.net ads.w55c.net — Cisco Umbrella Rank: 14599 cti.w55c.net — Cisco Umbrella Rank: 4085 i.w55c.net — Cisco Umbrella Rank: 2360	32 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 245	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5772	622 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	215 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1361	455 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 58	21 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 762	339 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 623	363 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 350	147 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 379	266 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 862	714 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 802	464 B
1	hspvst.com t.hspvst.com — Cisco Umbrella Rank: 181395	922 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 311	155 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1196	603 B
1	otodiva.com 1 redirects otodiva.com	660 B
217	24

	Domain	Requested by
69	otodiva.id	otodiva.id
40	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
23	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net otodiva.id
21	pagead2.googlesyndication.com	otodiva.id pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	www.gstatic.com	googleads.g.doubleclick.net
8	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
8	www.googletagservices.com	googleads.g.doubleclick.net
7	www.google.com	4 redirects otodiva.id tpc.googlesyndication.com googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
6	fonts.googleapis.com	otodiva.id googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.de	otodiva.id
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	otodiva.id www.googletagmanager.com
2	sync.teads.tv	1 redirects
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	onetag-sys.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	i.w55c.net	googleads.g.doubleclick.net
1	cti.w55c.net	googleads.g.doubleclick.net
1	t.hspvst.com	googleads.g.doubleclick.net
1	ads.w55c.net	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	otodiva.com	1 redirects
217	32

This site contains links to these domains. Also see Links.

Domain
gadgetdiva.id
traveldiva.id
gizmologi.id
gizmologi.com
facebook.com
www.instagram.com
instagram.com
kontenify.com

Subject Issuer	Validity	Valid
otodiva.id E1	`2023-07-04` - `2023-10-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
ads.w55c.net Amazon RSA 2048 M02	`2023-07-19` - `2024-08-16`	a year	crt.sh
*.hspvst.com Gandi Standard SSL CA 2	`2022-12-12` - `2023-12-09`	a year	crt.sh
*.w55c.net Amazon RSA 2048 M02	`2023-05-29` - `2024-06-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh

This page contains 27 frames:

Primary Page: https://otodiva.id/
Frame ID: 3ECBFDE206AEA7824A708C37FC3D63D3
Requests: 94 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html
Frame ID: F03C7E0D7B8AA03E13C39DA09196622C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&adk=1812271804&adf=3025194257&lmt=1690716872&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x540_l%7C236x540_r&format=0x0&url=https%3A%2F%2Fotodiva.id%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716872468&bpp=7&bdt=796&idt=203&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3219674463804&frm=20&pv=2&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=233
Frame ID: DDEF6D0A01589279FCCDE86BA913875C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=280&slotname=4763364487&adk=1394093537&adf=683863926&pi=t.ma~as.4763364487&w=1200&fwrn=4&fwrnh=100&lmt=1690716872&rafmt=1&format=1200x280&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716872475&bpp=2&bdt=803&idt=231&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3219674463804&frm=20&pv=1&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=q8pgqqROd6&p=https%3A//otodiva.id&dtd=238
Frame ID: 94E8E261E3EE38CD90CB6E89DB0DCDD8
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=125&slotname=4763364487&adk=902745524&adf=1946489492&pi=t.ma~as.4763364487&w=970&lmt=1690716872&format=970x125&url=https%3A%2F%2Fotodiva.id%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716872477&bpp=1&bdt=804&idt=273&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3219674463804&frm=20&pv=1&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sDzezd2zvC&p=https%3A//otodiva.id&dtd=278
Frame ID: 14ED6A689B616EF421BE6C384892D513
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&slotname=3976225997&adk=2566647451&adf=1979701478&pi=t.ma~as.3976225997&w=300&fwrn=4&fwrnh=100&lmt=1690716872&rafmt=1&format=300x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716872478&bpp=1&bdt=806&idt=294&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C970x125&nras=1&correlator=3219674463804&frm=20&pv=1&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=iSQwEi0q7a&p=https%3A//otodiva.id&dtd=306
Frame ID: 9D97B9C02F07AD649C14101E83BCC12B
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY3-fR8QEwAQ&v=APEucNVytleeNkFczoN0Wk0E3wJOC6CCjPTunmpTAt1mZ2b62Ugrj1ftFujpKr4W3fwyEYk08YtMTOdL1lc00MAwLoBAY-BEfasLSvSTkEQ6rSdbX6YZooMwG_hJ7p9Ggcx6BBajh5RuP_8ciu1wwaafDdBovmoFx55lod0B6lWlpLvD9YBIE5I
Frame ID: F5DD2C21DC354C3873A08F5488AF3E2F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 63476E0F00C4809B2B83D06BC247910A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js
Frame ID: BB41AA4E36C92E27139ADC66A1ABFC67
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js
Frame ID: 6F47742F2700C9595FDE01B0CD3E08F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&adk=2982052862&adf=2698748695&pi=t.aa~a.2746241531~rp.1&w=121&fwrn=4&fwrnh=100&lmt=1690716873&rafmt=1&to=qs&pwprc=5064251535&format=121x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716873710&bpp=2&bdt=2038&idt=2&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dabc893fffc196648-228f1feeb6e70064%3AT%3D1690716872%3ART%3D1690716872%3AS%3DALNI_MaWVB8ShPENiIXBkSNJ4sHOoAB_UQ&gpic=UID%3D00000d3120664d92%3AT%3D1690716872%3ART%3D1690716872%3AS%3DALNI_MZsLE8rFIwkYrvRd3gvXGlCZQ4Kww&prev_fmts=0x0%2C1200x280%2C970x125%2C300x600&nras=2&correlator=3219674463804&frm=20&pv=1&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&psts=ABnkTfDJS-wnZooQ6laM71K5gmGAT2TQJ8Z7Pkz4FbvUKSmT4JABUMbKc_Xh1xM8-NEmBYH_pqhG01rdMKo0opFLcbFqUqKA%2CABnkTfCIXFbnAtP8McjjQokvfVdTe338YBuDieetQ7JrgnrVUMdZh-Fh6zHeigjYwgwzxE44QviCsYRp4dDVXjxOpO7m3xc%2CABnkTfAg2FM3Atn80cW5KqVflX3PF1xeFZRs1fGJY-9SZ7zihHo62Ii2p3r08htDArOvSgUjnNq4XYb2kawJLs-3vUTjKsKZ&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=MQnGnEjiio&p=https%3A//otodiva.id&dtd=6
Frame ID: EA6BB3E8EB3C1AA67A0C8E976C0AF406
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Frame ID: 09D3265A50455A7562881E622299E05E
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7D00E696A846CD69399D7DEE1C8715A2
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9A23DF7D6BE29F55FB798C7DE3B27759
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Frame ID: E84B3F23F2E2973EAF5F90E24DE7BABF
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6DE1978BB84E80FF6F3E895DF594BB3D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 44BAB949F333BB2A4399161A04249838
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F54DADA910C950D47DC7958619BF2FF7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 98DAB46C1A89630E9E19464073B5214A
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 9829F5DDD289E5533CBC07A8A728B904
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A119F264C60F8124939C4DB3641299DC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B65741AE536C59D18CCDCF1DA8AC28CF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js
Frame ID: CC0F444B3C68D6F9F36522BC2EAEF75A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js
Frame ID: DF4F86C71B4CF993052A14B2E963C6D9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js
Frame ID: 81B40D9594C707B5D518C776005AE0CF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 08EB25D18F6351F4D2BFB029C60AC624
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js
Frame ID: 04DBB3614FC911BE2B91607A688D10EB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Otodiva.id - Online media for the ladies auto enthusiast

Page URL History Show full URLs

http://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card HTTP 301
https://otodiva.id/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

217
Requests

97 %
HTTPS

63 %
IPv6

24
Domains

32
Subdomains

30
IPs

8
Countries

3811 kB
Transfer

7710 kB
Size

21
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://gadgetdiva.id/
Title: – Gadgetdiva.id

Search URL Search Domain Scan URL

URL: https://traveldiva.id/
Title: – Traveldiva.id

Search URL Search Domain Scan URL

URL: https://gizmologi.id/
Title: – Gizmologi.id

Search URL Search Domain Scan URL

URL: https://gizmologi.com/
Title: – Gizmologi.com

Search URL Search Domain Scan URL

URL: https://facebook.com/otodiva.id
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/otodiva.id/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://instagram.com/otodiva.id
Title: Instagram

Search URL Search Domain Scan URL

URL: https://kontenify.com/
Title: PT Konten Cipta Kreatif

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card HTTP 301
https://otodiva.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHwxxvvpmybPkuXNlqmtndg&google_cver=1

Request Chain 75

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMZKyY2ytmQKklXHJz6glgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHwxxvvpmybPkuXNlqmtndg&google_cver=1

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEijCxTYG2Xt-0DQLqe6cIk&google_cver=1

Request Chain 77

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYyNTQ4ODI4MzUxNzMxMDE5OQ%3D%3D

Request Chain 173

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 174

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 187

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 191

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 202

https://um.simpli.fi/gp_match?google_gid=CAESEJ-0tHaMY4VQI--GYyoNCdw&google_cver=1&google_push=AaAOQGECoaZBG-QskV8c-nUVDyakiseurcuyiSq4ku4mjb5ptmzrTl0frSyqmHJ8-JpB-Y2coYJeHz1JbvF9vjuT3Od-QZpn895Wvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=251ACEC56D0145DC939346B620D5A6A9&google_push=AaAOQGECoaZBG-QskV8c-nUVDyakiseurcuyiSq4ku4mjb5ptmzrTl0frSyqmHJ8-JpB-Y2coYJeHz1JbvF9vjuT3Od-QZpn895Wvw

Request Chain 206

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJSmhXjtk8m6K88z-D-S_w0&google_cver=1&google_push=AaAOQGHMOjvxiRhH1Y4uouZsxbm54XLAttFVA3Zc7nblm9u9gm1jX0zIWp41pN9V6j85JOWoxLNn8DmIvvvk2eL8vsRKj29hvkoPWNo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHMOjvxiRhH1Y4uouZsxbm54XLAttFVA3Zc7nblm9u9gm1jX0zIWp41pN9V6j85JOWoxLNn8DmIvvvk2eL8vsRKj29hvkoPWNo

Request Chain 207

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPf94u57_vcdBxZUGP2sZpE&google_cver=1&google_push=AaAOQGFVZdkStUJMnX35s_80sUf79zoUoSwcVnny86hTL3ckDtAe7CizGxVhTWT1ZfLncGdMLMrdh2dZcyR-KL46C5EENO9enTBElQaF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFVZdkStUJMnX35s_80sUf79zoUoSwcVnny86hTL3ckDtAe7CizGxVhTWT1ZfLncGdMLMrdh2dZcyR-KL46C5EENO9enTBElQaF HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

217 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
otodiva.id/
Redirect Chain

http://otodiva.com/ip4xl/viewtopic.php?page=comerica-bank-credit-card
https://otodiva.id/

153 KB
22 KB

1343ms
564ms

Document
text/html

2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c098a53e5a44658387b746d3dc5a3abb0be50cb99fa6f6dc169902ad388d2d0b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29637
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7eed4afc6d8b3a6a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 30 Jul 2023 11:34:31 GMT
link: <https://otodiva.id/wp-json/>; rel="https://api.w.org/" <https://otodiva.id/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json" <https://otodiva.id/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPW9GVEAA%2BhaIFUqxrpEBo%2FSkVwbPZOedL4VIRsJV22k889SfOguhEbVKp%2F87sdDHJ%2B3FpshgbaY5UJAgiZ9FQjKIocZZ3umuECOojeS7YuXgvQixI%2BQrvbIWbq3HhHeD2J5VKULEhrH"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Cookie

Redirect headers

CF-RAY: 7eed4af76dd4381a-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 30 Jul 2023 11:34:30 GMT
Expires: Sun, 30 Jul 2023 12:34:30 GMT
Location: https://otodiva.id
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCv60XfkXznnXH3BFoUzYGnj9OUKuRSf3sTzY0BqInHsJjMfoWpD60ai7no5jZFZTJuLKeMbmykeoHSrgvuq5M9xXLxRLGYXCY7lPmQJ%2BcntxV7y2OePN5RInevCP0dr7ok4Ka33UwT8Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 kendaraan-listrik-1024x660.jpg
otodiva.id/wp-content/uploads/2023/07/ 93 KB
94 KB 254ms
247ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/kendaraan-listrik-1024x660.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ae4f5bae553dafe6526eaf137d6aad59b630ee5e9d0bd88811fdc43c037852c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:31 GMT
cf-cache-status: HIT
last-modified: Sat, 15 Jul 2023 07:30:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64b24b0c-174a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cIahXaqv3hIHgDg3XfH65JHGrRe14%2FZH0UH%2BeyOS5jcK29YJRRskS51DMIHzKDOXDCqWMaKquOkbq2joZ%2FJ9p3yXJvJddjIm8HGFXQAPGZPbB5I8QK%2F1ecyno2qgIaYQips9Vb8PNWSp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199684
cf-ray: 7eed4b001b233a6a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ts-icons.woff2
otodiva.id/wp-content/themes/smart-mag/css/icons/fonts/ 10 KB
11 KB 232ms
225ms Font
application/octet-stream 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/themes/smart-mag/css/icons/fonts/ts-icons.woff2?v2.4
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a13056d106882ee191a6ae002dcfe77a62c8481c199c1af338a952d6650ea96d

Request headers

Referer: https://otodiva.id/
Origin: https://otodiva.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:31 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 12 Jul 2023 10:13:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64ae7ce3-2914"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ju%2FtgMiReOSvdt07CXfWjtPNQJou3jmHW22VYgkP9KZPPAZfoHWEfuHZ6uHxdav7xu8eRZ4os7Y84VnFmOzJCcnS5y%2BpJBN3HcxLs9HN89u%2B2q%2F6IyrMYu9gRxpAcEv%2Bd%2B3gKczOETeN"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7eed4b001b1b3a6a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10516

GET
H2 200 style.min.css
otodiva.id/wp-includes/css/dist/block-library/ 95 KB
13 KB 220ms
213ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 02:57:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a38a91-17ced"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nl037yaBe3H%2ByxTq6dMV3GRSXAs6ab2Cz09LMyld%2FDYknp0CRNbg8sSXVPfU4x7mAvFHTzcjm2GFuzMaWQ46vylSCKHxjIHtrkohsX4RUGihM9EJlkzuKoiVyFDlcgB%2Bbwek6udJLn4d"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455199684
cf-ray: 7eed4b000b033a6a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 classic-themes.min.css
otodiva.id/wp-includes/css/ 291 B
487 B 185ms
179ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 02:57:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a38a91-123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FT4zraV9ELJAw97X8LY9dKigNmOzqD4qYXNvrMD0XIhNhfwHZ3yNtH5MEuLYWYZh2zsUVtxM7xQa80TEc4w3d%2BA2jFbH7Ch5JzNU9akk65CMrcG1mGLa5H04P9OQYeG9YlPKPKrFpDsk"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455199684
cf-ray: 7eed4b000b053a6a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.css
otodiva.id/wp-content/plugins/elementor/assets/css/modules/lazyload/ 413 B
524 B 182ms
175ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/plugins/elementor/assets/css/modules/lazyload/frontend.min.css?ver=3.14.1
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ecb54f91384af7226cb4f18f87588edd49ceff5bdd4a3010336e1c22ccc390d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 03:18:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a38f84-19d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pdq3bBAvlPlbVMx0qzP9dVmiqO%2Fui9py4RtdbH0T8TFCR4dH3vXsLfQ4AWj0WoZItRSh5C98ldH6xDDyYyG1lgIdq6239lyBJt6gxK0EPpfk7XRM7hHxZ3b3wreiGtk%2FZI9XOG9bDGyD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455199684
cf-ray: 7eed4b000b063a6a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend-lite.min.css
otodiva.id/wp-content/plugins/elementor/assets/css/ 103 KB
13 KB 555ms
549ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.14.1
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab59f550860dcea6de47b9999d6d9aa586f2cd631097691d013e90c61270b4ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 03:18:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a38f84-19c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfJhhIzhSlGIDhgdCTICg8K55DsBSpeVYAZiQMbH0qxWebyV3P%2FG6FO9akNvfSeC8JRiLYt0sBEr6pVjpXiv9BWXqXY97b6af%2F8Br2htyKkWZjisSKuT5qEvYtgY7KIEl5SdjzEc3GlA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455199683
cf-ray: 7eed4b000b083a6a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 swiper.min.css
otodiva.id/wp-content/plugins/elementor/assets/lib/swiper/v8/css/ 16 KB
5 KB 200ms
194ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 03:18:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a38f84-4057"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TzHzVPEIDeKojwj66aJFNPmGlSf03XrMY0ReiPVC2DoCmrjsmUGc%2Fq9xnhKrn%2BMu7bG1OfuPGUp3y8TH2YGkLT3EhozSPysZ2YMtx33RCvyfsjceWe9%2F7gfRjXOVB9aCjJvexLOtDTES"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455199684
cf-ray: 7eed4b000b0a3a6a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-8.css
otodiva.id/wp-content/uploads/elementor/css/ 930 B
669 B 531ms
525ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/uploads/elementor/css/post-8.css?ver=1688445593
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 878014e6a9168c57eff7600e86ad88e8970ea651d8a163fcfd0173d246ace273

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 04:39:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a3a299-3a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUZ0LXkXDnTNreB2Cpn2vU5T4RS1ahjzlxu0KDwYY5q0cKD2K8fGucgyUIUjGQR8kvY0sBbecjXoM6yo8JdmeIw2vcZpWYV3eC3DiGcTJeke11BWZELFQP8h1%2FvHqDXyl93p3arVGjlM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455199683
cf-ray: 7eed4b000b0c3a6a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-6.css
otodiva.id/wp-content/uploads/elementor/css/ 13 KB
2 KB 212ms
207ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/uploads/elementor/css/post-6.css?ver=1689640736
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e8dd3f0ac5d0d3fad25ad3f73975be87db679615f1e7af0d9efe02df2370ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Jul 2023 00:38:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64b5df20-35fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FGjhEl%2FCsthGCfKMHKkYQo3494JozP9N2lO57arP9r9ipx4ar9jjLHg1KvnmBOAr9KJymeS%2FyNiKuxKKb3AfV%2FjaBm7CNZWLAkkYX9QJaYRLYFcs%2FESHaFLSpeWh3WGsFgKPMHPrR2R"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455199684
cf-ray: 7eed4b000b0d3a6a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
otodiva.id/wp-content/themes/smart-mag/ 191 KB
38 KB 208ms
202ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/themes/smart-mag/style.css?ver=9.2.0
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d212ebb58e24f6786a56de7721662abc21831961e98c7b053f2f3f92fad848a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 10:13:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ae7ce3-2fc7a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UeWpcydl5HqdPaXcBuwSABGNG3BQ6NWccHxEZTKGR%2B1BwU65o3bKpC2qOpslOrv%2FTdPdrF1iDLt4KaUIEqhaBar5E4PHllsikZZgv5%2B9dPgIKdxLO00Nf8Q6wHe5cE6Qewq5Z%2F%2BIdbe"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455199684
cf-ray: 7eed4b000b0e3a6a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lightbox.css
otodiva.id/wp-content/themes/smart-mag/css/ 7 KB
2 KB 201ms
195ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/themes/smart-mag/css/lightbox.css?ver=9.2.0
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9ecc55173b58cf9ab841c18c232def14055ac9fdc3380f093f0360280601637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 10:13:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ae7ce3-1dce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKlnUtopu52TRVUOUkE6c8yq6rw9m%2FEN5F1P4jj3hcMI%2F0WvmsNcvnwFHmfkq%2FLCYEmpxTJIFgDLcLf5yQZGi%2B0ntc96pQOcY1wL7V1%2BojsfsfGiKFrqbyaWcX%2FIZRZvqkj9geoibA5G"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455199684
cf-ray: 7eed4b000b0f3a6a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icons.css
otodiva.id/wp-content/themes/smart-mag/css/icons/ 4 KB
1 KB 200ms
195ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/themes/smart-mag/css/icons/icons.css?ver=9.2.0
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc773158cf18dc46e3b09c9add531ce040f156f420ff5cea89584703f8a16cac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 10:13:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ae7ce3-114e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FlScAHocaGRA0QHbicjPg7R4oHoqxW3e0pygzOMkVMBqaZJF78tHOsAI3Iu%2Fjj0pUEc1dVTFkP%2Fw6LABKtRCf%2BKg5yJvgMXfLg3MT6sYsGiKbJdiMOQTH67jQHSq2tv%2FLm7iS7Wwrpf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455199684
cf-ray: 7eed4b000b103a6a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 19 KB
1 KB 45ms
21ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Assistant%3A400%2C500%2C600%2C700%2C800%7CJost%3A400%2C500%2C600%2C700%7CInter+Tight%3Anormal%2C400%2C500%2C600%2C700&display=swap

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89cc71ae9db584bda0ee5ebfcb9bb931451bbca3c47ad69221211d919a0e3c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Origin: https://otodiva.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Jul 2023 11:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 30 Jul 2023 11:34:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jul 2023 11:34:31 GMT

GET
H2 200 post-views.js Show response
otodiva.id/wp-content/plugins/sphere-post-views/assets/js/ 3 KB
1 KB 197ms
192ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/plugins/sphere-post-views/assets/js/post-views.js?ver=1.0.1
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3130f866e2557c43a08e1226e2b6dc3f439a0a464bc68a00d872840d31c690d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 03:29:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a39236-a54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNvblE0zIxP2Qy9qDOZ7hIyQhinEKQTwVuWmqqG9KX2FXx835mrdUnMsV5j2vxnJeCQuNLl6zLok8rp%2BJXukaktqgmM9p6VgjZ60T68JbJ9aYpAqNpu2D2JbitIGb%2FXiPsvKwU5jaCtH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455199684
cf-ray: 7eed4b001b1d3a6a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 53ms
29ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109987058-3

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d1b599720f4a809ade7da30c819a986709b61fe6001242c0c28e4a2083505ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65995
x-xss-protection: 0
last-modified: Sun, 30 Jul 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 30 Jul 2023 11:34:32 GMT

GET
H2 200 jquery.min.js Show response
otodiva.id/wp-includes/js/jquery/ 88 KB
32 KB 233ms
228ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 02:57:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a38a91-15ed7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BOYgULpHpUcQFI75I1JpjZbu6rxoqQa3yDZBfm7x2%2BbdMD0dZ2oMFVx9zVB35mQbOdGSQMh691fKu1AeXMCK82DluuRIO8kTIU6JU0BHMei8r%2BN8OSesi%2BiiHYU%2BZna6zvUBKZ9LUl9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455199684
cf-ray: 7eed4b001b203a6a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
otodiva.id/wp-includes/js/jquery/ 13 KB
5 KB 204ms
199ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 02:57:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a38a91-3470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0iu8J34ME0Y4Tp%2BEkLhi78ijGE3Je%2FZBdAMHrn5QsJctavmNV2r3Hnyg2sV38vLHqEf6Fy7JYdEzibq9jiJlqZ7sV6xH%2BNv25cYn6T4gWhDCerjTzQOoegJxJBIG1L7trM1YkG0eW3v"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455199684
cf-ray: 7eed4b001b213a6a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 87ms
64ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5949640052836324

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07f9b8ce0e66af42ef718758c7b24c4475a40aef11aee8170e6792452ccc18c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Origin: https://otodiva.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51163
x-xss-protection: 0
server: cafe
etag: 8198024017524477127
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 11:34:32 GMT

GET
H3 200 otodivaid-white-2x.png
otodiva.id/wp-content/uploads/2023/07/ 45 KB
45 KB 37ms
36ms Image
image/png 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/otodivaid-white-2x.png
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0fab2c23386ae8d4d3d1859f43e6e96fa0c95d2c86c60288a918b7b4f3b544d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
cf-cache-status: HIT
last-modified: Wed, 05 Jul 2023 09:33:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 345606
etag: W/"64a538f7-b305"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2oLbiN1Uy7PYSd7lBgDXkW4FPL5iBDdnL9N1EpG4j8TKk5K0nPdAj8CPaGtBmUt0obnUYuC3u2A9wLGT0Z07MMdJmalpBS4Y%2Bg5uFxG6kduobR%2By7RqggWnsJcz2klLbS%2B338yc3qgx5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=455199683
cf-ray: 7eed4b039f4f9b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 otodivaid-white.png
otodiva.id/wp-content/uploads/2023/07/ 19 KB
19 KB 549ms
548ms Image
image/png 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/otodivaid-white.png
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41a60ad5531522c3bd4e2179e530104f4799e35c74cbe82466a1737cb8b66b5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
cf-cache-status: HIT
last-modified: Wed, 05 Jul 2023 09:33:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a538e2-4bc5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v34LyofE7bbfI9mLMBuc1IruTsXQ3i%2FSBnRVZLbpgUcXkOH%2Frf4n4GqKHNjx90JDF6SY7Q4hCIhaomQjPouiO9KRAVdKns7ruFXK3psn780P2x%2Fo6hEs6ws77g5tq7yoU7Ck9Aac3Ve5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=455199683
accept-ranges: bytes
cf-ray: 7eed4b039f529b5e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19397
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wp-emoji-release.min.js Show response
otodiva.id/wp-includes/js/ 18 KB
5 KB 41ms
41ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 02:57:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107792
etag: W/"64a38a91-4904"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZ32ndXnIWWa%2BtfsrSltTBiOx84O1hUbI7PZppnLrHL6%2Fq6U%2F8UKD3udmyhq4Uhvnqv9S9%2FZS5gwd92CJ8gJ941cO6EwdpaneUnGy9xuj7phEiX61wtPTCIZxxugXm1TluwPv5pbFnpi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455199683
cf-ray: 7eed4b039f539b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 animations.min.css
otodiva.id/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 17ms
17ms Stylesheet
text/css 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.14.1
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 03:18:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107798
etag: W/"64a38f84-4824"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFKp5UvHRabbUKq66QRaQOkeX78D1dC8Mw%2FXTwqTLTkAmqpfaPhuFQV5fmjN%2Fbc1%2FRuybH9SzAXHWbajl8B08%2Fk3uOGPnMwuUZZJhXS4hMi4Zm%2FV19UERFH%2Fowx2TyLCZ0VGd2gj2oWI"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=455199683
cf-ray: 7eed4b035e8e9b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 lazyload.js Show response
otodiva.id/wp-content/themes/smart-mag/js/ 9 KB
5 KB 16ms
16ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6071e2ed8dd3e36f6dfa6fac9e4858ae880ab3c1c60075d6e87545b8114a66a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 10:13:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107798
etag: W/"64ae7ce3-23a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzgoZLUUVBeZgCJCcvBk7n7oBz16eveVYEWZEtLPdPBHUnPBmlyM5mUPiD%2BOBKPIfcXL6eEDHn3VLHpgM6bldjHe7PVO3dDpopqYnSKf%2B2CC9ftVqCQikZWhOwsn%2BxkfjScEJgfvsili"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455199683
cf-ray: 7eed4b037ee59b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.mfp-lightbox.js Show response
otodiva.id/wp-content/themes/smart-mag/js/ 20 KB
8 KB 16ms
16ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/themes/smart-mag/js/jquery.mfp-lightbox.js?ver=9.2.0
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 10:13:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 345606
etag: W/"64ae7ce3-4ef8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNbP1SFpSZTq9DATCiZxrWWBLlRlzBOM7jTVAoreGOXNirP0%2FGOArRvf18QHd1Llqie7Hv3pMQjlpJGhekUjW00eec8ZzzF%2Fqdvy2ERvJlBCwHFKZ6bzjy6zSUrMjdBrLDSnJM2UQf9k"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455199683
cf-ray: 7eed4b037f019b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.sticky-sidebar.js Show response
otodiva.id/wp-content/themes/smart-mag/js/ 12 KB
4 KB 27ms
26ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/themes/smart-mag/js/jquery.sticky-sidebar.js?ver=9.2.0
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2660d2ba27141ecebe732da9795d68254bb155fbf87a88d817d4da4528b9a83c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 10:13:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 345606
etag: W/"64ae7ce3-3079"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fsfYGAkH%2FGC15imoYqfcy44yNFrDrO8bJPlsQLx9lAg7LwNfDcIyH40ZVPk1x1F1QNpuyRiOBAvcj52dAt56Pys4YXaxQzTRhd3Szj8dH8qt09i179DQUkBZUvW5dq%2FFWCGoZC6TJt04"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455199683
cf-ray: 7eed4b038f339b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 theme.js Show response
otodiva.id/wp-content/themes/smart-mag/js/ 52 KB
16 KB 18ms
16ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/themes/smart-mag/js/theme.js?ver=9.2.0
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcc37c7117fa0be1f5025276a470b467aa7bdc1c34d94129aee332c2811fbaf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 10:13:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107798
etag: W/"64ae7ce3-ce01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wvGP%2F8gZPwECUnduz3uDesa%2BGQkBh1njjggrYGBzEi1E4F0H9RWGsxrF8%2Fql75XIIuUhZ2hFuAix7FTjAFC398mXl0uVJNuOHCSc2fGzQfnO1gIChA7rp2AFzo6%2Ff7JXEgiWAUsxy4k"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455199683
cf-ray: 7eed4b039f399b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 webpack.runtime.min.js Show response
otodiva.id/wp-content/plugins/elementor/assets/js/ 5 KB
3 KB 27ms
26ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.14.1
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3e7c89de8ec9f11eee1605a0367e23585548b1deab4cca3a4a17d5a23a90f79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 03:18:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107798
etag: W/"64a38f84-135e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKF5BvMU8hsB8lpp8GFHRtrjY7v56ChJsqVF%2BRboHHxMcIHvWHbalyj12J8YmTEKT9afSEmwQKS3LjiJJ1gbRDZwPrN8MNRJeXJv4tMFDYn5nPRcKJYuxcw59AeRZgx%2B68WWhenHjgSa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455199683
cf-ray: 7eed4b039f3d9b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 frontend-modules.min.js Show response
otodiva.id/wp-content/plugins/elementor/assets/js/ 52 KB
16 KB 28ms
26ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.14.1
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76efc435fc139294153b2304af750ccd6857bf3349577af166308db9eb0a2fdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 03:18:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107797
etag: W/"64a38f84-ce7d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7QfWkrlixrJIlhvX9aa%2FjGTkM7avDdjXAMmvebx0jNxLh%2BMftIj%2B%2BMU4ieedcP%2Bd%2FQqbpiclBAnaSIPmMSMz7yBs6GqK5lVxSaprtiol0YbqoggVrIk%2BYZz4t9tgQYLOENE9UbVTW95C"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455199683
cf-ray: 7eed4b039f419b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 waypoints.min.js Show response
otodiva.id/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
4 KB 28ms
27ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 03:18:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107797
etag: W/"64a38f84-2fa6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6ekd0fIEtoUbrC2ffcVFi3Yu8haSxItMk2i1evH463cMIHEyr6MWt1dZeQdHSRfp8oX%2BN9%2FuFdSBxPQsMpZylXQbc%2FtvJB3Gjaobi4zp3NT2%2BmUlqlAAs1mNS811qvam15Zx5ayHbdY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455199683
cf-ray: 7eed4b039f459b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 core.min.js Show response
otodiva.id/wp-includes/js/jquery/ui/ 21 KB
8 KB 36ms
35ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 02:57:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107794
etag: W/"64a38a91-53be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTZdAhZ26UGk3BAoF0scxlYGg65CPtqSnDPaqNPAYK%2FmhFjV1H2jdQLIMZu1OGoG7vBwwrAK02TBEwFmrX%2BcUAgo1W6hfku09TFdAJDUhMKFjv9Ln0g6NQPE69%2BWbL2ktlKw%2FvSfsYF6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455199683
cf-ray: 7eed4b039f499b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 frontend.min.js Show response
otodiva.id/wp-content/plugins/elementor/assets/js/ 40 KB
13 KB 37ms
36ms Script
application/javascript 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otodiva.id/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.14.1
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46b04afecdaf08e04385a7cabaec357f6edfc6a8b2b156d8c624c2621894f3de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Jul 2023 03:18:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107794
etag: W/"64a38f84-9f6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhI7yiWvnMZodeOSlgrFZeHAwvurF%2FsaAg%2FsTS1kMoB1eMYv969LwITFZJzB%2BIb5LmEi%2FZdPmJXyloozt76OLGKh1dSURs2rnyKJPzU2jJuI%2FykFmdgaESZdrSJlvENoY%2Be0VGPubceG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=455199683
cf-ray: 7eed4b039f4d9b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2sDcZGJYnIjSi6H75xkzaGW5.woff2
fonts.gstatic.com/s/assistant/v18/ 20 KB
21 KB 30ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/assistant/v18/2sDcZGJYnIjSi6H75xkzaGW5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Assistant%3A400%2C500%2C600%2C700%2C800%7CJost%3A400%2C500%2C600%2C700%7CInter+Tight%3Anormal%2C400%2C500%2C600%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36ea273138b793477fef7ab102c5d882f9329660f70df5d5ad43f30f0edd7026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://otodiva.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 05:15:27 GMT
x-content-type-options: nosniff
age: 109145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20608
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:46:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 05:15:27 GMT

GET
H2 200 92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v14/ 26 KB
26 KB 20ms
15ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oTd4g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://otodiva.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 07:35:17 GMT
x-content-type-options: nosniff
age: 187155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26304
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:29:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 07:35:17 GMT

GET
H2 200 NGSwv5HMAFg6IuGlBNMjxLsH8ag.woff2
fonts.gstatic.com/s/intertight/v3/ 44 KB
44 KB 15ms
10ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/intertight/v3/NGSwv5HMAFg6IuGlBNMjxLsH8ag.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca34455f82a5c81d8111c6a641771c011e95767e64efc8a52f82299896028c57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://otodiva.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 02:33:38 GMT
x-content-type-options: nosniff
age: 378054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45072
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:27:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jul 2024 02:33:38 GMT

GET
H3 200 zoomcar-2-450x327.jpeg
otodiva.id/wp-content/uploads/2023/07/ 31 KB
31 KB 15ms
15ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/zoomcar-2-450x327.jpeg
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56f80e901644d62f7ea9f1cc471afab7f5ae317ffb6ca0469fddd87958646198

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 11:16:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107789
etag: W/"64bfaf11-7b19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwYvlDJr%2BHyhwDz9Pth%2BQj2V4GE0pu9HPfdegnByrFNKg5b1UrAAKOXoH%2Fko6OIoA0SY6nUdL%2FZiR6qYL0ZfyksiRTpNlk2Fq0Z%2Fjnp79GbKF9FR%2FTBzWjZf9n6dKMDORyKVvw6mB4c1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199683
cf-ray: 7eed4b04081a9b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 giias-1.jpg
otodiva.id/wp-content/uploads/2023/07/ 11 KB
11 KB 24ms
23ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/giias-1.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5477891890ad6e8dedd3a47a1b287e2aea323c0c51e3f488b7eca5aa1fe01700

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2023 05:12:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107789
etag: W/"64be0828-2b89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZrJP%2BOOIFtofapQLPA8krH3aw5CFozS9bz59uCZi9iD1oxRx5BxJdN1Yiqiu%2BkQI5O%2B2JMAT8OqBgQ3JEM1FaEZiQL5uPvkesuBYVpcHJO2xw%2F95HkrH7br%2BL%2BFxeqBaCEQu4alXjSu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199683
cf-ray: 7eed4b04081e9b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Honda-HR-V-2-450x291.jpg
otodiva.id/wp-content/uploads/2023/07/ 39 KB
40 KB 24ms
23ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/Honda-HR-V-2-450x291.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18e99bc4cee10418d8b755b39b3e6da0226dee98cccc3d88981ea3801d0e4e9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2023 02:37:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107789
etag: W/"64bde3f7-9c55"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFa0TDXT%2Ff4IaAtT9TYiNQ5uLiFqFZ%2BcfDAr0AI2mNG4EHA0G9sdjr1UP6zaFliIKn3wvbFlX6caOPeg%2FO36398cPOdwyRqwfRGun%2BnTsv63tAteX7VWQcJv1N2LlbTRee0tAc8IeOaO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199683
cf-ray: 7eed4b0408209b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 honda-modifikasi-450x311.jpg
otodiva.id/wp-content/uploads/2023/07/ 24 KB
24 KB 26ms
24ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/honda-modifikasi-450x311.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d28cc51162a7adf1821c88f11f69771f13591359b19a8d2da7fd5d10bd013332

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
cf-cache-status: HIT
last-modified: Sun, 23 Jul 2023 00:44:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107787
etag: W/"64bc77f6-5fb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74B6J41hRlx407abyzVcrLLnHF6NZic%2BSzEg8qJzBHVkjTYfR2Qo8ivZv6%2FvvHrGEapmVjXjad1SyNezdtQojB0mZuixQ%2BhPyGNAQTJm739h7fgnhbrDQh1OxOuTvN5CM%2FcaWfWKmaZM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199683
cf-ray: 7eed4b0408219b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Hyundai-1-450x258.jpg
otodiva.id/wp-content/uploads/2023/07/ 17 KB
17 KB 27ms
26ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/Hyundai-1-450x258.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f2872276c46bb88f3b244e1827b9a103cee97bf5f31f9c355016176196d05a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
cf-cache-status: HIT
last-modified: Sat, 22 Jul 2023 12:26:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107787
etag: W/"64bbcafb-42b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3G6m4xNbs1xEVUDH3HRa1D9%2BI7SF5pK0jjqN4wfruXWnlDkd5fKzU%2FHt%2Bm%2FM5k2iYj2lxEBgmpJvZqom8ylGYjxoE2DH1jUhjjlj1sl0uaVYgQFcFPg3FafY3HpmNBSjJrW8tu%2BJnUj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199683
cf-ray: 7eed4b0408249b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 zoomcar-2-768x559.jpeg
otodiva.id/wp-content/uploads/2023/07/ 67 KB
68 KB 15ms
14ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/zoomcar-2-768x559.jpeg
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b5a969b0dd319efdad17f77e3d2ad3950e6d5e704a5e1b0e881fdccc05cd3eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 11:16:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107787
etag: W/"64bfaf11-10d80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RdFixjXOb3EYdhJlu2A034mERuoMxR6d3PhwRusJw4chcc1K3csguFF1wSivNlZ%2Foe0kIP0lMvSL3SOkG7GYC5v2%2FvH4LHEkG5NnafhYwmEKC2hU3Eh0BjV1Zn4BJkZDgH77u%2FlZsgh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199683
cf-ray: 7eed4b0408269b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 taneli-lahtinen-tG5TwCXg0bw-unsplash-768x512.jpg
otodiva.id/wp-content/uploads/2023/07/ 48 KB
48 KB 30ms
29ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/taneli-lahtinen-tG5TwCXg0bw-unsplash-768x512.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45b386087016db45add66c062ebabc81038545147ad15c6c1616ffb4e73e7d95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 07:21:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107785
etag: W/"64bf77de-be18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyFuVPjIsGgqR%2Fkwa6UcN6d22N1o9Sf1xAmdYIZCCtzRONPPoRLvE7sF0I7XWHt%2FIyAsJ%2Bo8P6Ksv1EU1joE0bE8f2gTv9NAZex3Q%2BE3bih1fmBwbbJHYM2uG88Rex6cx35qlzYYNXal"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199683
cf-ray: 7eed4b0408289b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wuling-air-ev-2-450x598.jpeg
otodiva.id/wp-content/uploads/2023/07/ 43 KB
43 KB 31ms
30ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/wuling-air-ev-2-450x598.jpeg
Requested by: Host: otodiva.id
URL: https://otodiva.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6ccf740ad840cb52110869896130e9c435416d2eb1f70baacbef5e870c4f788

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2023 06:12:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 345603
etag: W/"64be1662-aa77"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uu%2B2eq1x5dDGqrzSXqTnmCQgLbw0%2FrK6qpHb4%2Bj%2BVDq4nriyJSguNQhty9FU%2BxvIoSVN3MYHi68VQz9N7qD3SGpJd6uEIFOmciLFAlHhYKFRtLC9OrPqpTz7gN%2B%2Fwrbb33qgpG6RdS%2B3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199683
cf-ray: 7eed4b04082b9b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
76 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LY8D8YR8N2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109987058-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a19790f56163fe59d00d0e73bd1037bc742af4073cc3156a86183d980c51a8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77583
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 30 Jul 2023 11:34:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 35ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109987058-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 30 Jul 2023 09:44:24 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6608
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 30 Jul 2023 11:44:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
74 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-579FDP2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109987058-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dab643fc0864bd44831f09246ffbb09ff704974d314541c59dc5770dc1d45683

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75984
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 30 Jul 2023 11:34:32 GMT

POST
H3 200 search Show response
otodiva.id/wp-json/iawp/ 16 B
704 B 601ms
601ms XHR
application/json 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://otodiva.id/wp-json/iawp/search

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://otodiva.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 30 Jul 2023 11:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-iawp: iawp
vary: Accept-Encoding, Accept-Encoding, Cookie, Origin, Origin
allow: POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://otodiva.id
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MOBJBefWsS45RSTgp%2FFa8OwmQjvEtoBksCg1JUceaFdFgFM9O%2Bulvtx0PtFtJ4YePa6TCuVEs28HNng%2B71GdHu4AdFzqv5KmcObvEaZPt5p2PJPPKGdnFr0zsm1s4UPHDQd%2B2333btX"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex
link: <https://otodiva.id/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray: 7eed4b04d95c9b5e-FRA

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/ 364 KB
125 KB 91ms
76ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5949640052836324&plah=otodiva.id&bust=31076426

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5949640052836324

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b02df10aaec049dfb2c63e4b4a0f95613f3ce81e75e27b91989d257d674809b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127854
x-xss-protection: 0
server: cafe
etag: 6413771423246911948
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 11:34:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/ Frame F03C 10 KB
5 KB 32ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5949640052836324

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10395
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 08:41:17 GMT
etag: 12368291122986407432
expires: Sun, 13 Aug 2023 08:41:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
203 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1418444580&t=pageview&_s=1&dl=https%3A%2F%2Fotodiva.id%2F&ul=en-us&de=UTF-8&dt=Otodiva.id%20-%20Online%20media%20for%20the%20ladies%20auto%20enthusiast&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=300386042&gjid=1390389807&cid=2115540830.1690716873&tid=UA-109987058-3&_gid=954452976.1690716873&_r=1&gtm=457e37q0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=211372464

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://otodiva.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://otodiva.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 37ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8W66JYHLF1&gtm=45Pe37q0&_p=1418444580&_gaz=1&gdid=dZTNiMT&cid=2115540830.1690716873&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690716872&sct=1&seg=0&dl=https%3A%2F%2Fotodiva.id%2F&dt=Otodiva.id%20-%20Online%20media%20for%20the%20ladies%20auto%20enthusiast&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-579FDP2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://otodiva.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 62ms
21ms Ping
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8W66JYHLF1&cid=2115540830.1690716873&gtm=45Pe37q0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-579FDP2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://otodiva.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 54ms
32ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8W66JYHLF1&cid=2115540830.1690716873&gtm=45Pe37q0&aip=1&z=1889989204

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LY8D8YR8N2&gtm=45je37q0&_p=1418444580&_gaz=1&cid=2115540830.1690716873&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1690716872&sct=1&seg=0&dl=https%3A%2F%2Fotodiva.id%2F&dt=Otodiva.id%20-%20Online%20media%20for%20the%20ladies%20auto%20enthusiast&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LY8D8YR8N2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://otodiva.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 36ms
22ms Ping
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LY8D8YR8N2&cid=2115540830.1690716873&gtm=45je37q0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LY8D8YR8N2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://otodiva.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 36ms
36ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LY8D8YR8N2&cid=2115540830.1690716873&gtm=45je37q0&aip=1&z=1345475130

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
345 B 30ms
20ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-109987058-3&cid=2115540830.1690716873&jid=300386042&gjid=1390389807&_gid=954452976.1690716873&_u=YGBACUAABAAAACAAI~&z=1951376494

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://otodiva.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 30 Jul 2023 11:34:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://otodiva.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
603 B 67ms
16ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=otodiva.id&callback=_gfp_s_&client=ca-pub-5949640052836324

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5949640052836324&plah=otodiva.id&bust=31076426

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61f5582b3e6e25f6b1eab0bf7e175e29a245bc62cfb06298e3a9dc515a853455

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DDEF 563 KB
102 KB 821ms
820ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&adk=1812271804&adf=3025194257&lmt=1690716872&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x540_l%7C236x540_r&format=0x0&url=https%3A%2F%2Fotodiva.id%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716872468&bpp=7&bdt=796&idt=203&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3219674463804&frm=20&pv=2&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=233

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f7a23b161d10e3db5b233c2ce36141ba99ea8fe2abd66964759529ee29fd7c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 104666
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 11:34:33 GMT
expires: Sun, 30 Jul 2023 11:34:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 94E8 105 KB
37 KB 667ms
667ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=280&slotname=4763364487&adk=1394093537&adf=683863926&pi=t.ma~as.4763364487&w=1200&fwrn=4&fwrnh=100&lmt=1690716872&rafmt=1&format=1200x280&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716872475&bpp=2&bdt=803&idt=231&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3219674463804&frm=20&pv=1&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=q8pgqqROd6&p=https%3A//otodiva.id&dtd=238

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1d92da994884ddd670dab5c2788ba51ae198325e0405bf50953f48ee52cdc1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37504
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 11:34:33 GMT
expires: Sun, 30 Jul 2023 11:34:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 64ms
36ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-109987058-3&cid=2115540830.1690716873&jid=300386042&_u=YGBACUAABAAAACAAI~&z=1090245836

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 33ms
32ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-109987058-3&cid=2115540830.1690716873&jid=300386042&_u=YGBACUAABAAAACAAI~&z=1090245836

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 14ED 114 KB
39 KB 661ms
655ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=125&slotname=4763364487&adk=902745524&adf=1946489492&pi=t.ma~as.4763364487&w=970&lmt=1690716872&format=970x125&url=https%3A%2F%2Fotodiva.id%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716872477&bpp=1&bdt=804&idt=273&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3219674463804&frm=20&pv=1&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sDzezd2zvC&p=https%3A//otodiva.id&dtd=278

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48f15423ea44a578927c3da8823006d23e01f7c221f41778296b0064fd4fdf62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39433
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 11:34:33 GMT
expires: Sun, 30 Jul 2023 11:34:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9D97 80 KB
36 KB 478ms
478ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&slotname=3976225997&adk=2566647451&adf=1979701478&pi=t.ma~as.3976225997&w=300&fwrn=4&fwrnh=100&lmt=1690716872&rafmt=1&format=300x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716872478&bpp=1&bdt=806&idt=294&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C970x125&nras=1&correlator=3219674463804&frm=20&pv=1&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=iSQwEi0q7a&p=https%3A//otodiva.id&dtd=306

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b6ffbc051a476107484b5a09233ad57cc88bd509e5025fccdc2af9d40a53833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37113
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 11:34:33 GMT
expires: Sun, 30 Jul 2023 11:34:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D97 42 B
63 B 39ms
39ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DseG5bhGsVrIe0nuGkPi0C26AGGA4mFgoQnb_i9pbGDYoAzV7K3ARmjvEi4xwiGJ20fgKHgKNRO9HsY9rfJOQer23ojcmTySdXZJ8-vtIRccpnIbA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&slotname=3976225997&adk=2566647451&adf=1979701478&pi=t.ma~as.3976225997&w=300&fwrn=4&fwrnh=100&lmt=1690716872&rafmt=1&format=300x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716872478&bpp=1&bdt=806&idt=294&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C970x125&nras=1&correlator=3219674463804&frm=20&pv=1&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=iSQwEi0q7a&p=https%3A//otodiva.id&dtd=306

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F5DD 624 B
246 B 46ms
46ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY3-fR8QEwAQ&v=APEucNVytleeNkFczoN0Wk0E3wJOC6CCjPTunmpTAt1mZ2b62Ugrj1ftFujpKr4W3fwyEYk08YtMTOdL1lc00MAwLoBAY-BEfasLSvSTkEQ6rSdbX6YZooMwG_hJ7p9Ggcx6BBajh5RuP_8ciu1wwaafDdBovmoFx55lod0B6lWlpLvD9YBIE5I

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&slotname=3976225997&adk=2566647451&adf=1979701478&pi=t.ma~as.3976225997&w=300&fwrn=4&fwrnh=100&lmt=1690716872&rafmt=1&format=300x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716872478&bpp=1&bdt=806&idt=294&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C970x125&nras=1&correlator=3219674463804&frm=20&pv=1&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=4004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=iSQwEi0q7a&p=https%3A//otodiva.id&dtd=306
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 11:34:33 GMT
expires: Sun, 30 Jul 2023 11:34:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 9D97 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 04:01:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 04:01:17 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/ Frame 9D97 7 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

289eaaf84993733e50b752db0ff63b63cf9639c5b36df0b08bbe73054a5ebdba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 05:30:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3041
x-xss-protection: 0
server: cafe
etag: 10703168227084058840
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 05:30:44 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9D97 0
0 72ms
44ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss8BFAjj2w31V4_je8zhEm1iJtSZnBqKbZhctEh-Lly7FUhWt9Q5aoUTH0sGIYXeF_RY0QNB5E5K1plTi73mTkFuYJ_ayq7obT0Kd7lGe9Cks6d_Egfncd1gcoUfKotf-6qfaq4ozdSCSocuh2ZmFdxtdlu0vIRBgYRrsLxazhAYFRrkUVXT-JJloDtz8AWo7k9eVIr2pTIjoYaxSFCFJtm_hXfG0F9csqWSUWn-F8boWaC6Ld-LpmSWutEeo73QRCYfT0RcltoL58kuH0vFZeZRR3hBwcBInn3IFZDlbio-o5tqeMpYirxAKBwy0PgCy5UgOuXFAliPOhK_35ozHdF2IbPKpT5d_VSRhQuAVAQKoxHCWUeFfJQhgk3DiMhKvT4Z4tpMEOrn5EV7Eotrv54akZo5hWKsxduuMJ-K9jFsUJ6snQZXMrVsSZxWLaEMULPtPugEQUaS36Ym1j2zhnUW7J5F8FDZBpregR3LZIHEebLui0PPQmeKi1Oe1g6D36DSq96u5OkwcSsSCCWVigOIFyV9vm-CufwVfGp5bOPYx3tpM7QLN-cXdjpthOZux-6GS11rIKXYxJDXaJO_JSPTyldkvLjU5TNX8gFA41JZs8yCMAr-n3LQpn7dVxYIhu8Y8ABeZaCgIgTglW5Tpd8ADU0Sd_if6AuTl2CZPLpXV3sO8ayCb0TX1MTPVRfkwgTZBSNKWpz8T0jcHJaxvJYF-ShX6j3aetoSTz5i80_Ava7K2LedpM_ZA911kpkNeuoe1TQlC6YJfC9ewrGnes9uvYR1_YZys1AoCuzUGLWUo94jVze_9TIZdbW2leRlq1PP90fhq0NIRZnOisenQwBJcM623OCEo87rZ6s5U77lC8vgi7kmY2Qv2T7C26eWNowUtoUltRvlt7cF8JPdD9E7v3pGnJLXSYc53OlNbtKGYbKBnsIJ3yNFxNCk4VzoQpShLFRpfiHrWW4Z6wunvMW6EBBsC5NH9uE2VvCogj_ns0KhRfvN15Wj5h7VqBu9Fv7w-5PpjY22cqk4Zf7uvP693JD2Vw5mtoBM1MlVTGwYB66Pk3DjhCk7LToVhwRBiiRuzwN5URnhhO7UL4GZO4M_2FOn-CgdWEKBODFX9ZJbxUP4wi20pz7GQAev3_fV1DokAUBDQt6-Q1Gxl990prIM1QZRhi45NCZs1qvGZQfyZLD-Oiy3rc4qka5rNqMIrqCOHGycqRMQv2z_baOSdL9vmYMe_7zIFC3nrdx&sai=AMfl-YSnRO-PVMM9TVhLVHn26LoU9Qk5GLNEmPFnoCqBpCg31i1Hi12VcCp4LmE9RkZV0EKKxWmxGNk0NDIU8-OlOjjB1ceWVASU9JNHcQ0B-ihPg-YrWewSwYeHAUStwh68em5hS5Icyzi1iRwaL7ynVX-WvF9HTCnMwtn5USZf4HpSffpzqc0wcoLdpNMbvfvaasPGO0lCxBr_QQTEUqZ8X7h7mxAkiXGVFCOsl4i8PTs&sig=Cg0ArKJSzJLB6_vticNnEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20230726.15487&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 30 Jul 2023 11:34:33 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 30 Jul 2023 11:34:33 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9D97 41 KB
14 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128827
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 23:47:26 GMT

GET
H2 200 948668892010054206
s0.2mdn.net/simgad/ Frame 9D97 155 KB
155 KB 29ms
7ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/948668892010054206

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83cb59005473aa71b56eb1c2e4ecfbb3506c6ee956dc2d9e702ca0bb4eef72f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 04:13:44 GMT
x-content-type-options: nosniff
age: 112849
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158538
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 14:04:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 Jul 2024 04:13:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 9D97 3 KB
1 KB 35ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49693
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 21:46:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 9D97 20 KB
9 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 07:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14800
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 07:27:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D97 179 KB
57 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jul 2023 11:34:33 GMT

GET
DATA 200
OK truncated
/ Frame 9D97 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7fc5b4368dc1bfcfad5f5f6834214b2906f9b30b6b45e7af166dac74c23e25a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F5DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHwxxvvpmybPkuXNlqmtndg&google_cver=1

43 B
766 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHwxxvvpmybPkuXNlqmtndg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY3-fR8QEwAQ&v=APEucNVytleeNkFczoN0Wk0E3wJOC6CCjPTunmpTAt1mZ2b62Ugrj1ftFujpKr4W3fwyEYk08YtMTOdL1lc00MAwLoBAY-BEfasLSvSTkEQ6rSdbX6YZooMwG_hJ7p9Ggcx6BBajh5RuP_8ciu1wwaafDdBovmoFx55lod0B6lWlpLvD9YBIE5I
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jul 2023 11:34:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHwxxvvpmybPkuXNlqmtndg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F5DD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMZKyY2ytmQKklXHJz6glgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHwxxvvpmybPkuXNlqmtndg&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHwxxvvpmybPkuXNlqmtndg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY3-fR8QEwAQ&v=APEucNVytleeNkFczoN0Wk0E3wJOC6CCjPTunmpTAt1mZ2b62Ugrj1ftFujpKr4W3fwyEYk08YtMTOdL1lc00MAwLoBAY-BEfasLSvSTkEQ6rSdbX6YZooMwG_hJ7p9Ggcx6BBajh5RuP_8ciu1wwaafDdBovmoFx55lod0B6lWlpLvD9YBIE5I
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jul 2023 11:34:33 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHwxxvvpmybPkuXNlqmtndg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame F5DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEijCxTYG2Xt-0DQLqe6cIk&google_cver=1

43 B
844 B

7ms
7ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEijCxTYG2Xt-0DQLqe6cIk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEY3-fR8QEwAQ&v=APEucNVytleeNkFczoN0Wk0E3wJOC6CCjPTunmpTAt1mZ2b62Ugrj1ftFujpKr4W3fwyEYk08YtMTOdL1lc00MAwLoBAY-BEfasLSvSTkEQ6rSdbX6YZooMwG_hJ7p9Ggcx6BBajh5RuP_8ciu1wwaafDdBovmoFx55lod0B6lWlpLvD9YBIE5I

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:33 GMT
an-x-request-uuid: 65de59df-6a4e-49ed-9f22-8fc21360339f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.72; 45.141.152.72; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEijCxTYG2Xt-0DQLqe6cIk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F5DD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYyNTQ4ODI4MzUxNzMxMDE5OQ%3D%3D

170 B
244 B

18ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYyNTQ4ODI4MzUxNzMxMDE5OQ%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:33 GMT
an-x-request-uuid: 5ea783d2-e23b-4635-b45d-9a46d78b5970
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYyNTQ4ODI4MzUxNzMxMDE5OQ%3D%3D
x-proxy-origin: 45.141.152.72; 45.141.152.72; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6347 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 107009
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 05:51:04 GMT
expires: Sun, 28 Jul 2024 05:51:04 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9D97 0
0 43ms
43ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss8BFAjj2w31V4_je8zhEm1iJtSZnBqKbZhctEh-Lly7FUhWt9Q5aoUTH0sGIYXeF_RY0QNB5E5K1plTi73mTkFuYJ_ayq7obT0Kd7lGe9Cks6d_Egfncd1gcoUfKotf-6qfaq4ozdSCSocuh2ZmFdxtdlu0vIRBgYRrsLxazhAYFRrkUVXT-JJloDtz8AWo7k9eVIr2pTIjoYaxSFCFJtm_hXfG0F9csqWSUWn-F8boWaC6Ld-LpmSWutEeo73QRCYfT0RcltoL58kuH0vFZeZRR3hBwcBInn3IFZDlbio-o5tqeMpYirxAKBwy0PgCy5UgOuXFAliPOhK_35ozHdF2IbPKpT5d_VSRhQuAVAQKoxHCWUeFfJQhgk3DiMhKvT4Z4tpMEOrn5EV7Eotrv54akZo5hWKsxduuMJ-K9jFsUJ6snQZXMrVsSZxWLaEMULPtPugEQUaS36Ym1j2zhnUW7J5F8FDZBpregR3LZIHEebLui0PPQmeKi1Oe1g6D36DSq96u5OkwcSsSCCWVigOIFyV9vm-CufwVfGp5bOPYx3tpM7QLN-cXdjpthOZux-6GS11rIKXYxJDXaJO_JSPTyldkvLjU5TNX8gFA41JZs8yCMAr-n3LQpn7dVxYIhu8Y8ABeZaCgIgTglW5Tpd8ADU0Sd_if6AuTl2CZPLpXV3sO8ayCb0TX1MTPVRfkwgTZBSNKWpz8T0jcHJaxvJYF-ShX6j3aetoSTz5i80_Ava7K2LedpM_ZA911kpkNeuoe1TQlC6YJfC9ewrGnes9uvYR1_YZys1AoCuzUGLWUo94jVze_9TIZdbW2leRlq1PP90fhq0NIRZnOisenQwBJcM623OCEo87rZ6s5U77lC8vgi7kmY2Qv2T7C26eWNowUtoUltRvlt7cF8JPdD9E7v3pGnJLXSYc53OlNbtKGYbKBnsIJ3yNFxNCk4VzoQpShLFRpfiHrWW4Z6wunvMW6EBBsC5NH9uE2VvCogj_ns0KhRfvN15Wj5h7VqBu9Fv7w-5PpjY22cqk4Zf7uvP693JD2Vw5mtoBM1MlVTGwYB66Pk3DjhCk7LToVhwRBiiRuzwN5URnhhO7UL4GZO4M_2FOn-CgdWEKBODFX9ZJbxUP4wi20pz7GQAev3_fV1DokAUBDQt6-Q1Gxl990prIM1QZRhi45NCZs1qvGZQfyZLD-Oiy3rc4qka5rNqMIrqCOHGycqRMQv2z_baOSdL9vmYMe_7zIFC3nrdx&sai=AMfl-YSnRO-PVMM9TVhLVHn26LoU9Qk5GLNEmPFnoCqBpCg31i1Hi12VcCp4LmE9RkZV0EKKxWmxGNk0NDIU8-OlOjjB1ceWVASU9JNHcQ0B-ihPg-YrWewSwYeHAUStwh68em5hS5Icyzi1iRwaL7ynVX-WvF9HTCnMwtn5USZf4HpSffpzqc0wcoLdpNMbvfvaasPGO0lCxBr_QQTEUqZ8X7h7mxAkiXGVFCOsl4i8PTs&sig=Cg0ArKJSzJLB6_vticNnEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=67&vt=11&dtpt=65&dett=2&cstd=1&cisv=r20230726.15487&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 30 Jul 2023 11:34:33 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 94E8 4 KB
655 B 36ms
19ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=280&slotname=4763364487&adk=1394093537&adf=683863926&pi=t.ma~as.4763364487&w=1200&fwrn=4&fwrnh=100&lmt=1690716872&rafmt=1&format=1200x280&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716872475&bpp=2&bdt=803&idt=231&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3219674463804&frm=20&pv=1&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=q8pgqqROd6&p=https%3A//otodiva.id&dtd=238

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Jul 2023 11:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 30 Jul 2023 10:21:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jul 2023 11:34:33 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 94E8 2 KB
892 B 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45702
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 22:52:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 94E8 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45702
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 22:52:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 94E8 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49693
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 21:46:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 94E8 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 07:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14800
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 07:27:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 94E8 179 KB
56 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jul 2023 11:34:33 GMT

GET
H2 200 92cd137fb2ab4f826a326c70369c8a48.js Show response
www.gstatic.com/mysidia/ Frame 94E8 33 KB
14 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92cd137fb2ab4f826a326c70369c8a48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541fb110d3896cc361dd08f655c22accc06bed9c580cc3367e3ef09deff5503d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 16:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 20:56:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 16:23:44 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/13540429652684137033/ Frame 94E8 30 KB
30 KB 13ms
10ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13540429652684137033/14763004658117789537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d32b73ebcd1dabf34a19b3d7d95faea600fa9232a97d1cf8028b65039c176ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 18:39:21 GMT
x-content-type-options: nosniff
age: 406512
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30812
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 12:33:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 24 Jul 2024 18:39:21 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/2374973791745387585/ Frame 94E8 1 KB
1 KB 15ms
13ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2374973791745387585/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3bbfb3bdbad1a766950e1381fe4fb046a40ea8a94b0a4c5b886d812bcf873d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 15:06:21 GMT
x-content-type-options: nosniff
age: 160092
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1121
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 09:41:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jul 2024 15:06:21 GMT

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame 6347 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:10:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 17:10:38 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 14ED 14 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=125&slotname=4763364487&adk=902745524&adf=1946489492&pi=t.ma~as.4763364487&w=970&lmt=1690716872&format=970x125&url=https%3A%2F%2Fotodiva.id%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716872477&bpp=1&bdt=804&idt=273&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3219674463804&frm=20&pv=1&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sDzezd2zvC&p=https%3A//otodiva.id&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Jul 2023 11:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 30 Jul 2023 10:20:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jul 2023 11:34:33 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 14ED 2 KB
892 B 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45702
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 22:52:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 14ED 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45702
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 22:52:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 14ED 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49693
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 21:46:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 14ED 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 07:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14800
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 07:27:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 14ED 179 KB
56 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jul 2023 11:34:33 GMT

GET
H2 200 92cd137fb2ab4f826a326c70369c8a48.js Show response
www.gstatic.com/mysidia/ Frame 14ED 33 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92cd137fb2ab4f826a326c70369c8a48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541fb110d3896cc361dd08f655c22accc06bed9c580cc3367e3ef09deff5503d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 16:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 20:56:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 16:23:44 GMT

GET
H3 200 10186692280954799050
tpc.googlesyndication.com/simgad/ Frame 14ED 14 KB
14 KB 52ms
52ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10186692280954799050?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

643b6d56aa8651ec1d227e355c99cef4c1cff767d2dc9436f057e247f7e13fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:33 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14276
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 00:13:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 29 Jul 2024 11:34:33 GMT

GET
DATA 200
OK truncated
/ Frame 14ED 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 14ED 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 94E8 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9dd284f090431037d9fe434801da4712a3f91b6acc93b3809993d003254d0842

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 94E8 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 410899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jul 2024 17:26:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 94E8 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 17:49:54 GMT
x-content-type-options: nosniff
age: 150279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 17:49:54 GMT

GET
DATA 200
OK truncated
/ Frame 14ED 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e59bf985bfb4e1fef67bfc94efde7b3d5a1f9417998d43fdbbd3fe2832095a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 14ED 33 KB
33 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 06:16:50 GMT
x-content-type-options: nosniff
age: 105463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 06:16:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 94E8 0
19 B 52ms
51ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjjRkyErGZJLBLf221fAPi9yckATYlrL4caPRrY3gEazFtJm6OhABIIzRmWlgleKQgqAHoAGfpomjKcgBCakC5SMmYnF7sj6oAwHIA8sEqgTCAU_QkRicwpFOieJgZ2bdnTM9IlOrjoe2WRWOZmOwFP3naQlbHCy8XSVfcypCf_akl3V_aLX71fG1wYTqVF7AKhBUd8YFs26iR95ZGvNFLyh8ZXcmzve_JlxV-hJ47QjbxvVzkTYRuPpQh-lBzcWdkMEDItgKYiSOW1XjvBOOg3nKm853hRsW2-QJdoreFdLxKmdZX-fn1aJXV03uXlO0NLSI81EZd_4MePZ-KoDFqbAf5rOeMDazc_HZuNKEPAotod0AwATxq9uTtASSBQQIBBgBkgUECAUYBKAGLoAHsoTwnwSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCv8APSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBuBPkA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi01OTQ5NjQwMDUyODM2MzI0GAA&sigh=EilrL6NAeEY&uach_m=[UACH]&cid=CAQSGwBpAlJW_zPGPwrv4DRciM-n_QzzPezdDjkgORgB&template_id=484&cbvp=2&vis=1

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=280&slotname=4763364487&adk=1394093537&adf=683863926&pi=t.ma~as.4763364487&w=1200&fwrn=4&fwrnh=100&lmt=1690716872&rafmt=1&format=1200x280&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716872475&bpp=2&bdt=803&idt=231&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3219674463804&frm=20&pv=1&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=30&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=q8pgqqROd6&p=https%3A//otodiva.id&dtd=238
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 30 Jul 2023 11:34:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 14ED 0
19 B 54ms
53ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1XpdyErGZNzMNJ2T5LcPx764gAv3tO6qccXi8I3GEQoQASCM0ZlpYJXikIKgB6AB7LPywAHIAQmoAwHIA8sEqgTFAU_Qbski5Jq05b1jWvr-83YBTiJXeBHmJaE3mTNvY1-ebHklNZRRZmyYV3pG0eeqtZkfaO8F4eiicyYKcDbkT8Fo0VlDadXLOz1SpgE3lCuPWODCGvPEsdrXOWvPOWeKKzEPcD568aJnwsH06ZuZ4lDBddoVH8WlWC-lFAWbEqLiPKOm2EdmDwgnRp485LcLXbwdwKfTsq-0aY0jc4_iBoq2fB5mgiIWefE652f9QbbGkr6X094_tJVVxFcG29wYdSAOhiiSwATYvOucvQSSBQQIBBgBkgUECAUYBKAGLoAH_MuNvwKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxCTNtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNTk0OTY0MDA1MjgzNjMyNBgA&sigh=6HEWKkzpGjA&uach_m=[UACH]&cid=CAQSGwBpAlJWMroCqGVbWyeSZK1_6lDgrPPJHuXEQBgB&template_id=5000&cbvp=2&vis=1

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=125&slotname=4763364487&adk=902745524&adf=1946489492&pi=t.ma~as.4763364487&w=970&lmt=1690716872&format=970x125&url=https%3A%2F%2Fotodiva.id%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716872477&bpp=1&bdt=804&idt=273&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3219674463804&frm=20&pv=1&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=3251&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=sDzezd2zvC&p=https%3A//otodiva.id&dtd=278
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 30 Jul 2023 11:34:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame BB41 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:10:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 17:10:38 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 55ms
55ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adb75f1eb96a2352be55a17def809bf832cab05d07f7c6cea01585ba8e18a7f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11838
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/ 154 KB
52 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/reactive_library_fy2021.js?bust=31076426

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b35b2ffa9963a1fb0689d557e9c794737409b0aedc4237a252dc6f06cbd48377

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53526
x-xss-protection: 0
server: cafe
etag: 9139407643896511586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 30 Jul 2023 11:34:33 GMT

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F47 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:10:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 17:10:38 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EA6B 39 KB
16 KB 481ms
481ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&adk=2982052862&adf=2698748695&pi=t.aa~a.2746241531~rp.1&w=121&fwrn=4&fwrnh=100&lmt=1690716873&rafmt=1&to=qs&pwprc=5064251535&format=121x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716873710&bpp=2&bdt=2038&idt=2&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dabc893fffc196648-228f1feeb6e70064%3AT%3D1690716872%3ART%3D1690716872%3AS%3DALNI_MaWVB8ShPENiIXBkSNJ4sHOoAB_UQ&gpic=UID%3D00000d3120664d92%3AT%3D1690716872%3ART%3D1690716872%3AS%3DALNI_MZsLE8rFIwkYrvRd3gvXGlCZQ4Kww&prev_fmts=0x0%2C1200x280%2C970x125%2C300x600&nras=2&correlator=3219674463804&frm=20&pv=1&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&psts=ABnkTfDJS-wnZooQ6laM71K5gmGAT2TQJ8Z7Pkz4FbvUKSmT4JABUMbKc_Xh1xM8-NEmBYH_pqhG01rdMKo0opFLcbFqUqKA%2CABnkTfCIXFbnAtP8McjjQokvfVdTe338YBuDieetQ7JrgnrVUMdZh-Fh6zHeigjYwgwzxE44QviCsYRp4dDVXjxOpO7m3xc%2CABnkTfAg2FM3Atn80cW5KqVflX3PF1xeFZRs1fGJY-9SZ7zihHo62Ii2p3r08htDArOvSgUjnNq4XYb2kawJLs-3vUTjKsKZ&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=MQnGnEjiio&p=https%3A//otodiva.id&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd1ebda4d8a364a54c33611b7297aaa5a360c88d68eba26895b676b4731d0e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 11:34:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 30 Jul 2023 11:34:33 GMT

GET
H3 200 zoomcar-2-768x559.jpeg
otodiva.id/wp-content/uploads/2023/07/ 67 KB
68 KB 20ms
19ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/zoomcar-2-768x559.jpeg
Requested by: Host: otodiva.id
URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b5a969b0dd319efdad17f77e3d2ad3950e6d5e704a5e1b0e881fdccc05cd3eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:33 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 11:16:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107788
etag: W/"64bfaf11-10d80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bD%2BAZU5yEHUzSgF3pxdoDP2Xm1pJSyJPmqcGVrVjTbE%2B2O59cWeAI4QagM7%2FG4dvfJuJrU1Ix2RCmPN8YlnuMzN0mJImrQCRwgEQFBdNbYg3b40oXXxTymfJ5oN3tcyfiV3GOCN7ZuGj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199682
cf-ray: 7eed4b0d5dd79b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 taneli-lahtinen-tG5TwCXg0bw-unsplash-768x512.jpg
otodiva.id/wp-content/uploads/2023/07/ 48 KB
48 KB 16ms
16ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/taneli-lahtinen-tG5TwCXg0bw-unsplash-768x512.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45b386087016db45add66c062ebabc81038545147ad15c6c1616ffb4e73e7d95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:33 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 07:21:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107786
etag: W/"64bf77de-be18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfK2S57aZT84rcpentFJwtaAorQNe%2Brzryt4zw%2BGWQYop2HgIlvGXW63S52zKTJWlJHegEIdRInlpCvVve40qC1vuSAvMVGP6STbEKQn%2BmtJtDLWtFsl2%2FspYaZASVPHNs4nUujUZGMh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199682
cf-ray: 7eed4b0d5dd99b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 kendaraan-listrik-1024x660.jpg
otodiva.id/wp-content/uploads/2023/07/ 93 KB
94 KB 692ms
692ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/kendaraan-listrik-1024x660.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ae4f5bae553dafe6526eaf137d6aad59b630ee5e9d0bd88811fdc43c037852c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
cf-cache-status: HIT
last-modified: Sat, 15 Jul 2023 07:30:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64b24b0c-174a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BeloDrd%2FFEnEy6kfGAcD2yUGKX1IDEE3b2St8gz5q6WxIHtgD4o%2BcXPe2LQ58T6aeDJp9oGWzTB8mh0Px0FjGvE5k7cJlcrDpnp%2FcGYEx%2FfsR0PQBZMaPZM7BiTlm%2BozC7WszX3njTbW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199681
cf-ray: 7eed4b0d5ddb9b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 baby-car-seat-2-450x338.jpg
otodiva.id/wp-content/uploads/2023/07/ 23 KB
24 KB 15ms
15ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/baby-car-seat-2-450x338.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c650a6c4be50d9141dd7f379c892613cc8ddbd3da84ddf34a9285edd5e7f3e43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:33 GMT
cf-cache-status: HIT
last-modified: Mon, 17 Jul 2023 08:09:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107786
etag: W/"64b4f746-5cfa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FmZgPSq0Us1MgaQCywfO2IMSgG1pUox4%2Fq%2FtpzJV5vbsDuIpZj%2FGv2CoPHBijM1PHY3xDUrLGVnT8ri9Rw%2BWjCrex9M5ZBdH0APr8w2KEZ8jwF0bvs6HC9ITijILUUGXRMpId1dz8OI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199682
cf-ray: 7eed4b0d5ddc9b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 steffen-trommer-KuDmRYr27A-unsplash-150x100.jpg
otodiva.id/wp-content/uploads/2023/07/ 6 KB
6 KB 16ms
15ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/steffen-trommer-KuDmRYr27A-unsplash-150x100.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df1ac58ce4b9575a3862c62952ef61b40ad76a345b3ddb56451f61971b4ac707

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 107781
alt-svc: h3=":443"; ma=86400
content-length: 5767
last-modified: Tue, 25 Jul 2023 06:51:01 GMT
server: cloudflare
etag: W/"64bf70d5-1687"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beaZvwVY11g9l0TGo7BvotbPueWfDaqg%2B%2BGbcsFRWMJGG7JKfvjd4ZmXhhBXaI9gP2%2FRC9Eny8oa7NRUvN8BPFrGkKKF8sew32HJR3U180i8WRSxUXA4bTMMbCra40EWn79fkfvGwujt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199682
accept-ranges: bytes
cf-ray: 7eed4b0d5ddf9b5e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Jalan-Jakarta-heru-eko-saputro-WOnsgaLbeYI-unsplash-150x109.jpg
otodiva.id/wp-content/uploads/2023/07/ 9 KB
9 KB 222ms
221ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/Jalan-Jakarta-heru-eko-saputro-WOnsgaLbeYI-unsplash-150x109.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9e1412ed848b32e5cd6b6f30459157af2db8cd733e22197dec3a0784373c8e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
cf-cache-status: MISS
last-modified: Tue, 18 Jul 2023 01:31:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64b5eb87-22c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdEkp0M%2FkcSmI2RANLQ3tlYU1wcE7cJI2HAUGF%2FPStNJ9lvq59Mrl7xsQ3EdukZucPflrYXE1i4zstS2vO4fldlxxzuz4SdctIxDSk6cd3og%2FT0nHAL1EHcg8Jk0TKByZiSFMUV8ICIQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199681
cf-ray: 7eed4b0d5de09b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wuling-air-ev-2-768x1021.jpeg
otodiva.id/wp-content/uploads/2023/07/ 102 KB
102 KB 252ms
251ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/wuling-air-ev-2-768x1021.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 182af90e5cf5c641d398baba4c5d0b84a2ffcb5ba1b5ab64121a338a1f889e1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
cf-cache-status: MISS
last-modified: Mon, 24 Jul 2023 06:12:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64be1662-19794"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFlDP2hzHVilykgfgBeI6d89gP8CFmHt5%2Fy%2B7jWsbgzHE1JIc%2BpBHfl7ob%2FkKYXu2YjrzCai3BfXCBYfqbyg8VNtJ59ykI4qoht6MlZVNAvAP4hCFQO%2B8ob%2FNCPn1Jd3xgHDLUNpx1hH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199681
cf-ray: 7eed4b0d5de29b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ilustrasi-cek-mesin-mobil-150x95.jpg
otodiva.id/wp-content/uploads/2022/05/ 6 KB
6 KB 193ms
192ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2022/05/ilustrasi-cek-mesin-mobil-150x95.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 662951d48ef794d3c360971a864f8dcf1ec18e95f59024c1ca8d0970259e9852

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Jul 2023 16:18:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a4465f-16f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u671ITUQLy6lpQtIWUSv3hvaJtoKQyHpGdTeWA7g4iaCuT4bep1H4LU9sxwH7zWrBlut%2Fd5%2BcnALKYyXTfWWjPMRbcriljisKC%2F9PFtGauAmjtV1NrGGlObTy4l1VKLuXnjlGQ4QdT%2BZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199681
accept-ranges: bytes
cf-ray: 7eed4b0d5de39b5e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5873
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Gocar-TRansportasi-Online-150x100.jpg
otodiva.id/wp-content/uploads/2023/07/ 4 KB
5 KB 222ms
221ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/Gocar-TRansportasi-Online-150x100.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61f19659f3952d52d8f4a726a44fbd626db209c290d822409c7279368662fd3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
cf-cache-status: MISS
last-modified: Fri, 14 Jul 2023 02:42:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64b0b601-106a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4kM8crG9shk2j7KKixZtrcaWL8gvwgH4RWXhXdTODfXp9yXFq5io4yFm%2BxkvzZ%2BvzssIeWuDEyTjyzK4pQqLIDFp7Ta38o72lVW8enufBRZzvkhAV1%2BEYJZtZYyP9uKZVJGDnk2iPIr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199681
cf-ray: 7eed4b0d5de49b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wanita-bermotor-150x100.jpg
otodiva.id/wp-content/uploads/2023/07/ 8 KB
8 KB 201ms
200ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/wanita-bermotor-150x100.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66527c6af068d1f79f833cc1285172c0a7550152db92967213ee7cc5e6b72731

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Jul 2023 16:19:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64b0241b-1fae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TmgNQPZgDU%2BPbu6aW3nepRrNKUMm4TKkapFHgKY39FUuLAzSEjXTTB2AwT5zeG1Ap4BxrJ72eiUFFDcu9jOPLh6KrX%2Bj5Kd4eRUTeqH8ozb2RKHNlfy14ZrhoVA%2F2TMq1UmIRo8d7VWZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199681
accept-ranges: bytes
cf-ray: 7eed4b0d5de59b5e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8110
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/ Frame 09D3 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:40:12 GMT
etag: 12368291122986407432
expires: Sat, 12 Aug 2023 23:40:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/ Frame 7D00 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:40:12 GMT
etag: 12368291122986407432
expires: Sat, 12 Aug 2023 23:40:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/ Frame 9A23 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:40:12 GMT
etag: 12368291122986407432
expires: Sat, 12 Aug 2023 23:40:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/ Frame E84B 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 23:40:12 GMT
etag: 12368291122986407432
expires: Sat, 12 Aug 2023 23:40:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6DE1 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 48078
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 22:13:15 GMT
expires: Sun, 28 Jul 2024 22:13:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 44BA 783 B
972 B 56ms
55ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0b8337c99ba3f9a94eb8bee383cdd0b6ac346094887557f2ef28118b582e0846

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G2dFtprkZYm8-gQEp7hZWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://otodiva.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-G2dFtprkZYm8-gQEp7hZWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 11:34:34 GMT
expires: Sun, 30 Jul 2023 11:34:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 baby-car-seat-2-450x338.jpg
otodiva.id/wp-content/uploads/2023/07/ 23 KB
24 KB 14ms
13ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/baby-car-seat-2-450x338.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c650a6c4be50d9141dd7f379c892613cc8ddbd3da84ddf34a9285edd5e7f3e43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:33 GMT
cf-cache-status: HIT
last-modified: Mon, 17 Jul 2023 08:09:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107786
etag: W/"64b4f746-5cfa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URF9uh2ZsGSfZe8bIcRMcqBa%2FqiOUNTwLyvoqzXIybwNpqVaRG96DgvUCyuq6oFqr6ra9LYLFearGWisja%2FfaXpMpdZ3WXdfBROeYgIHU%2BCJ%2BVJnaTiN7Y1T190%2FhcEjmmeK0X%2Fiq%2Fwo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199682
cf-ray: 7eed4b0e7f539b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 steffen-trommer-KuDmRYr27A-unsplash-150x100.jpg
otodiva.id/wp-content/uploads/2023/07/ 6 KB
6 KB 15ms
15ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/steffen-trommer-KuDmRYr27A-unsplash-150x100.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df1ac58ce4b9575a3862c62952ef61b40ad76a345b3ddb56451f61971b4ac707

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 107781
alt-svc: h3=":443"; ma=86400
content-length: 5767
last-modified: Tue, 25 Jul 2023 06:51:01 GMT
server: cloudflare
etag: W/"64bf70d5-1687"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MczbOnzQ%2Bqf8jPi15ZyLdgIxQNOGdOhtasM8WzBlqTqFHT3IeoibsN2oDnKSdCuD9gbo9Px2%2FgPG%2BLcDZ8zCcbXMZ4cF%2B2rQmhnuTkqUjHrQP%2BZeZ6zc%2Bq5XH4C449UKxjlCRH1x4Iqy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199682
accept-ranges: bytes
cf-ray: 7eed4b0e7f579b5e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 09D3 4 KB
671 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Jul 2023 11:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 30 Jul 2023 09:37:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jul 2023 11:34:34 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 09D3 205 B
229 B 7ms
6ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 18:33:35 GMT
x-content-type-options: nosniff
age: 61259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 28 Jul 2024 18:33:35 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 09D3 604 B
628 B 9ms
9ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:02:58 GMT
x-content-type-options: nosniff
age: 199896
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 27 Jul 2024 04:02:58 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/ Frame 09D3 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d22f70ec714241cb6cfff6851ba3b7118c29a8e0d073fbb70b6dd05dd48a7e88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:08:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6346
x-xss-protection: 0
server: cafe
etag: 2178636335013097452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 06:08:23 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/ Frame 09D3 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4407e58a52926a78be27a8cdba65b8ccf8161463db84cee6cc81c7b7b1fb91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 23:29:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8601
x-xss-protection: 0
server: cafe
etag: 3714838898622182897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 23:29:42 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 7D00 23 KB
9 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 22:52:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F54D 143 B
166 B 10ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 11:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 7D00 3 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 21:46:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 7D00 20 KB
8 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 07:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 07:27:53 GMT

GET
H3 200 6160368793783715388
tpc.googlesyndication.com/simgad/ Frame 7D00 30 KB
30 KB 10ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6160368793783715388?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlrfZ4NbfrZKae1EO9FG5gM3ssZyQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e95d4f213297a95d5ad8655fc274282558020a032a98dcc659026b6b1fe6b9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:05:37 GMT
x-content-type-options: nosniff
age: 48537
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30685
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 08:24:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 22:05:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7D00 179 KB
56 KB 33ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jul 2023 11:34:34 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 7D00 33 KB
13 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4938ae629cfe26eaeb48f79a64d380e0f2f29a63b0cf0c98ef4dd19039ed3d81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:54:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13567
x-xss-protection: 0
server: cafe
etag: 2495518695802652152
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 22:54:58 GMT

GET
H3 200 6160368793783715388
tpc.googlesyndication.com/simgad/ Frame 9A23 30 KB
30 KB 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6160368793783715388?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlrfZ4NbfrZKae1EO9FG5gM3ssZyQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e95d4f213297a95d5ad8655fc274282558020a032a98dcc659026b6b1fe6b9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:05:37 GMT
x-content-type-options: nosniff
age: 48537
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30685
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 08:24:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 22:05:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 9A23 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 22:52:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 98DA 143 B
166 B 8ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 11:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 9A23 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 21:46:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 9A23 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 07:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 07:27:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A23 179 KB
56 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jul 2023 11:34:34 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 9A23 33 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4938ae629cfe26eaeb48f79a64d380e0f2f29a63b0cf0c98ef4dd19039ed3d81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:54:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13567
x-xss-protection: 0
server: cafe
etag: 2495518695802652152
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 22:54:58 GMT

GET
H3 200 1d729dcfac295022447460b8819476ab.js Show response
www.gstatic.com/mysidia/ Frame E84B 9 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d729dcfac295022447460b8819476ab.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

124c3668ebf43d22c76f3fc2f1d0f80dd7f02ef26dc70210f7afc56979c925d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 11:20:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3961
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 21:13:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 11:20:35 GMT

GET
H3 200 842a141269b5a246fa69a41ad85635d9.js Show response
www.gstatic.com/mysidia/ Frame E84B 10 KB
4 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/842a141269b5a246fa69a41ad85635d9.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b043839aa2e7a8085b3cc0f2d7451aef91fef525cef449727fcff1b96fcb67a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 12:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4201
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 20:56:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 12:23:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E84B 14 KB
1 KB 18ms
18ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Jul 2023 11:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 30 Jul 2023 10:21:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jul 2023 11:34:34 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame E84B 2 KB
897 B 8ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 22:52:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame E84B 23 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 22:52:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame E84B 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 21:46:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame E84B 20 KB
8 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 07:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 07:27:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E84B 179 KB
56 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jul 2023 11:34:34 GMT

GET
H3 200 92cd137fb2ab4f826a326c70369c8a48.js Show response
www.gstatic.com/mysidia/ Frame E84B 33 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92cd137fb2ab4f826a326c70369c8a48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541fb110d3896cc361dd08f655c22accc06bed9c580cc3367e3ef09deff5503d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 16:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 20:56:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 16:23:44 GMT

GET
H3 200 Jalan-Jakarta-heru-eko-saputro-WOnsgaLbeYI-unsplash-150x109.jpg
otodiva.id/wp-content/uploads/2023/07/ 9 KB
9 KB 15ms
14ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/Jalan-Jakarta-heru-eko-saputro-WOnsgaLbeYI-unsplash-150x109.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9e1412ed848b32e5cd6b6f30459157af2db8cd733e22197dec3a0784373c8e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Jul 2023 01:31:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: W/"64b5eb87-22c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gTJurS4oe%2FzjrxeA3TfMTaihXtwGn%2B7uR9YB0pGim1OIOkMXMnG9COpX7tkKFJO%2FGzteD0l8svdq5dMeuWYG3btias2l6wDnaZ121FKBu2IpLLSjDslVm348AI75ZdY38hr5gUlyXc%2FR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199681
cf-ray: 7eed4b0f485c9b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ilustrasi-cek-mesin-mobil-150x95.jpg
otodiva.id/wp-content/uploads/2022/05/ 6 KB
6 KB 17ms
16ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2022/05/ilustrasi-cek-mesin-mobil-150x95.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 662951d48ef794d3c360971a864f8dcf1ec18e95f59024c1ca8d0970259e9852

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 5873
last-modified: Tue, 04 Jul 2023 16:18:39 GMT
server: cloudflare
etag: W/"64a4465f-16f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qa8%2FaBFEf%2FclK66UrOUOoY26hYRFqenW246%2FhbotLBx9YV%2Fh3ByoQJEmFkPSIocixb3fy%2Bu%2FQcWHcbVQRU%2BTA73tXHJROposjvWRT8w0luDQx0tkk45RRbjChXl5mCFP1eNxlkvwwX5O"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199681
accept-ranges: bytes
cf-ray: 7eed4b0f485d9b5e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Gocar-TRansportasi-Online-150x100.jpg
otodiva.id/wp-content/uploads/2023/07/ 4 KB
5 KB 14ms
13ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/Gocar-TRansportasi-Online-150x100.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61f19659f3952d52d8f4a726a44fbd626db209c290d822409c7279368662fd3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Jul 2023 02:42:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: W/"64b0b601-106a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYoLV0hv2h%2FYgzz0Uc%2Far%2FpA1%2F5nDkw1WFy6wSyRvfvVtMUQo0zwCRl6WQi8HIW%2BqQrT6Ah4oBQEbUzv0ltSBfkk3OftBr1zbDOSwuVnu%2BuGIr9PUQr8JtarkLY7pT4cgVkGZj%2F%2FCAe1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199681
cf-ray: 7eed4b0f485e9b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wanita-bermotor-150x100.jpg
otodiva.id/wp-content/uploads/2023/07/ 8 KB
8 KB 18ms
17ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/wanita-bermotor-150x100.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66527c6af068d1f79f833cc1285172c0a7550152db92967213ee7cc5e6b72731

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 8110
last-modified: Thu, 13 Jul 2023 16:19:39 GMT
server: cloudflare
etag: W/"64b0241b-1fae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6A0NiWFul%2FGsGFhb3%2FwxeFfNdNz89F7dYc3FExDWAtkzihq0VN%2FDub156zD%2FQ7beS3uhPTH6tCl5O3FU%2FAqYHCdehPwXK%2BBScH1DmXOxfw8DXWYWXczBUNb77mOpvIEToIkztk%2FnZqHH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199681
accept-ranges: bytes
cf-ray: 7eed4b0f48609b5e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6347 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5KjYyErGZO7HMZ6A1fAP2ICp8A0AAAAAOAHgBAI&bg=!0dKl0obNAAZGOVy5Zjk7ADkAdvg8WipAS7t13gjgyGLxjXitnsx6B_i70Ym7-APri-wwtJT3skpYKuY9vTgQeWgo5XeOwyuSXdECAAACQ1IAAAAGaAEHmQLFZHqd6aQBb-rOqDrVmKBVURH1k42jc-ad67GJXz9TCYh342Z2u3ntMFwdTrBT63eBp0DgEAAQkkruhs9OxoKnnABcU9jm9ku26Jh2lMrJll62Kd9up8khngdko8qKcmxJidW84Efq7gRJjms0BBUJKgKIdzlNeTrJYSEVo-QNIAoLtbO2QUcRanYWJpZQ_MCfp00m_-aIAQ7x3lfE4UjRTumV1nqOrD-cygncEkmPy0c-XaDJprbwzvBVa2u8YRcvanLqY0dJDD25mXoObhgeZOrQ3yOLOdAs-ENXk0JrjmNgjgJ_UC8hkaUMBXGcalQd4gtesQZFi6geCDMVivLf43lyzQeZQUliiFcl8Sq81Fxow9QpBIQNAjA7LlkA9VIeO66NPeDGpYcKnlQnuWHf1leM1FIabP_tM0cwo_JHIdCkcbIr_WRxZFqI97YC4zQRL_ZU-vQHvjDT-RqtmmL2CKhiqsYUy93msxakI1Nnu6J3yFRquLIVsjMIq5XJzlTiTtAKu5DltSFB1EjCwkcHT3yq66AmV-eTMJPydC0hBmIRqtiLLOKw_nV9SMgA8e1u3CdHoSUcYBv2Xhn6NxkEuMxF0zCAEIiYQJaX8BH_LN61DsCLSlyPLhAYTtMnTnMZdrDU-L0scSN2P8CUJ2y6lGM7n2YM5KZDBvmMwQIfKN3WemDiWxzA5NkwuYj8cicWN8Lpiyl3W7BtRXXZOVa9gBAKcNZZFah821UWhvjqxzYcMAjnW9V0pTsyTheBnuQF6pvNiHJAC43iT29rmFGXlo8XeSp89ophCb-Jn3qzGQIT-xFFYNOhmC09643Ri03Q788rcdct6RlBhHJ9NlbYsg6tglLapJtiIMt2myEARX1W0DFpaeQARH_En66GbwbM5e0Wr1fK7js9y8P5g6OrVkVElkFDPWxaOO8YamuFV-k3o04jLw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9829 14 KB
1 KB 18ms
18ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 30 Jul 2023 11:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 30 Jul 2023 10:11:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 30 Jul 2023 11:34:34 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 9829 2 KB
897 B 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 22:52:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 9829 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 22:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45703
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 22:52:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A119 143 B
166 B 10ms
10ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 11:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 9829 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 21:46:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 9829 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 07:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 07:27:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9829 179 KB
56 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jul 2023 11:34:34 GMT

GET
H3 200 92cd137fb2ab4f826a326c70369c8a48.js Show response
www.gstatic.com/mysidia/ Frame 9829 33 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92cd137fb2ab4f826a326c70369c8a48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541fb110d3896cc361dd08f655c22accc06bed9c580cc3367e3ef09deff5503d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 16:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 20:56:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 16:23:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 44BA 0
0 39ms
39ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=1409805398571352&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F54D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

22ms
21ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 11:34:34 GMT
expires: Sun, 30 Jul 2023 11:34:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 11:34:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 98DA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

24ms
23ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 11:34:34 GMT
expires: Sun, 30 Jul 2023 11:34:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 11:34:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B657 143 B
166 B 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 11:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DE1 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:10:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 17:10:38 GMT

GET
DATA 200
OK truncated
/ Frame E84B 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f005e1efc17d3f7af76b4fa328a8b1669be082ffafd1999fcfd92584438b27a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 XassetPRbrXOGq.png
ads.w55c.net/t/d/ Frame EA6B 28 KB
29 KB 89ms
18ms Image
image/png 2600:9000:25eb:a400:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.w55c.net/t/d/XassetPRbrXOGq.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=OURCQzk4NEI3QzQ0RUIwRjYzODQyRkREMUQ2OEM1NzF8R0ZnTWczR2RmWXwxNjkwNzE2ODc0MDA2fDF8WG1FS1o4a2t0eHxYUjZsc0poNWU3fC0yMDA2MTg2ODQ0X0VYfDY2Mjk2fHx8fC4wUHxVU0Q&ei=GOOGLE_CONTENTNETWORK&ac=WFM2YVdYQTl2bjpYU2YwU29uZW43fDB8MHxFVVI7&js=0&ob=0&ccw=SUFCMjQjMS4w&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fotodiva.id&ts=1690716874009&c=DE&r=G-HE&epid=R0NvdG9kaXZhLmlk&mi=d2Vi&wp_exchange=NWP
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&adk=2982052862&adf=2698748695&pi=t.aa~a.2746241531~rp.1&w=121&fwrn=4&fwrnh=100&lmt=1690716873&rafmt=1&to=qs&pwprc=5064251535&format=121x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716873710&bpp=2&bdt=2038&idt=2&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dabc893fffc196648-228f1feeb6e70064%3AT%3D1690716872%3ART%3D1690716872%3AS%3DALNI_MaWVB8ShPENiIXBkSNJ4sHOoAB_UQ&gpic=UID%3D00000d3120664d92%3AT%3D1690716872%3ART%3D1690716872%3AS%3DALNI_MZsLE8rFIwkYrvRd3gvXGlCZQ4Kww&prev_fmts=0x0%2C1200x280%2C970x125%2C300x600&nras=2&correlator=3219674463804&frm=20&pv=1&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&psts=ABnkTfDJS-wnZooQ6laM71K5gmGAT2TQJ8Z7Pkz4FbvUKSmT4JABUMbKc_Xh1xM8-NEmBYH_pqhG01rdMKo0opFLcbFqUqKA%2CABnkTfCIXFbnAtP8McjjQokvfVdTe338YBuDieetQ7JrgnrVUMdZh-Fh6zHeigjYwgwzxE44QviCsYRp4dDVXjxOpO7m3xc%2CABnkTfAg2FM3Atn80cW5KqVflX3PF1xeFZRs1fGJY-9SZ7zihHo62Ii2p3r08htDArOvSgUjnNq4XYb2kawJLs-3vUTjKsKZ&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=MQnGnEjiio&p=https%3A//otodiva.id&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25eb:a400:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2840a9385365dfd565dbcf35e671f564f257b4dc523927e75f189e1d0ce6890

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: NEHpRraf7ic3hy0ZOqLZ.tbJHWVBq4vw
date: Sun, 30 Jul 2023 04:57:19 GMT
via: 1.1 2e469f907a9adc95ec3989e432e16e1e.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP53-P3
age: 23836
x-amz-server-side-encryption: AES256
x-amz-meta-width: 120
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 28996
x-amz-meta-height: 600
content-length: 28996
last-modified: Thu, 15 Jun 2023 15:29:43 GMT
server: AmazonS3
etag: "2e5fd9adf005f09b505798c3a52dc2b0"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: NyH7X2OU5Brikedh6MoXCAh0EBsRYypQPBOQfQ0TiFrSW8dH1bri1A==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame EA6B 95 B
922 B 145ms
35ms Image
image/png 154.58.197.185
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=5736763492407265
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&adk=2982052862&adf=2698748695&pi=t.aa~a.2746241531~rp.1&w=121&fwrn=4&fwrnh=100&lmt=1690716873&rafmt=1&to=qs&pwprc=5064251535&format=121x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716873710&bpp=2&bdt=2038&idt=2&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dabc893fffc196648-228f1feeb6e70064%3AT%3D1690716872%3ART%3D1690716872%3AS%3DALNI_MaWVB8ShPENiIXBkSNJ4sHOoAB_UQ&gpic=UID%3D00000d3120664d92%3AT%3D1690716872%3ART%3D1690716872%3AS%3DALNI_MZsLE8rFIwkYrvRd3gvXGlCZQ4Kww&prev_fmts=0x0%2C1200x280%2C970x125%2C300x600&nras=2&correlator=3219674463804&frm=20&pv=1&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&psts=ABnkTfDJS-wnZooQ6laM71K5gmGAT2TQJ8Z7Pkz4FbvUKSmT4JABUMbKc_Xh1xM8-NEmBYH_pqhG01rdMKo0opFLcbFqUqKA%2CABnkTfCIXFbnAtP8McjjQokvfVdTe338YBuDieetQ7JrgnrVUMdZh-Fh6zHeigjYwgwzxE44QviCsYRp4dDVXjxOpO7m3xc%2CABnkTfAg2FM3Atn80cW5KqVflX3PF1xeFZRs1fGJY-9SZ7zihHo62Ii2p3r08htDArOvSgUjnNq4XYb2kawJLs-3vUTjKsKZ&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=MQnGnEjiio&p=https%3A//otodiva.id&dtd=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 , Philippines, ASN174 (COGENT-174, US),
Reverse DNS: staticip-hv4m185.hispavista.com
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Sun, 30 Jul 2023 11:34:34 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=1000
Expires: Wed, 27 Jul 2033 11:34:34 GMT

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame EA6B 5 KB
2 KB 70ms
15ms Script
application/javascript 2600:9000:2248:c400:3:4706:a6c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=120&h=600&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE_CONTENTNETWORK&ob=0&ai=0DaDXCcU00&epid=R0NvdG9kaXZhLmlk&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fotodiva.id&ciu=XR6lsJh5e7&btid=OURCQzk4NEI3QzQ0RUIwRjYzODQyRkREMUQ2OEM1NzF8R0ZnTWczR2RmWXwxNjkwNzE2ODc0MDA2fDF8WG1FS1o4a2t0eHxYUjZsc0poNWU3fC0yMDA2MTg2ODQ0X0VYfDY2Mjk2fHx8fC4wUHxVU0Q&c=DE&dt=2dt0005&sd=otodiva.id&cip=1&hmt=1&uidu=CAESEMwTEO4si-EurHwBXXEetv0&spidu=GOOGLE_CONTENTNETWORK&pidu=otodiva.id&hmpvu=b05c7372-a0eb-4e35-9d05-c337d77fff10&hmtsu=3&odtu=2&mtfu=1&crdmu=120x600&cridu=XR6lsJh5e7&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&adk=2982052862&adf=2698748695&pi=t.aa~a.2746241531~rp.1&w=121&fwrn=4&fwrnh=100&lmt=1690716873&rafmt=1&to=qs&pwprc=5064251535&format=121x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716873710&bpp=2&bdt=2038&idt=2&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dabc893fffc196648-228f1feeb6e70064%3AT%3D1690716872%3ART%3D1690716872%3AS%3DALNI_MaWVB8ShPENiIXBkSNJ4sHOoAB_UQ&gpic=UID%3D00000d3120664d92%3AT%3D1690716872%3ART%3D1690716872%3AS%3DALNI_MZsLE8rFIwkYrvRd3gvXGlCZQ4Kww&prev_fmts=0x0%2C1200x280%2C970x125%2C300x600&nras=2&correlator=3219674463804&frm=20&pv=1&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&psts=ABnkTfDJS-wnZooQ6laM71K5gmGAT2TQJ8Z7Pkz4FbvUKSmT4JABUMbKc_Xh1xM8-NEmBYH_pqhG01rdMKo0opFLcbFqUqKA%2CABnkTfCIXFbnAtP8McjjQokvfVdTe338YBuDieetQ7JrgnrVUMdZh-Fh6zHeigjYwgwzxE44QviCsYRp4dDVXjxOpO7m3xc%2CABnkTfAg2FM3Atn80cW5KqVflX3PF1xeFZRs1fGJY-9SZ7zihHo62Ii2p3r08htDArOvSgUjnNq4XYb2kawJLs-3vUTjKsKZ&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=MQnGnEjiio&p=https%3A//otodiva.id&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2248:c400:3:4706:a6c0:93a1 , United States, ASN (),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: 0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding: br
via: 1.1 dcfd78c05ae02ba7df7f221cacf87f22.cloudfront.net (CloudFront)
date: Tue, 25 Jul 2023 01:25:04 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: MXP63-P3
age: 468570
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
etag: W/"a6c8a5bdec77729759b220b95bf503f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate
x-amz-cf-id: 6iAW7x6iJMddD7GAWcqwDQC7_s7inPNNmv_8Ykf9yYQB0q4U8qa28A==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame EA6B 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 21:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49694
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 21:46:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame EA6B 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 07:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 07:27:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EA6B 0
0 18ms
17ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXgh9K4U8dLkjMJXT09pivcS4aN_lxkQ_Cem4mMY3MS_oEDgZ2A47lrVyEglxHoXIxb3fxb9_6WsZt27i8XTCg0XlqgQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&adk=2982052862&adf=2698748695&pi=t.aa~a.2746241531~rp.1&w=121&fwrn=4&fwrnh=100&lmt=1690716873&rafmt=1&to=qs&pwprc=5064251535&format=121x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716873710&bpp=2&bdt=2038&idt=2&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dabc893fffc196648-228f1feeb6e70064%3AT%3D1690716872%3ART%3D1690716872%3AS%3DALNI_MaWVB8ShPENiIXBkSNJ4sHOoAB_UQ&gpic=UID%3D00000d3120664d92%3AT%3D1690716872%3ART%3D1690716872%3AS%3DALNI_MZsLE8rFIwkYrvRd3gvXGlCZQ4Kww&prev_fmts=0x0%2C1200x280%2C970x125%2C300x600&nras=2&correlator=3219674463804&frm=20&pv=1&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&psts=ABnkTfDJS-wnZooQ6laM71K5gmGAT2TQJ8Z7Pkz4FbvUKSmT4JABUMbKc_Xh1xM8-NEmBYH_pqhG01rdMKo0opFLcbFqUqKA%2CABnkTfCIXFbnAtP8McjjQokvfVdTe338YBuDieetQ7JrgnrVUMdZh-Fh6zHeigjYwgwzxE44QviCsYRp4dDVXjxOpO7m3xc%2CABnkTfAg2FM3Atn80cW5KqVflX3PF1xeFZRs1fGJY-9SZ7zihHo62Ii2p3r08htDArOvSgUjnNq4XYb2kawJLs-3vUTjKsKZ&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=MQnGnEjiio&p=https%3A//otodiva.id&dtd=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA6B 179 KB
56 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jul 2023 11:34:34 GMT

GET
H3 200 zoomcar-2-768x559.jpeg
otodiva.id/wp-content/uploads/2023/07/ 67 KB
68 KB 14ms
14ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/zoomcar-2-768x559.jpeg
Requested by: Host: otodiva.id
URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b5a969b0dd319efdad17f77e3d2ad3950e6d5e704a5e1b0e881fdccc05cd3eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 11:16:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107789
etag: W/"64bfaf11-10d80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePV8e2fxLFzpcx6lfsd%2BURvMNzwQ7mgPitfCqHjFhzSjWwVbkdOuspjLq669Swflu4NOLhx%2B0m3eaNyIG8BJNcsfhGsMaA%2FJs2nRp09XGSDSvYWYKvkzTVeTVAx3tnanYTrcajrRR8zF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199681
cf-ray: 7eed4b10aa3f9b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wuling-air-ev-2-768x1021.jpeg
otodiva.id/wp-content/uploads/2023/07/ 102 KB
102 KB 15ms
14ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/wuling-air-ev-2-768x1021.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 182af90e5cf5c641d398baba4c5d0b84a2ffcb5ba1b5ab64121a338a1f889e1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2023 06:12:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: W/"64be1662-19794"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShrJ2VnXWVOj01XMN5XW2es6kJvBseA21TlT6hPVoKVUW3VwQrMFE1yRy%2BxUu5n9dQTQWcfHr3OAeC37MfNCTrYqXv6j7fjW1YIPM2FTQlTWAeZt9%2FzvKMA1tznVvHLDuwTn%2BUr03PSu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199681
cf-ray: 7eed4b10aa419b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A119
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

18ms
18ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 11:34:34 GMT
expires: Sun, 30 Jul 2023 11:34:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 11:34:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E84B 0
19 B 51ms
50ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNqzayErGZMSiMYnxkwP42ZRwxM2pyXGpkNW1-BG4wdLV1AEQASCM0ZlpYJXikIKgB6ABsIzr9AHIAQGpAuUjJmJxe7I-qAMByAPLBKoE3AFP0ITXWnEpQEFrmlF_k_20RzIJq27_sbU4rnGIV69E0k9QmDrSnLVgijG9L-Y7W2Z5tk8cSYMxqQelAic0OUVlf2OBeEfDY4arFPFN7KbEOCJKb8yCSh2XBWYQYtr64Jsbqywb2prJsuHE00iqOlBUlH2-_0rBvTrrVyN98dTKo2-hDz1m3vayORq96RGYA7dRpHCXXKkKAyBhRg8jqLnJ421NBc0oWw4ZPsdag5BBacXybt_p-GpZNiDKsnZSEN15UhPnSXwKA6MVaXqmMgHaK9lCE1Ovgn4GY7u7wASLnqyysQSSBQQIBBgBkgUECAUYBIAHuPOUiwKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDukgfSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTU5NDk2NDAwNTI4MzYzMjQYAA&sigh=NiVz5OrQQeg&uach_m=[UACH]&cid=CAQSGwBpAlJW5bvZW9cgQ-HR7hCwOJ96bD4c4ggWNxgB&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 30 Jul 2023 11:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame CC0F 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:10:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 17:10:38 GMT

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame DF4F 37 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:10:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 17:10:38 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B657
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

23ms
22ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 11:34:34 GMT
expires: Sun, 30 Jul 2023 11:34:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 11:34:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame 81B4 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:10:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 17:10:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 08EB 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72094
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 15:33:00 GMT
etag: 48472445140208031
expires: Sun, 30 Jul 2023 15:33:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EA6B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f9e8851ffddcebe1df938a89b9e05947adb396a3a3a4cbd57a69a0d300c8548

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame 04DB 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: otodiva.id
URL: https://otodiva.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:10:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 17:10:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EA6B 0
19 B 50ms
49ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYDgMyUrGZO3pMo-TkwOsjrawB7qItI9cnNfu7qkIwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5NDk2NDAwNTI4MzYzMjTIAQmoAwHIAwKqBLwBT9BJxNsdgv2dvjfM0cFWTpdAKmDchGnZwMceZJ8asW8vuk09OVIAr9TKkad1vwQsIJDYGs2ldp_Y6yFpNxj4QZlCy_6GQ11lYdXWZWOxg4oVu9JVxmfzTuinEz1QU3Co9HOt-0AMw5yICJ0Aom9-vpin7hzAmnPcHDR4XI7pCA-MZX7vtlWeiEZ63GlTYCMWelbw8ilqUFOBvY1738YKyFUpjeyn7eh_kxVaoPKwAGve9pOumepvq__fqf2ABvPW7JKsqrOVRqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTQ5NjQwMDUyODM2MzI0GAA&sigh=xQAhHFKuFYs&uach_m=[UACH]&cid=CAQSPABpAlJW9bszowPh_8irTm2FZGdo8iqaKXHhnYSwWkoVtj74EVd1wYvpkBz4lOI7uSnHLvkdxEELDn-2LxgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&adk=2982052862&adf=2698748695&pi=t.aa~a.2746241531~rp.1&w=121&fwrn=4&fwrnh=100&lmt=1690716873&rafmt=1&to=qs&pwprc=5064251535&format=121x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716873710&bpp=2&bdt=2038&idt=2&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dabc893fffc196648-228f1feeb6e70064%3AT%3D1690716872%3ART%3D1690716872%3AS%3DALNI_MaWVB8ShPENiIXBkSNJ4sHOoAB_UQ&gpic=UID%3D00000d3120664d92%3AT%3D1690716872%3ART%3D1690716872%3AS%3DALNI_MZsLE8rFIwkYrvRd3gvXGlCZQ4Kww&prev_fmts=0x0%2C1200x280%2C970x125%2C300x600&nras=2&correlator=3219674463804&frm=20&pv=1&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&psts=ABnkTfDJS-wnZooQ6laM71K5gmGAT2TQJ8Z7Pkz4FbvUKSmT4JABUMbKc_Xh1xM8-NEmBYH_pqhG01rdMKo0opFLcbFqUqKA%2CABnkTfCIXFbnAtP8McjjQokvfVdTe338YBuDieetQ7JrgnrVUMdZh-Fh6zHeigjYwgwzxE44QviCsYRp4dDVXjxOpO7m3xc%2CABnkTfAg2FM3Atn80cW5KqVflX3PF1xeFZRs1fGJY-9SZ7zihHo62Ii2p3r08htDArOvSgUjnNq4XYb2kawJLs-3vUTjKsKZ&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=MQnGnEjiio&p=https%3A//otodiva.id&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 30 Jul 2023 11:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200 a.gif
i.w55c.net/ Frame EA6B 42 B
582 B 64ms
8ms Image
image/gif 52.28.142.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=OURCQzk4NEI3QzQ0RUIwRjYzODQyRkREMUQ2OEM1NzF8R0ZnTWczR2RmWXwxNjkwNzE2ODc0MDA2fDF8WG1FS1o4a2t0eHxYUjZsc0poNWU3fC0yMDA2MTg2ODQ0X0VYfDY2Mjk2fHx8fC4wUHxVU0Q&ei=GOOGLE_CONTENTNETWORK&wp_exchange=ZMZKyQAMtO0KZMmPAA2HLFUUh-jzhKyK9q0IGQ&ac=WFM2YVdYQTl2bjpYU2YwU29uZW43fDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCMjQjMS4w&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=otodiva.id&s=https%3A%2F%2Fotodiva.id&ts=1690716874009&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=G-HE&rnd=5736763492407265&epid=R0NvdG9kaXZhLmlk&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dm=MU1vb0JBMjUzMQ&l=aWR8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=2&euid=Q0FFU0VNd1RFTzRzaS1FdXJId0JYWEVldHYw&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=y1FzRSMBQMXvXSxkgNGiyg&buid=Xdb4DXiaK1Q&dv=MUxWSXJn&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEMwTEO4si-EurHwBXXEetv0&spidu=GOOGLE_CONTENTNETWORK&pidu=otodiva.id&hmpvu=b05c7372-a0eb-4e35-9d05-c337d77fff10&hmtsu=3&odtu=2&mtfu=1&crdmu=120x600&cridu=XR6lsJh5e7&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif&cbvp=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.142.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-142-138.eu-central-1.compute.amazonaws.com

Software

PixelTracking/v2.0.30-785-gcf3d607#rel-ec2-master i-0b0237ae7bbf6c9f9@eu-central-1b@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jul 2023 11:34:34 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-785-gcf3d607#rel-ec2-master i-0b0237ae7bbf6c9f9@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 kendaraan-listrik-1024x660.jpg
otodiva.id/wp-content/uploads/2023/07/ 93 KB
94 KB 14ms
14ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/kendaraan-listrik-1024x660.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ae4f5bae553dafe6526eaf137d6aad59b630ee5e9d0bd88811fdc43c037852c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
cf-cache-status: HIT
last-modified: Sat, 15 Jul 2023 07:30:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: W/"64b24b0c-174a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyaZ3ci0dLTdXvj73QwkcOU1kYdP6xhraMxKsAq90cu49LxBvnf7i9dX%2FrxJj8M%2B%2FD0aPXrOdPcQPu%2F2EX7JgZCQ6siyXLLgShR8u3yGaowbooNk6IKUAxB4r%2FBPgbjhbgCN9aK9SN9f"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199681
cf-ray: 7eed4b12acc39b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 giias-1.jpg
otodiva.id/wp-content/uploads/2023/07/ 11 KB
11 KB 15ms
15ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/giias-1.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5477891890ad6e8dedd3a47a1b287e2aea323c0c51e3f488b7eca5aa1fe01700

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2023 05:12:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107791
etag: W/"64be0828-2b89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kC4TiGTfXbJIn%2BOIr24MKc38%2BuMi%2B2OrB065%2FevphOYak%2Fzby8oPHRXzhmIwS1bHRUWLc1Ibusk14cb9ItRg8pkub20VbuszhuPFd%2FpAR5F896kf%2BzHa%2FW36LuRzEs%2B1Owb36sdf0EwS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199681
cf-ray: 7eed4b12acc49b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 94E8 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPq3-hTYLFyb9m2KSPV0xOTooe95FCdxVmD4WQSbsNJGtoY-3pJjpMbbLFJ7sJ-nLQfer521zeTmg1mTnEVti5hp0UtWboeN0QBOQZmo2PAXjY6VWWTGDl0fa3SbN5GbKaBx_wAFMyolAQ&sai=AMfl-YQKNYABXPxm_OSCcmIdnnGvx3LFKthLaelDmJ9PAFvbm_UPrGRA-3oDAl0tyRonR965eQ8pR6N3fjff&sig=Cg0ArKJSzNguy62ieFH0EAE&cid=CAQSGwBpAlJW_zPGPwrv4DRciM-n_QzzPezdDjkgORgB&id=lidar2&mcvt=1049&p=0,0,280,1200&mtos=1049,1049,1049,1049,1049&tos=1049,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1394093537&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690716872714&rpt=891&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 08EB 35 B
464 B 47ms
8ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELEjT9S_rjKWyzywK7jSO2Q&google_cver=1&google_push=AaAOQGFvksvZblm9Fx6pxDiYjX-fL4qjOT8JXtnxXj5LLJScgPSz5s_J-_TQAOUdWWoUuNHa-UgibQ7t4FbS_dcIBmEHKqWWlotzfnI

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:34 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08EB
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJ-0tHaMY4VQI--GYyoNCdw&google_cver=1&google_push=AaAOQGECoaZBG-QskV8c-nUVDyakiseurcuyiSq4ku4mjb5ptmzrTl0frSyqmHJ8-JpB-Y2coYJeHz1JbvF9vjuT3Od-QZpn895Wvw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=251ACEC56D0145DC939346B620D5A6A9&google_push=AaAOQGECoaZBG-QskV8c-nUVDyakiseurcuyiSq4ku4mjb5ptmzrTl0frSyqmHJ8-JpB-Y2coYJeHz1JbvF9vju...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=251ACEC56D0145DC939346B620D5A6A9&google_push=AaAOQGECoaZBG-QskV8c-nUVDyakiseurcuyiSq4ku4mjb5ptmzrTl0frSyqmHJ8-JpB-Y2coYJeHz1JbvF9vjuT3Od-QZpn895Wvw

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 30 Jul 2023 11:34:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=251ACEC56D0145DC939346B620D5A6A9&google_push=AaAOQGECoaZBG-QskV8c-nUVDyakiseurcuyiSq4ku4mjb5ptmzrTl0frSyqmHJ8-JpB-Y2coYJeHz1JbvF9vjuT3Od-QZpn895Wvw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 29 Jul 2023 11:34:34 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 08EB 70 B
266 B 102ms
31ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOT90UqQEfAOYtkTaQSr-Qc&google_cver=1&google_push=AaAOQGFdW6STkzS0VpzCG44syAfSlXGRf4V2NhaJEEY8LT6pyoDMktiTT2a_82mbh_KSd-pnJUQRdvKNrljhu745GWQenK0-rhMBng
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&adk=2982052862&adf=2698748695&pi=t.aa~a.2746241531~rp.1&w=121&fwrn=4&fwrnh=100&lmt=1690716873&rafmt=1&to=qs&pwprc=5064251535&format=121x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716873710&bpp=2&bdt=2038&idt=2&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dabc893fffc196648-228f1feeb6e70064%3AT%3D1690716872%3ART%3D1690716872%3AS%3DALNI_MaWVB8ShPENiIXBkSNJ4sHOoAB_UQ&gpic=UID%3D00000d3120664d92%3AT%3D1690716872%3ART%3D1690716872%3AS%3DALNI_MZsLE8rFIwkYrvRd3gvXGlCZQ4Kww&prev_fmts=0x0%2C1200x280%2C970x125%2C300x600&nras=2&correlator=3219674463804&frm=20&pv=1&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&psts=ABnkTfDJS-wnZooQ6laM71K5gmGAT2TQJ8Z7Pkz4FbvUKSmT4JABUMbKc_Xh1xM8-NEmBYH_pqhG01rdMKo0opFLcbFqUqKA%2CABnkTfCIXFbnAtP8McjjQokvfVdTe338YBuDieetQ7JrgnrVUMdZh-Fh6zHeigjYwgwzxE44QviCsYRp4dDVXjxOpO7m3xc%2CABnkTfAg2FM3Atn80cW5KqVflX3PF1xeFZRs1fGJY-9SZ7zihHo62Ii2p3r08htDArOvSgUjnNq4XYb2kawJLs-3vUTjKsKZ&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=MQnGnEjiio&p=https%3A//otodiva.id&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 30 Jul 2023 11:34:34 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
x.bidswitch.net/ Frame 08EB 43 B
147 B 173ms
7ms Image
image/gif 18.158.83.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDkejumdOkUDzb9IJaOd0wk&google_cver=1&google_push=AaAOQGHSoqtC2AVMrHADgGZDjEPfXpHw0A8rgbv-x7ovQMAhDnzKXO4iT6wDd-5vRZoLG2gnffVNNOi507sjGSsGAhBxTCuHl5SkYQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5949640052836324&output=html&h=600&adk=2982052862&adf=2698748695&pi=t.aa~a.2746241531~rp.1&w=121&fwrn=4&fwrnh=100&lmt=1690716873&rafmt=1&to=qs&pwprc=5064251535&format=121x600&url=https%3A%2F%2Fotodiva.id%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690716873710&bpp=2&bdt=2038&idt=2&shv=r20230726&mjsv=m202307250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dabc893fffc196648-228f1feeb6e70064%3AT%3D1690716872%3ART%3D1690716872%3AS%3DALNI_MaWVB8ShPENiIXBkSNJ4sHOoAB_UQ&gpic=UID%3D00000d3120664d92%3AT%3D1690716872%3ART%3D1690716872%3AS%3DALNI_MZsLE8rFIwkYrvRd3gvXGlCZQ4Kww&prev_fmts=0x0%2C1200x280%2C970x125%2C300x600&nras=2&correlator=3219674463804&frm=20&pv=1&ga_vid=2115540830.1690716873&ga_sid=1690716873&ga_hid=1418444580&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076426%2C31076446%2C44788442&oid=2&psts=ABnkTfDJS-wnZooQ6laM71K5gmGAT2TQJ8Z7Pkz4FbvUKSmT4JABUMbKc_Xh1xM8-NEmBYH_pqhG01rdMKo0opFLcbFqUqKA%2CABnkTfCIXFbnAtP8McjjQokvfVdTe338YBuDieetQ7JrgnrVUMdZh-Fh6zHeigjYwgwzxE44QviCsYRp4dDVXjxOpO7m3xc%2CABnkTfAg2FM3Atn80cW5KqVflX3PF1xeFZRs1fGJY-9SZ7zihHo62Ii2p3r08htDArOvSgUjnNq4XYb2kawJLs-3vUTjKsKZ&pvsid=1409805398571352&tmod=239863932&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=MQnGnEjiio&p=https%3A//otodiva.id&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.83.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-83-223.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 08EB 43 B
363 B 58ms
14ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAaAOQGGCuiUQ16-YVSfVn-w6ABCJ5JDTri3EyLTU3klW1lqFuyqzEg1x3IRnKAGYQZEmF2XQmgusZ9v754qkG4zK6e-WIAv6Vbytpx4&google_gid=CAESEORn2I9ByDvoFaYnOM3JR5w&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:34 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 284495
expires: Sun, 30 Jul 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08EB
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJSmhXjtk8m6K88z-D-S_w0&google_cver=1&google_push=AaAOQGHMOjvxiRhH1Y4uouZsxbm54XLAttFVA3Zc7nblm9u9gm1jX0zIWp41pN9V6j85JOWoxLNn8DmIvvvk...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHMOjvxiRhH1Y4uouZsxbm54XLAttFVA3Zc7nblm9u9gm1jX0zIWp41pN9V6j85JOWoxLNn8DmIvvvk2eL8vsRKj29hvkoPWNo

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHMOjvxiRhH1Y4uouZsxbm54XLAttFVA3Zc7nblm9u9gm1jX0zIWp41pN9V6j85JOWoxLNn8DmIvvvk2eL8vsRKj29hvkoPWNo

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHMOjvxiRhH1Y4uouZsxbm54XLAttFVA3Zc7nblm9u9gm1jX0zIWp41pN9V6j85JOWoxLNn8DmIvvvk2eL8vsRKj29hvkoPWNo
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 08EB
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPf94u57_vcd...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AaAOQGFVZdkStUJMnX35s_80sUf79zoUoSwcVnny86hTL3ckDtAe7CizGxVhTWT1ZfLncGdMLMrdh2dZcyR-KL46C5EENO9enTBElQaF
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
165 B

34ms
34ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires: Sun, 30 Jul 2023 11:34:34 GMT
pragma: no-cache
date: Sun, 30 Jul 2023 11:34:34 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 08EB 0
12 B 16ms
15ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KGnwuSgfXIYZQ9XVlWznQSgS6o6lQLz54lOdZtVbFX3-0n1nJXDLi03kzhNnGQEEipFI6oDg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6DE1 0
12 B 7ms
7ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vH9jog
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 Honda-HR-V-2-450x291.jpg
otodiva.id/wp-content/uploads/2023/07/ 39 KB
40 KB 18ms
17ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/Honda-HR-V-2-450x291.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18e99bc4cee10418d8b755b39b3e6da0226dee98cccc3d88981ea3801d0e4e9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2023 02:37:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107791
etag: W/"64bde3f7-9c55"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qW2w%2F%2BVE4x8Yzcqy5V0fD3Z1FjrWGgPpx7nNyrSp7tjy2c7m1SoBMku4879PlBG28nPlNvYPksBrMSFyJ6qqW4cyTVQteJnTtbe4WHrs%2F5y8%2B1%2BtPJWAB6WeAi%2FooSiRB5znKau1ZjqQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199681
cf-ray: 7eed4b139e0c9b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 honda-modifikasi-450x311.jpg
otodiva.id/wp-content/uploads/2023/07/ 24 KB
24 KB 15ms
14ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/honda-modifikasi-450x311.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d28cc51162a7adf1821c88f11f69771f13591359b19a8d2da7fd5d10bd013332

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
cf-cache-status: HIT
last-modified: Sun, 23 Jul 2023 00:44:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107789
etag: W/"64bc77f6-5fb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BuLjskJhkgX0ki%2FMRTzyBVY1sJ3iO%2FeDOphIZYztZXajeWzeLHJ%2F%2FjRCaK3o4xKClkAwbwhDGnZCb9nahabpvcimhSa2e3xwT2%2FgwBmeRYkPLu6doo%2FxXhXzuPXCPcxUSifMbXjPMLA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199681
cf-ray: 7eed4b139e119b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 taneli-lahtinen-tG5TwCXg0bw-unsplash.jpg
otodiva.id/wp-content/uploads/2023/07/ 87 KB
87 KB 21ms
18ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/taneli-lahtinen-tG5TwCXg0bw-unsplash.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6e2a0f59a60b3210a836925e2dfe45818c8d19773a90a5114bbd9fc1eef1047

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 07:21:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 345605
etag: W/"64bf77dd-15bae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLYXS8fs0BTkNZZvrkjrC%2BPYtdzx9R%2FFsVVFWCtFgCWPOyT8Nn%2FcdEQdsCbuJD1XYBSzQOqrDRxnJkuUm35mXk7o%2FypU0NVFOE6VKwq933E4lSPexKUEc8EbvBlkdGap7No61bM1dFqP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199681
cf-ray: 7eed4b139e219b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cara-hemat-bensin-mobil-150x99.jpg
otodiva.id/wp-content/uploads/2022/05/ 13 KB
13 KB 211ms
208ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2022/05/cara-hemat-bensin-mobil-150x99.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1bb98a6befbdb2fc65efcacace179b1a8c2410a546991bcbecd4d6866471775

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:35 GMT
cf-cache-status: MISS
last-modified: Fri, 07 Jul 2023 01:46:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a76e69-3412"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSs%2FB6ARyvZL5HNdGY7A9DN8BJhEklAO9qsd8c4RY4NfPs%2FliSuuV7wqdf8VXxauLe0qURYsmnz%2FaxZB9BdS08ICWixyiNyyXGuNrZSM6zI1nKFW6lMt%2B7E8qrpvrrYwUrY8c49Ds2yy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199680
cf-ray: 7eed4b139e239b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 menyetir-mobil-pexels-ketut-subiyanto-4429509-150x100.jpg
otodiva.id/wp-content/uploads/2022/05/ 5 KB
6 KB 218ms
215ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2022/05/menyetir-mobil-pexels-ketut-subiyanto-4429509-150x100.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caef9c9e62179097e37b931827c851943bd605583e76384cabcaed08e657e7f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:35 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Jul 2023 08:03:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64a523c8-15b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KqS1%2BCcN%2Fa0OYxfZa4zyyrGyaU8%2Bt1p1sovgkML%2Bm9USVQD4mUtTATi0aC1ft%2BGCByRt17EYHgCHxnZ%2BCtzMWidkhi6rNreQhqEHMMkt8Mgamy7Tad6049hnrTQ25%2FXXCtLuwXSpWNcO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199680
accept-ranges: bytes
cf-ray: 7eed4b139e249b5e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5553
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 taneli-lahtinen-tG5TwCXg0bw-unsplash.jpg
otodiva.id/wp-content/uploads/2023/07/ 87 KB
87 KB 16ms
15ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/taneli-lahtinen-tG5TwCXg0bw-unsplash.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6e2a0f59a60b3210a836925e2dfe45818c8d19773a90a5114bbd9fc1eef1047

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 07:21:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 345605
etag: W/"64bf77dd-15bae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuUVVNvEwoZNyVLsKma91BrQyTJd9HC%2BfnCEDuFuBgucOqVDMJOBU%2BDvxeMIiJccx0xJc%2B3y%2FMPuSrH%2FqWUlKV5MPHqCzmuJQmA75L2M9jLpxmG2LTvRuMBkTS2sr3hxNf2fOzlDoUH0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199681
cf-ray: 7eed4b13fea59b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 taneli-lahtinen-tG5TwCXg0bw-unsplash.jpg
otodiva.id/wp-content/uploads/2023/07/ 87 KB
87 KB 13ms
12ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/taneli-lahtinen-tG5TwCXg0bw-unsplash.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6e2a0f59a60b3210a836925e2dfe45818c8d19773a90a5114bbd9fc1eef1047

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:34 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 07:21:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 345605
etag: W/"64bf77dd-15bae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEx3abBf%2BfMzv4r27vUJ6vvzOA9PNQxakgoZCgutsB2NSIaYg%2FSiwV1gmQTI8h3daNNg8%2BfenRzAudMH%2BmNqD3J2bcSiiSqqJGO%2B66ENwsmv76cHRdbiJTbw9szS6Hm%2FpbgIBSpwOgEj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199681
cf-ray: 7eed4b146f3c9b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cara-hemat-bensin-mobil-150x99.jpg
otodiva.id/wp-content/uploads/2022/05/ 13 KB
13 KB 18ms
16ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2022/05/cara-hemat-bensin-mobil-150x99.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1bb98a6befbdb2fc65efcacace179b1a8c2410a546991bcbecd4d6866471775

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:35 GMT
cf-cache-status: HIT
last-modified: Fri, 07 Jul 2023 01:46:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: W/"64a76e69-3412"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5A3uzv8CVNOg5eUoosVGOqDOzi8uhFWt09XY5OSwbQMvG8Bd%2B%2Blayw6WYwDFXIshhZBep1sUYk4KzDt7CDKby2oA2FigqRhAo%2FK0pkCnMiCrS2vTk7H0%2FDEZx337%2F0xi23Mr5XZQP9ug"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199680
cf-ray: 7eed4b1508369b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 menyetir-mobil-pexels-ketut-subiyanto-4429509-150x100.jpg
otodiva.id/wp-content/uploads/2022/05/ 5 KB
6 KB 14ms
13ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2022/05/menyetir-mobil-pexels-ketut-subiyanto-4429509-150x100.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caef9c9e62179097e37b931827c851943bd605583e76384cabcaed08e657e7f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 5553
last-modified: Wed, 05 Jul 2023 08:03:20 GMT
server: cloudflare
etag: W/"64a523c8-15b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoIiubeQX2j8j4FY7hJ2rohEa%2Br2T9D2y7kiFRO70Rtj22ZaYma3bNrUArUMRqCU9VKIJGqB2V0qLpuGk%2Bw9P2cqCEwAUd%2B1%2Fo7XeYsdU29M%2FY0LsuJZvojMfLtqp3Qkmmk5T9VTxuAH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199680
accept-ranges: bytes
cf-ray: 7eed4b1508379b5e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 steffen-trommer-KuDmRYr27A-unsplash-150x100.jpg
otodiva.id/wp-content/uploads/2023/07/ 6 KB
6 KB 18ms
17ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/steffen-trommer-KuDmRYr27A-unsplash-150x100.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df1ac58ce4b9575a3862c62952ef61b40ad76a345b3ddb56451f61971b4ac707

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 107783
alt-svc: h3=":443"; ma=86400
content-length: 5767
last-modified: Tue, 25 Jul 2023 06:51:01 GMT
server: cloudflare
etag: W/"64bf70d5-1687"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TodGQ1UYQPcSbqyWwYCSWuV1xPe3rqKyxBWRwNdpLmIdRxkDTK7rsT0BwkbIIuCUlxxHRb3O09WQt4VbYFj5%2B36eJ9h33C5IkpRBkk%2FvASr9yiClyB6ZYLxxS8Tb2UZY%2BUR3rVmHn1Ch"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199680
accept-ranges: bytes
cf-ray: 7eed4b15386e9b5e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 baby-car-seat-2-450x338.jpg
otodiva.id/wp-content/uploads/2023/07/ 23 KB
24 KB 18ms
17ms Image
image/jpeg 2606:4700:3036::ac43:d8c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otodiva.id/wp-content/uploads/2023/07/baby-car-seat-2-450x338.jpg
Requested by: Host: otodiva.id
URL: https://otodiva.id/wp-content/themes/smart-mag/js/lazyload.js?ver=9.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d8c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c650a6c4be50d9141dd7f379c892613cc8ddbd3da84ddf34a9285edd5e7f3e43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 11:34:35 GMT
cf-cache-status: HIT
last-modified: Mon, 17 Jul 2023 08:09:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 107788
etag: W/"64b4f746-5cfa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dB%2FvXmIRy1ksZPMTdQQswryfNXc5STAniUvI9IX38da6p1fvwoPSk1iCLEgfutkjoqpjDZ1wL9oW03fUrLleNi6H1FSgA%2BmptfY9qwshbScm5wD6u7QrQ6rqZNLWYg0%2BkMezRc8SbENJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=455199680
cf-ray: 7eed4b1538719b5e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230726&jk=1409805398571352&bg=!8fKl8qbNAAZGOVy5Zjk7ADkAdvg8Wvv_WdnD5SvJPOY2UrWNnJDA04PBs8Qe5OVa3Dniaf01l8MrlGp8exAk1BxC78Ce0qaYjCsCAAABhFIAAAAFaAEHCgCvavryIGjT7Ou57lk4w9-tHdJWwO7WKNIgERCqAxCH4IDN-svPTS559xGW-luxbe3VWb7ww1OzZuZckDxCk2NuvOys0rzxlqHevt3tojttlX4tw2s5dVSPXI_8AbLCjhKEWp0SvRt8wV6vH1f6JEsOKWaknLAtUZbV0nIpjrGi5k_AO5nu09aGibHdPDIISBXtqAybfXb8bGrlr3Xhss_CbDAjXzyeB2dWLExufSB7FJkCo5khW1mhRbN_ULycN8u94Fw8m9bDP3ek0zxJ_hfnomSWjlU0Gq-D1uZEuOST4DfKro6GJeWtISWyFCeId2L3P0qBFauHLcvR70qJ_yIvqUBbfWVRtV6_Cs3UaKvho5gnekqKds7N7HYitqNTskzmnfg3G1qa0Y67eHn2NrCfbsv8xHiysMt93-N4YCDz16X8su7OXqLekx-Ahh7_6j6yRXDrgD6TO1Xx7X0Cj3xQS5Hl35wbbrsml9Wie3Vd6HJMhmC2avzvwVlU0ksk480vIZA3NKGvr_SSc82DE9ak0R6-Du549-txRrGdHleY_vAj5Au_26116RMPY9hkADsyL0WcyGFJbhuvpplq8bJRlQlBnDUuBlZ1PAdTi5ZAUavok43noZ-oMXCPrEdhl0TEmJIcM2icBbIzYX9SJu8LL8EhFWS7g4EYAYqwKXzeDFN1p-hYiw0xluWBefltV5rsLAB-rTEONYwaV6ESa373PCOBerf1cSgHQ0oCVYgiij50Cmsdf4QORKgkKhwPtkUdCtXV0FgExAgxFT6KdS6IkmQFw-TQ8XtckMyHhzcxoMgpRYmAd3I2y9sN9zjtJv-SBUn5tsNCeTZokpCD9-6jPG_Eflqswt2FsZRC3_sB7fdUNYQvXC0_mCulTZRG1JmRakp0hWWy68ekyJ3LzN_BQwq2C__M_lpr6UyKkwbqbWg5vqjj0nbsvG7UCXrj2ULGOWbUFLI4iWM0CGjYzeQLMz7Q00dsNOv8issRRFYv_GhvTk2IX7uEh1mnges94HN4aOTqrTnhuszdhen0E3h3cQqg7D9YSP3V3LHiia_HuZbe7UxqxiYNZFtUNSxsub-MQ2WOJLAR4aAa0bhCjY2MfzQfwZXVkDGro2iuqJvgxV2Y1-Y_Og
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://otodiva.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E84B 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWA0P2OwN2SZcCoDYweHUW8tojqWvla8Dba0O6GGGdBNcI7vBjhjaKhK3p1dGtK1ykSK7-Xzi4b5AT10XAY3pdaIBlyTRYvX8kroJSNFhi-LbUSvnFCGYE8HRxsd2tudLPp_cMmKtP0zFv&sai=AMfl-YT6n291sEFsqjXpWmwcHbyJ3W8RedIKJiE3qWtxbmfSN_kiS8aJ4j_oCjwGpVHFvyxHOPITJsnk7Qmh&sig=Cg0ArKJSzK-ZOvv09cmNEAE&cid=CAQSGwBpAlJW5bvZW9cgQ-HR7hCwOJ96bD4c4ggWNxgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=156,697,1000,1000,1000&tos=156,541,303,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690716873900&rpt=467&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2023 11:34:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.otodiva.id/	1970-01-20 13:40:03	Name: _gid Value: GA1.2.954452976.1690716873
.otodiva.id/	1970-01-20 13:38:36	Name: _gat_gtag_UA_109987058_3 Value: 1
.otodiva.id/	1970-01-20 23:14:36	Name: _ga_8W66JYHLF1 Value: GS1.1.1690716872.1.0.1690716872.60.0.0
.otodiva.id/	1970-01-20 23:14:36	Name: _ga Value: GA1.1.2115540830.1690716873
.otodiva.id/	1970-01-20 23:14:36	Name: _ga_LY8D8YR8N2 Value: GS1.1.1690716872.1.0.1690716872.60.0.0
.otodiva.id/	1970-01-20 23:00:12	Name: __gads Value: ID=abc893fffc196648-228f1feeb6e70064:T=1690716872:RT=1690716872:S=ALNI_MaWVB8ShPENiIXBkSNJ4sHOoAB_UQ
.otodiva.id/	1970-01-20 23:00:12	Name: __gpi Value: UID=00000d3120664d92:T=1690716872:RT=1690716872:S=ALNI_MZsLE8rFIwkYrvRd3gvXGlCZQ4Kww
.doubleclick.net/	1970-01-20 23:00:12	Name: IDE Value: AHWqTUkme99WT6hNzhg62v2EgcC8SjJuGkrW4hu__nMEahP_MhMzRGmHNl9KePUN
.doubleclick.net/	1970-01-20 13:38:37	Name: test_cookie Value: CheckForPermission
.adnxs.com/	1970-01-20 15:48:12	Name: uuid2 Value: 7625488283517310199
.casalemedia.com/	1970-01-20 22:24:12	Name: CMID Value: ZMZKyY2ytmQKklXHJz6glgAA
.casalemedia.com/	1970-01-20 15:48:12	Name: CMPS Value: 3246
.casalemedia.com/	1970-01-20 15:48:12	Name: CMPRO Value: 3246
.adnxs.com/	1970-01-20 15:48:12	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$OtvoR0!]tbPl1M>e)ZlrFUfJ+tGXxoXExVP/<BRou:$E)y=?$)m[eh[C`dY#f4VKD@3If)y3KL9D3I?*rTWM:#
.doubleclick.net/	1970-01-20 13:38:40	Name: DSID Value: NO_DATA
.hspvst.com/	1969-12-31 23:59:59	Name: VI2677 Value: %7B%22time%22%3A1690716874%2C%22utid%22%3A%220fdd3e2aea4ad116024453d5c660d382%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.hspvst.com/	1969-12-31 23:59:59	Name: VIP2677 Value: 1
.w55c.net/	1970-01-20 23:10:17	Name: wfivefivec Value: yLtPrQzc1Qq4H05
.quantserve.com/	1970-01-20 15:48:12	Name: d Value: EHoBCQHLKYEA
.quantserve.com/	1970-01-20 23:08:51	Name: mc Value: 64c64aca-afc72-c1b0f-98c0b
.simpli.fi/	1970-01-20 22:25:39	Name: suid Value: 251ACEC56D0145DC939346B620D5A6A9

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-5949640052836324&fa=1&ifi=9&uci=a!9&btvi=6&xpc=LZznVOe3Sc&p=https%3A//otodiva.id Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.w55c.net
cm.g.doubleclick.net
cms.quantserve.com
cti.w55c.net
dis.criteo.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.w55c.net
ib.adnxs.com
match.adsrvr.org
onetag-sys.com
otodiva.com
otodiva.id
pagead2.googlesyndication.com
partner.googleadservices.com
region1.analytics.google.com
s0.2mdn.net
stats.g.doubleclick.net
sync.teads.tv
t.hspvst.com
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.102.35.84
142.250.184.194
142.250.186.66
154.58.197.185
178.250.1.9
18.158.83.223
185.80.39.216
2001:4860:4802:32::36
2600:9000:2248:c400:3:4706:a6c0:93a1
2600:9000:25eb:a400:1b:f040:3600:93a1
2606:4700:3035::ac43:a996
2606:4700:3036::ac43:d8c1
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:803::2004
2a00:1450:4001:806::2008
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2006
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9c
35.204.74.118
37.252.171.149
51.89.9.253
52.223.40.198
52.28.142.138
07f9b8ce0e66af42ef718758c7b24c4475a40aef11aee8170e6792452ccc18c6
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
0b8337c99ba3f9a94eb8bee383cdd0b6ac346094887557f2ef28118b582e0846
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f9e8851ffddcebe1df938a89b9e05947adb396a3a3a4cbd57a69a0d300c8548
124c3668ebf43d22c76f3fc2f1d0f80dd7f02ef26dc70210f7afc56979c925d5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
182af90e5cf5c641d398baba4c5d0b84a2ffcb5ba1b5ab64121a338a1f889e1f
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
18e99bc4cee10418d8b755b39b3e6da0226dee98cccc3d88981ea3801d0e4e9d
1b6ffbc051a476107484b5a09233ad57cc88bd509e5025fccdc2af9d40a53833
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
2660d2ba27141ecebe732da9795d68254bb155fbf87a88d817d4da4528b9a83c
289eaaf84993733e50b752db0ff63b63cf9639c5b36df0b08bbe73054a5ebdba
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d32b73ebcd1dabf34a19b3d7d95faea600fa9232a97d1cf8028b65039c176ef
2f7a23b161d10e3db5b233c2ce36141ba99ea8fe2abd66964759529ee29fd7c9
3130f866e2557c43a08e1226e2b6dc3f439a0a464bc68a00d872840d31c690d0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36ea273138b793477fef7ab102c5d882f9329660f70df5d5ad43f30f0edd7026
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d1b599720f4a809ade7da30c819a986709b61fe6001242c0c28e4a2083505ed
3e59bf985bfb4e1fef67bfc94efde7b3d5a1f9417998d43fdbbd3fe2832095a0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
41a60ad5531522c3bd4e2179e530104f4799e35c74cbe82466a1737cb8b66b5c
44e8dd3f0ac5d0d3fad25ad3f73975be87db679615f1e7af0d9efe02df2370ca
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45b386087016db45add66c062ebabc81038545147ad15c6c1616ffb4e73e7d95
46b04afecdaf08e04385a7cabaec357f6edfc6a8b2b156d8c624c2621894f3de
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48f15423ea44a578927c3da8823006d23e01f7c221f41778296b0064fd4fdf62
4938ae629cfe26eaeb48f79a64d380e0f2f29a63b0cf0c98ef4dd19039ed3d81
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d212ebb58e24f6786a56de7721662abc21831961e98c7b053f2f3f92fad848a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
541fb110d3896cc361dd08f655c22accc06bed9c580cc3367e3ef09deff5503d
5477891890ad6e8dedd3a47a1b287e2aea323c0c51e3f488b7eca5aa1fe01700
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56f80e901644d62f7ea9f1cc471afab7f5ae317ffb6ca0469fddd87958646198
5b5a969b0dd319efdad17f77e3d2ad3950e6d5e704a5e1b0e881fdccc05cd3eb
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806
5ecb54f91384af7226cb4f18f87588edd49ceff5bdd4a3010336e1c22ccc390d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f19659f3952d52d8f4a726a44fbd626db209c290d822409c7279368662fd3e
61f5582b3e6e25f6b1eab0bf7e175e29a245bc62cfb06298e3a9dc515a853455
643b6d56aa8651ec1d227e355c99cef4c1cff767d2dc9436f057e247f7e13fec
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
662951d48ef794d3c360971a864f8dcf1ec18e95f59024c1ca8d0970259e9852
66527c6af068d1f79f833cc1285172c0a7550152db92967213ee7cc5e6b72731
6f4407e58a52926a78be27a8cdba65b8ccf8161463db84cee6cc81c7b7b1fb91
76efc435fc139294153b2304af750ccd6857bf3349577af166308db9eb0a2fdc
7ae4f5bae553dafe6526eaf137d6aad59b630ee5e9d0bd88811fdc43c037852c
7fc5b4368dc1bfcfad5f5f6834214b2906f9b30b6b45e7af166dac74c23e25a3
83cb59005473aa71b56eb1c2e4ecfbb3506c6ee956dc2d9e702ca0bb4eef72f3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
878014e6a9168c57eff7600e86ad88e8970ea651d8a163fcfd0173d246ace273
89cc71ae9db584bda0ee5ebfcb9bb931451bbca3c47ad69221211d919a0e3c40
8b02df10aaec049dfb2c63e4b4a0f95613f3ce81e75e27b91989d257d674809b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9dd284f090431037d9fe434801da4712a3f91b6acc93b3809993d003254d0842
9f2872276c46bb88f3b244e1827b9a103cee97bf5f31f9c355016176196d05a6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a13056d106882ee191a6ae002dcfe77a62c8481c199c1af338a952d6650ea96d
a19790f56163fe59d00d0e73bd1037bc742af4073cc3156a86183d980c51a8cf
a3bbfb3bdbad1a766950e1381fe4fb046a40ea8a94b0a4c5b886d812bcf873d2
a3e7c89de8ec9f11eee1605a0367e23585548b1deab4cca3a4a17d5a23a90f79
a9ecc55173b58cf9ab841c18c232def14055ac9fdc3380f093f0360280601637
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab59f550860dcea6de47b9999d6d9aa586f2cd631097691d013e90c61270b4ba
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
adb75f1eb96a2352be55a17def809bf832cab05d07f7c6cea01585ba8e18a7f8
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b043839aa2e7a8085b3cc0f2d7451aef91fef525cef449727fcff1b96fcb67a4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2840a9385365dfd565dbcf35e671f564f257b4dc523927e75f189e1d0ce6890
b35b2ffa9963a1fb0689d557e9c794737409b0aedc4237a252dc6f06cbd48377
bcc37c7117fa0be1f5025276a470b467aa7bdc1c34d94129aee332c2811fbaf6
bd1ebda4d8a364a54c33611b7297aaa5a360c88d68eba26895b676b4731d0e1b
c098a53e5a44658387b746d3dc5a3abb0be50cb99fa6f6dc169902ad388d2d0b
c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196
c650a6c4be50d9141dd7f379c892613cc8ddbd3da84ddf34a9285edd5e7f3e43
c6ccf740ad840cb52110869896130e9c435416d2eb1f70baacbef5e870c4f788
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca34455f82a5c81d8111c6a641771c011e95767e64efc8a52f82299896028c57
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
caef9c9e62179097e37b931827c851943bd605583e76384cabcaed08e657e7f8
d0fab2c23386ae8d4d3d1859f43e6e96fa0c95d2c86c60288a918b7b4f3b544d
d1d92da994884ddd670dab5c2788ba51ae198325e0405bf50953f48ee52cdc1d
d22f70ec714241cb6cfff6851ba3b7118c29a8e0d073fbb70b6dd05dd48a7e88
d28cc51162a7adf1821c88f11f69771f13591359b19a8d2da7fd5d10bd013332
d6071e2ed8dd3e36f6dfa6fac9e4858ae880ab3c1c60075d6e87545b8114a66a
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dab643fc0864bd44831f09246ffbb09ff704974d314541c59dc5770dc1d45683
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df1ac58ce4b9575a3862c62952ef61b40ad76a345b3ddb56451f61971b4ac707
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e2a0f59a60b3210a836925e2dfe45818c8d19773a90a5114bbd9fc1eef1047
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
e95d4f213297a95d5ad8655fc274282558020a032a98dcc659026b6b1fe6b9c5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f005e1efc17d3f7af76b4fa328a8b1669be082ffafd1999fcfd92584438b27a1
f1bb98a6befbdb2fc65efcacace179b1a8c2410a546991bcbecd4d6866471775
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f9e1412ed848b32e5cd6b6f30459157af2db8cd733e22197dec3a0784373c8e7
fc773158cf18dc46e3b09c9add531ce040f156f420ff5cea89584703f8a16cac
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

otodiva.id Open in urlscan Pro 2606:4700:3036::ac43:d8c1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

217 Requests

97 %HTTPS

63 %IPv6

24 Domains

32 Subdomains

30 IPs

8 Countries

3811 kBTransfer

7710 kBSize

21 Cookies

8 Outgoing links

Page URL History

Redirected requests

217 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

otodiva.id Open in urlscan Pro
2606:4700:3036::ac43:d8c1 Public Scan

Screenshot
Live screenshot

Full Image

217
Requests

97 %
HTTPS

63 %
IPv6

24
Domains

32
Subdomains

30
IPs

8
Countries

3811 kB
Transfer

7710 kB
Size

21
Cookies

217 HTTP transactions
7 data transactions