law.jaknet.my.id Open in urlscan Pro
2606:4700:3030::ac43:a1a9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://s957290943.onlinehome.us/foldkws/?_rswasscs
Effective URL:
https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Submission Tags: https://phish.report @phish_report Search All
Submission: On April 02 via api (April 2nd 2023, 2:48:38 pm UTC) from FI — Scanned from US

Summary HTTP 223 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 31 IPs in 3 countries across 43 domains to perform 223 HTTP transactions. The main IP is 2606:4700:3030::ac43:a1a9, located in United States and belongs to CLOUDFLARENET, US. The main domain is law.jaknet.my.id.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 4th 2022. Valid for: a year.

This is the only time law.jaknet.my.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2607:f1c0:100... 2607:f1c0:100f:f000::200	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1 2	2606:4700:303... 2606:4700:3037::6815:300a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2606:4700:303... 2606:4700:3030::ac43:a1a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
1	46.105.199.75 46.105.199.75	16276 (OVH) (OVH)
5	2607:f8b0:400... 2607:f8b0:4006:80b::2003	15169 (GOOGLE) (GOOGLE)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
24	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
2	38.100.129.10 38.100.129.10	174 (COGENT-174) (COGENT-174)
1	54.39.156.32 54.39.156.32	16276 (OVH) (OVH)
4	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
25	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
1	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
3	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
10	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
24	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
3 6	142.250.80.102 142.250.80.102	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2620:100:a001::a 2620:100:a001::a	19750 (AS-CRITEO) (AS-CRITEO)
6	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
4 8	2607:f8b0:400... 2607:f8b0:4006:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2620:100:a005... 2620:100:a005::14	19750 (AS-CRITEO) (AS-CRITEO)
1 2	2620:116:800b... 2620:116:800b:21:b08a:1dc5:659b:4055	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.171.234.26 34.171.234.26	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 30	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
3 3	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a07:b04c:a5b:144b:e538	14618 (AMAZON-AES) (AMAZON-AES)
2 2	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
2 2	54.158.178.228 54.158.178.228	() ()
4 4	162.19.80.92 162.19.80.92	() ()
3 3	35.186.253.211 35.186.253.211	() ()
1 1	3.219.243.35 3.219.243.35	() ()
1 1	52.45.175.185 52.45.175.185	() ()
1 2	96.6.23.74 96.6.23.74	() ()
1	3.135.132.32 3.135.132.32	() ()
1 2	2606:4700::68... 2606:4700::6812:19ad	() ()
1 1	185.98.54.153 185.98.54.153	() ()
2 2	185.167.164.43 185.167.164.43	() ()
2 2	50.31.142.95 50.31.142.95	() ()
1 1	104.45.178.220 104.45.178.220	() ()
3 3	35.211.178.172 35.211.178.172	() ()
1 1	35.190.90.30 35.190.90.30	() ()
3 3	2606:4700:20:... 2606:4700:20::ac43:4acf	() ()
2 2	54.174.191.203 54.174.191.203	() ()
2 2	68.67.161.208 68.67.161.208	() ()
1 1	174.137.133.49 174.137.133.49	() ()
2 2	35.207.24.140 35.207.24.140	() ()
223	31

1 2607:f1c0:100f:f000::200 (United States) 1 redirects

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

s957290943.onlinehome.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:300a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gadingpos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:3030::ac43:a1a9 (United States)

ASN13335 (CLOUDFLARENET, US)

law.jaknet.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:823::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:817::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.199.75 (France)

ASN16276 (OVH, FR)

richinfo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80b::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2607:f8b0:4006:816::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.100.129.10 (Olney, United States)

ASN174 (COGENT-174, US)

rtb.pushdom.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.39.156.32 (Québec, Canada)

ASN16276 (OVH, FR)
PTR: ns562579.ip-54-39-156.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2607:f8b0:4006:81c::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:820::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:824::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.80.102 (Glen Cove, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2620:100:a001::a (United States)

ASN19750 (AS-CRITEO, US)

pix.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80e::2004 (Nutley, United States) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a005::14 (United States)

ASN19750 (AS-CRITEO, US)

rtb.da.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:b08a:1dc5:659b:4055 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.171.234.26 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 26.234.171.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 142.250.65.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.0.66 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a07:b04c:a5b:144b:e538 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.40.39.223 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.158.178.228 (None, ) 2 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.80.92 (None, ) 4 redirects

ASN- ()

c.eu1.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (None, ) 3 redirects

ASN- ()

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.219.243.35 (None, ) 1 redirects

ASN- ()

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (None, ) 1 redirects

ASN- ()

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.6.23.74 (None, ) 1 redirects

ASN- ()

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.135.132.32 (None, )

ASN- ()

sync-dmp.mobtrakk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.98.54.153 (None, ) 1 redirects

ASN- ()

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.43 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.31.142.95 (None, ) 2 redirects

ASN- ()

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.45.178.220 (None, ) 1 redirects

ASN- ()

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (None, ) 3 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.30 (None, ) 1 redirects

ASN- ()

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4acf (None, ) 3 redirects

ASN- ()

a.clickcertain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.174.191.203 (None, ) 2 redirects

ASN- ()

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.161.208 (None, ) 2 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (None, ) 1 redirects

ASN- ()

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.207.24.140 (None, ) 2 redirects

ASN- ()

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 ad.doubleclick.net — Cisco Umbrella Rank: 172 cm.g.doubleclick.net — Cisco Umbrella Rank: 228	184 KB
49	criteo.net static.criteo.net — Cisco Umbrella Rank: 670 pix.us.criteo.net — Cisco Umbrella Rank: 2650 csm.us.criteo.net — Cisco Umbrella Rank: 2593	2 MB
36	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	363 KB
20	jaknet.my.id law.jaknet.my.id	315 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	201 KB
11	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	1 KB
9	criteo.com rtb.va.us.criteo.com — Cisco Umbrella Rank: 5823 ads.us.criteo.com — Cisco Umbrella Rank: 2510 cat.va.us.criteo.com — Cisco Umbrella Rank: 2755 rtb.da.us.criteo.com — Cisco Umbrella Rank: 8983	134 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	340 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	6 KB
4	dyntrk.com 4 redirects c.eu1.dyntrk.com	3 KB
3	clickcertain.com 3 redirects a.clickcertain.com	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	openx.net 3 redirects rtb.openx.net	906 B
3	travelaudience.com 3 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6349	898 B
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	15 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	liadm.com 2 redirects i.liadm.com	2 KB
2	zemanta.com 2 redirects b1sync.zemanta.com	1 KB
2	adform.net 2 redirects c1.adform.net	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	teads.tv 1 redirects sync.teads.tv	658 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 368	1 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 712	803 B
2	pushdom.co rtb.pushdom.co — Cisco Umbrella Rank: 362839	143 B
2	histats.com s10.histats.com — Cisco Umbrella Rank: 16830 s4.histats.com — Cisco Umbrella Rank: 13900	5 KB
2	gadingpos.com 1 redirects gadingpos.com	1 KB
1	adkernel.com 1 redirects dsp.adkernel.com	543 B
1	mookie1.com 1 redirects odr.mookie1.com	637 B
1	inmobi.com 1 redirects mweb.ck.inmobi.com	464 B
1	uuidksinc.net 1 redirects s.uuidksinc.net	295 B
1	mobtrakk.com sync-dmp.mobtrakk.com
1	bluevoox.com 1 redirects im.bluevoox.com	577 B
1	adingo.jp 1 redirects cc.adingo.jp	467 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1343	454 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	715 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 804	717 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	383 B
1	w.org s.w.org — Cisco Umbrella Rank: 1855	551 B
1	richinfo.co richinfo.co — Cisco Umbrella Rank: 259114	26 KB
1	onlinehome.us 1 redirects s957290943.onlinehome.us	410 B
223	43

	Domain	Requested by
29	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net law.jaknet.my.id
25	tpc.googlesyndication.com	googleads.g.doubleclick.net
24	static.criteo.net	ads.us.criteo.com
24	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
20	law.jaknet.my.id	gadingpos.com law.jaknet.my.id
19	pix.us.criteo.net	ads.us.criteo.com law.jaknet.my.id
11	pagead2.googlesyndication.com	law.jaknet.my.id pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
10	www.gstatic.com	googleads.g.doubleclick.net
8	www.google.com	4 redirects googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net
7	fonts.googleapis.com	law.jaknet.my.id googleads.g.doubleclick.net
6	csm.us.criteo.net	ads.us.criteo.com
6	ad.doubleclick.net	3 redirects ads.us.criteo.com
5	fonts.gstatic.com	fonts.googleapis.com
4	c.eu1.dyntrk.com	4 redirects
3	a.clickcertain.com	3 redirects
3	x.bidswitch.net	3 redirects
3	rtb.openx.net	3 redirects
3	ads.travelaudience.com	3 redirects
3	cdnjs.cloudflare.com	ads.us.criteo.com
3	cat.va.us.criteo.com	ads.us.criteo.com
3	ads.us.criteo.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
2	rtb.mfadsrvr.com	2 redirects
2	secure.adnxs.com	2 redirects
2	i.liadm.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	c1.adform.net	2 redirects
2	sync.teads.tv	1 redirects law.jaknet.my.id
2	pm.w55c.net	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	match.adsrvr.org	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	rtb.da.us.criteo.com	googleads.g.doubleclick.net
2	rtb.pushdom.co	law.jaknet.my.id
2	gadingpos.com	1 redirects
1	dsp.adkernel.com	1 redirects
1	odr.mookie1.com	1 redirects
1	mweb.ck.inmobi.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	sync-dmp.mobtrakk.com	googleads.g.doubleclick.net
1	im.bluevoox.com	1 redirects
1	cc.adingo.jp	1 redirects
1	trace.mediago.io	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	um.simpli.fi	1 redirects
1	rtb.va.us.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	s.w.org	law.jaknet.my.id
1	s10.histats.com	law.jaknet.my.id
1	richinfo.co	law.jaknet.my.id
1	s957290943.onlinehome.us	1 redirects
223	55

This site contains links to these domains. Also see Links.

Domain
href.li
www.facebook.com
twitter.com
www.stumbleupon.com
www.linkedin.com
pinterest.com

Subject Issuer	Validity	Valid
*.gadingpos.com E1	`2023-03-03` - `2023-06-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-04` - `2023-08-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
cdn.adx1.net R3	`2023-03-09` - `2023-06-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
histats.com R3	`2023-03-15` - `2023-06-13`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2022-12-06` - `2024-01-06`	a year	crt.sh
rtb.pushdom.co R3	`2023-02-04` - `2023-05-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.va.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-21` - `2023-05-23`	3 months	crt.sh
*.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-16` - `2023-05-14`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.da.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-04` - `2023-05-08`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
sync-dmp.mobtrakk.com R3	`2023-02-10` - `2023-05-11`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Frame ID: C11C0E7635842F040AC400F0C99D0B66
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html
Frame ID: DBEE398B709D772EC4962C764C1C5E7A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&adk=3046330955&adf=2044148826&lmt=1680446903&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903756&bpp=9&bdt=247&idt=173&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1707897144982&frm=20&pv=2&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=204
Frame ID: 3CAAB043F8CC88E1C0E58B0A7041D7EF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=3321380828&adf=2828135499&pi=t.ma~as.3209449553&w=728&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=728x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903765&bpp=3&bdt=255&idt=204&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=62&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DHF9FXBvFS&p=https%3A//law.jaknet.my.id&dtd=216
Frame ID: B97A7341339CAD1B02D9AAF0E8660322
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=269618546&adf=2034898094&pi=t.ma~as.3209449553&w=620&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=620x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903768&bpp=4&bdt=259&idt=223&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IDfT8ZBboi&p=https%3A//law.jaknet.my.id&dtd=228
Frame ID: A53CC25C30D8B3936B256051CACA10D9
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=73325381&pi=t.aa~a.2076155081~i.3~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280&nras=2&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ZyZiEZhS7s&p=https%3A//law.jaknet.my.id&dtd=12
Frame ID: AEDC02D85529275544DACC32FDD0618B
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=2587455480&pi=t.aa~a.2076155081~i.5~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280&nras=3&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O0xeSjOfFp&p=https%3A//law.jaknet.my.id&dtd=20
Frame ID: BD08C07F582361A8A948CFB041B50AB7
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=1092558004&adf=3480699455&pi=t.aa~a.1349293058~i.1~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1263&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280%2C605x280&nras=4&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=oWJnjVFHj0&p=https%3A//law.jaknet.my.id&dtd=27
Frame ID: 553D678A29E62D1F90DCAADCEC099E09
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=200&adk=1305629257&adf=2291407919&pi=t.aa~a.1349293058~i.2~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x200&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1263&idt=1&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280%2C605x280%2C605x280&nras=5&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=8bP305lL0d&p=https%3A//law.jaknet.my.id&dtd=37
Frame ID: 70A8C1DE064A27C68A8E18E363307963
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=60&adk=1603365305&adf=2862744360&pi=t.aa~a.4232182926~rp.1&w=660&fwrn=4&fwrnh=100&lmt=1680446904&rafmt=1&to=qs&pwprc=6981954120&format=660x60&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904821&bpp=1&bdt=1311&idt=1&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280%2C605x280%2C605x280%2C605x200&nras=6&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=302&ady=4769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=sRlpkZ9uoJ&p=https%3A//law.jaknet.my.id&dtd=6
Frame ID: DC6FA5FB81A33001F11BAF87939666BD
Requests: 14 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZCmVuAAAeF0FKPQbAAHIluDZHjnXOO0pSi8EWA&u=%7CsY5BcsNGCKJbfBiAwQcy92mV1L8rq%2BoDbzYtuv1QeZI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AYdxcVbiUcTIVOAzbCnvcR0MQL5zTlLT-j70xTS9XYj2NuhWvbjmYdeUfhWsNZ9FPqQ4XdBCrMaqVKbqvZtGSm7ySC2-2BkHJEUV4X7Dv5_Rk5L6-M2z9VKC5V2nyaXlkRuOfDAzfGhSNTEIzOj0gM11HgYLRG-SxQM-bVUK9vFRxtdG9XiIBl14Pq73CJDBWdBz4OU63MznUPfZusEs9QIwiSbkBS1nn7NrODIp_FpNPp6W86Mk-86LDmOuaPTvfx962Rea01Ix9QOEIq4GBDXzHOrO3QXsRybduKKG0tBAB-mmJY-NjpNeKSFLFB-BWlqkWqHcMDZq6NETvvE-j3SjL5n1KBG8DaY_eFw4KODOIegO_67HRCveelqa33_k1U8i2M75_dXv5EqD0vb8usVb8Ag-RLB0lfbZG-qi2LEM6N5lFGmk0PC7oFujDMc5gZokDgkBzOAIe6u9OwY-5MFs3lCTpu4tkTtmhFDFNplTrJEzkuK340hqPpkirNMTPizhx43yOfxaMny8n2FavItVKP1FnZc0h89rEP_KN6lNT6hWMoxVac&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPQXTuJUpZN3wAZvoo9kPlpGHmAucge-wXLrh56y8AcCNtwEQASAAYKECggEXY2EtcHViLTMwODU0NTY4MDc1MDQ0OTLIAQmoAwGqBI4CT9Asn4L4MYxrlwtio3vZLQ7j3NRlJhKRKHkEBcZ66WzJ6maxeo1P8uvnTejDo8VNUE66Gmp1cqdMm-FjzB9f5gbFRNAZPErlP1xSVU8ONqEbNirslV4X43d2JvqVk8tizJO3zgFgsCMstqtOsd6Cprc0V4kmCyTWjzVDdKYxXpXVw_fyPwHMoaUKrEc0uq0wbVTJVAVT9Sa5WQo8Wv93o3Er63xGT4VYzA6fO6QC0gJJWh4CLmX-OWTuMQjZAk2dZoqh-WZTxkSfQAQfrqpSTeoSFKtLnW9qCuchdTrMKpe29e6YqC_vvzKSDLQZ79ppRc0_BNJiqHTv2S7GUBzosIbyw1Ic5V1BYQNHXwgggAbyso-uj-LPp8YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_115HdJAWUHfPHJiAtotbvVXUYjqw%26client%3Dca-pub-3085456807504492%26adurl%3D
Frame ID: 3378CC32482B4A9507FAEFC7273BBEA0
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1
Frame ID: E4A170301E7043E465B258E04D2BF2AA
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 280754FC965C0C4EA03D71B5C0ADB180
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8760BFC22BF1B9A68D8D7017A23F43FF
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZCmVuAAMgIEFKPi4AAuHeg4fMG3JZl-mv-Xl3Q&u=%7CsY5BcsNGCKIuvKRiEgGdzQ6CD3Dc%2Bxbntg0aHEjJ%2FTY%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AYdxcVbiUcTIVOAzbCnvcQZApWQ2SYTd5jzsxYCi6_5iApmCPBPeb7upQE5xUY-RpQTsIgdSyhrsdn6tEG_IuSMpMUGaKwG50wLW12fI2xPlGkWaEJxxy2xWU5kzEeYaU4lMOgSAjPc8PfS9R0I-fQs4btaNhIy4got9094JFMbqWYJ9VGzJXHTts9O3gd4pbLeIEXQYW5uO2MLtaePoLOqp3kyZfF8if3I5cR9qcD3TEJ04Xuoe3fk7Optw5CuzbXNNHgfbE5h9NR0rIXU-CzWcf9v0OU5iGpl699j1gzn1BzpzsDTyohw_ulWbgCIFEMkr7mU5nTYv4li6K8VabBeUTVRA5TpfNmTz-wHOhtm7t28eUI0B4rJQtgcoZJ_cWS9odelnoMBvIKmApmZHbKCWDy1UdUOzIINHT5oTM4NxtLUIFsLVdhYHy-fWOcnDRm6unLxjsU1n4QDBaKSRN1vH9eGa0Un2uE3OmlL6KmgH-uH1TRuVwyLKR8f9YZ_jkiyxXT2hyuUnl-mDvQ1Xg058ckYPmnCw-ZDy-ak_iQ_0uL9yUVxd6E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIge-uJUpZIGBMrjxo9kP-o6ucJyB77BcyqapqnTAjbcBEAEgAGChAoIBF2NhLXB1Yi0zMDg1NDU2ODA3NTA0NDkyyAEJqAMBqgSOAk_Q250BgsZVddtA23UmXxTX9OiGJVlzjx0-iqxlljfemPDpB9o7f0TIeZEOhZTfBbdvpqZftK22YgnrKNCopc8Ep14-v1JeRHFlt0l8NEmquio5N1Za5BwDXDANIRMrsbJ4k92djm0tCywZotsuz7kfU_nglH_f1_AUHyszFYSO6sXXHWSAZh7nOIayLYVoDgoEg5Dj4bm1pN4fwXf8q9AXHZmpoEB6OQUuNN7zJgUOQjuAYkgsZmolR-_lxQLnyeeg6YfX-7BG9g8zU3ZKHWF2kHJMRrXqNTiL21Da9-TbfzdB0X6Q3_9vTSDZGX1LMEsRD577At8DX3PohjOb-zs_sNLx_eSsKFf4CnOmUIAG8rKPro_iz6fGAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31WkYIMc7tBgQsfhzjwe02iogTOQ%26client%3Dca-pub-3085456807504492%26adurl%3D
Frame ID: 0B8EEC7663FFC8BCEEAA73D948C70AB9
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 931597C4AA28F55AA89DC8B484F73686
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B41CD0862B85274C5EE25DBA541ED19C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C221EE7584AEB7D71E921A5D08A88F5D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E11C63F4B8E859CF67AAE49AF7E535D3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js
Frame ID: 3D7D80185960AC33C10A0913BAF7BEA5
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZCmVwQAKqJ8FKPaiAAcImqgGq8EWps_Ad_praw&u=%7CmMIve2H2MfZgulxGx75h7ywZ%2BI%2Fv3BDwSa97cA8tZxI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AYdxcVbiUcTIVOAzbCnvcQZApWQ2SYTd-wuNJ_OAOuubl0ke6_SiBf072Bof5AHuLLzOOf3iLIdpR4ec08UGfiZ2fdEWFxr0hV-JOMcVGPrXEy3P2BErt-anFrMy_4vwjHucWIAPw2iws0oZa3ar4bS7ujLsPuwYkMcq5Rk-F405fmzAnpc8dMd7ZdZ9gccZeiDmNZYIEEMGLhkoFBITEnlTQwJ0weU1sHG_oM9imupER4_Qr5kr7-DJ3RkYjHTIit-fhH4ojfs81RcGHurwLqr7W8T7zfXgjj3yNI1Q5GQU_MP161UKNhhkrGffv-mBiwM1yT-KX-50qZThdE62QNggsr155BE2c-TB-TrTk2FEL0GNlfvvBEju77r42Bo9Z-HIY7MZQ-qGfaLWgiSC5OxcJdL3hDlVk-3jRkXn0L3d9wVSClEeMX8jOxWJcgSqAUTYrgSPsPXbgxu9Ff48Bk0MVRwUFZQ5mBp6qTkcBvfTL4XiMy9YOAhUMOGa8rGab-IuSZUVZRIvthgKfTCzcvrDMYft_ysWhYCF_uC1lYrd1naq8WrDaU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwhQtwZUpZJ_RKqLto9kPmpGcwAucge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMzA4NTQ1NjgwNzUwNDQ5MsgBCagDAaoEjgJP0IoMELWxfr5GU1iMwvuTuvZPo_ayFOJaUJFmWtDQ-zrcRCUnKvuWorY0vEQnI6fVttceAWorPIphMxuhpWqabe4EHaMRXY6RHW4DoNmnqQyLaHMxM8kcDyOTUE8_U27uq5MLvesqBIes_Bvk-eQr0wQVBKWPTmbJMs-TqLLBQtfehJTtSPD6VjlTJOC-mRQK1ACAqToNGkNO-0giiakLvEgKSVRRkT_mJxCQzZkkFjmcp6QDkP4-_b6KBaLh_Nv1lGGG_cnGLzOuE9W709IL9_ctY1L6VSLifRfvG7s5HSEHdQRKwqsJLGJbQQL2XYSzpR70H-lPyn0fImRaAAZqVrayONq6yFevqpCWbgCABvKyj66P4s-nxgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1PGqerHoL-u2fl9gLFOtAEwm1Lgg%26client%3Dca-pub-3085456807504492%26adurl%3D
Frame ID: E67F7DB83FFB2FD40FB9DA2166CC4F53
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F7E4C3D172D013D3F7649BE371636D20
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 86FAE669F560CA8A9B014E76D46C80BF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1CBA69E157C428A7B69961F618F28C82
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js
Frame ID: C42559638272AA9731386E37F6E0B83A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Protect Yourself from Netflix Scams: Insights from a Law Attorney – LP

Page URL History Show full URLs

http://s957290943.onlinehome.us/foldkws/?_rswasscs HTTP 303
https://gadingpos.com/dir.php Page URL
https://gadingpos.com/dir.php?url=YUhSMGNITTZMeTlzWVhjdWFtRnJibVYwTG0xNUxtbGtMM0J5YjNSbFkzUXRlVzkx... HTTP 301
https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

223
Requests

86 %
HTTPS

43 %
IPv6

43
Domains

55
Subdomains

31
IPs

3
Countries

3860 kB
Transfer

6631 kB
Size

23
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://href.li/?https://xdu.me/adsterra
Title: Secure Your Amazon Account!

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https://law.jaknet.my.id/?p=112
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Protect+Yourself+from+Netflix+Scams%3A+Insights+from+a+Law+Attorney&url=https://law.jaknet.my.id/?p=112
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.stumbleupon.com/submit?url=https://law.jaknet.my.id/?p=112&title=Protect+Yourself+from+Netflix+Scams%3A+Insights+from+a+Law+Attorney
Title: Stumbleupon

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/&title=Protect+Yourself+from+Netflix+Scams%3A+Insights+from+a+Law+Attorney
Title: LinkedIn

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https://law.jaknet.my.id/?p=112&description=Protect+Yourself+from+Netflix+Scams%3A+Insights+from+a+Law+Attorney&media=https://law.jaknet.my.id/wp-content/uploads/2023/02/Netflix-660x330.png
Title: Pinterest

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://s957290943.onlinehome.us/foldkws/?_rswasscs HTTP 303
https://gadingpos.com/dir.php Page URL
https://gadingpos.com/dir.php?url=YUhSMGNITTZMeTlzWVhjdWFtRnJibVYwTG0xNUxtbGtMM0J5YjNSbFkzUXRlVzkxY25ObGJHWXRabkp2YlMxdVpYUm1iR2w0TFhOallXMXpMV2x1YzJsbmFIUnpMV1p5YjIwdFlTMXNZWGN0WVhSMGIzSnVaWGt2 HTTP 301
https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://s957290943.onlinehome.us/foldkws/?_rswasscs HTTP 303
https://gadingpos.com/dir.php

Request Chain 64

https://ad.doubleclick.net/ddm/trackimp/N1305126.154378CRITEO/B29096893.358774381;dc_trk_aid=549583343;dc_trk_cid=143229792;dcopt=anid;ord=642995b851a5ff722093e37606cd5471;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1305126.154378CRITEO/B29096893.358774381;dc_pre=COGs2Ma4i_4CFd4JaAgdjBEFYg;dc_trk_aid=549583343;dc_trk_cid=143229792;dcopt=anid;ord=642995b851a5ff722093e37606cd5471;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=

Request Chain 84

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 95

https://um.simpli.fi/gp_match?google_gid=CAESELWlAGOQEP4ZNEHAVfOdFq4&google_cver=1&google_push=Aer7DvLlYXR4VinNkHC-bVCUFrYIxi_bD_g_wWwFvMgqZQ4sIR928nUiCKTK6oosimU-F8t7LdNeXs_79xgqXzTGmpJ8IJaske7VhCY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=70D6C0BDFED9498EABFEF64436586E2A&google_push=Aer7DvLlYXR4VinNkHC-bVCUFrYIxi_bD_g_wWwFvMgqZQ4sIR928nUiCKTK6oosimU-F8t7LdNeXs_79xgqXzTGmpJ8IJaske7VhCY

Request Chain 96

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJVIMZi7TdjHDbtsCnt9rnY&google_cver=1&google_push=Aer7DvI5XO8vBx2uMwzd4qXT6uWT20hef5PImMeRwhnBPK0lN8cLElg7H8DCv9LWH3OaAkKcXGixbhN1vDhbI06HdgHcSvL-SAOfKNA HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEJVIMZi7TdjHDbtsCnt9rnY&google_cver=1&google_push=Aer7DvI5XO8vBx2uMwzd4qXT6uWT20hef5PImMeRwhnBPK0lN8cLElg7H8DCv9LWH3OaAkKcXGixbhN1vDhbI06HdgHcSvL-SAOfKNA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NTU4MDE5MTMtNjhhYS00MGQ2LTkwZDEtOTNlZGQ5NWZmMmZl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=55801913-68aa-40d6-90d1-93edd95ff2fe

Request Chain 97

https://ads.travelaudience.com/google_pixel?google_gid=CAESELoGwRd_ZGlQaEdY07U0vnQ&google_cver=1&google_push=Aer7DvKXEk4p4Z1Or2eplmERfI1V7w0v883C-rPViUr21GhyyhE5XEC_PzCq9U-rhufNcPdVOwVrth-MQJQ7XRx6w9mZdcHymdLm8X8 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CE3h3I2STPC7T_9NGjnQcw2&google_push=Aer7DvKXEk4p4Z1Or2eplmERfI1V7w0v883C-rPViUr21GhyyhE5XEC_PzCq9U-rhufNcPdVOwVrth-MQJQ7XRx6w9mZdcHymdLm8X8

Request Chain 98

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEL2XY9HEiK0V3eq66e-WZBY&google_cver=1&google_push=Aer7DvJHyesHFKMcNLUM7DE_N5ZfeSDa_WXTVsk-5HLfpLax8RxtlT045MoNrXvhZgiAmIFBlXN2kLYVsr3VV80xLCa1KA2gsBbEzf8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvJHyesHFKMcNLUM7DE_N5ZfeSDa_WXTVsk-5HLfpLax8RxtlT045MoNrXvhZgiAmIFBlXN2kLYVsr3VV80xLCa1KA2gsBbEzf8&google_hm=eS1oZ21ySUxwRTJwRU9zQkhFb3pxSVpnRVNnYkdRT0FWX35B

Request Chain 99

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELD-3T51B0qIoxRB0-8D4i8&google_cver=1&google_push=Aer7DvJPNGW6g924mqKE0ukjr_GLnrNbnvhp0LkUm8iAbH3Gj4m-RQELIvyPtUBpQ6tGlrX-6EUCU5SFakZ1F5DFfYCpi6BccniL4LY HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELD-3T51B0qIoxRB0-8D4i8&google_push=Aer7DvJPNGW6g924mqKE0ukjr_GLnrNbnvhp0LkUm8iAbH3Gj4m-RQELIvyPtUBpQ6tGlrX-6EUCU5SFakZ1F5DFfYCpi6BccniL4LY&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELD-3T51B0qIoxRB0-8D4i8&google_hm=ZCmVuVw_a1z5myo7eT5NdgAABQIAAAAB&google_nid=index&google_push=Aer7DvJPNGW6g924mqKE0ukjr_GLnrNbnvhp0LkUm8iAbH3Gj4m-RQELIvyPtUBpQ6tGlrX-6EUCU5SFakZ1F5DFfYCpi6BccniL4LY

Request Chain 100

https://trace.mediago.io/cs/google?google_gid=CAESEM28062lXD7dtJ_4LvKTK14&google_cver=1&google_push=Aer7DvLOc2w9J0rS0TNfFSO2bmwjETHuBhDxMWzkNxcNYO378DZsLFLhzIWhB5mdtGZP6ljMGqgdFuB7BDnuyQJY4WrghH_otEmVNrhw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aer7DvLOc2w9J0rS0TNfFSO2bmwjETHuBhDxMWzkNxcNYO378DZsLFLhzIWhB5mdtGZP6ljMGqgdFuB7BDnuyQJY4WrghH_otEmVNrhw&google_hm=cd160c6627d953aaad554b5c8257d995

Request Chain 107

https://ad.doubleclick.net/ddm/trackimp/N1305126.154378CRITEO/B29096893.358774381;dc_trk_aid=549583343;dc_trk_cid=143229792;dcopt=anid;ord=642995b95c0f68a41e8d48ee9ab280b6;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1305126.154378CRITEO/B29096893.358774381;dc_pre=CJbr7Ma4i_4CFVriyAodbwkItg;dc_trk_aid=549583343;dc_trk_cid=143229792;dcopt=anid;ord=642995b95c0f68a41e8d48ee9ab280b6;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=

Request Chain 153

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 154

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEN6n49Uygi4rYdrmt9FjB-U&google_cver=1&google_push=Aer7DvK-trXVGLXclwD8oVNdd_9TaKP6xqGFTM8x4Ra__VG53LBa3ybF_Se2GA_xNiV7I99WRP9MbwsrG9AmXqPEYKgRqTRJWN00dZRwtESbhLwMuAbvtq3iBnGaGmWBE-f_YD2jJH8NmEbTK_JYrTwwXwdER70 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEN6n49Uygi4rYdrmt9FjB-U&google_cver=1&google_push=Aer7DvK-trXVGLXclwD8oVNdd_9TaKP6xqGFTM8x4Ra__VG53LBa3ybF_Se2GA_xNiV7I99WRP9MbwsrG9AmXqPEYKgRqTRJWN00dZRwtESbhLwMuAbvtq3iBnGaGmWBE-f_YD2jJH8NmEbTK_JYrTwwXwdER70 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VlpndHNFYzUxUElaMHQ1&google_gid=CAESEN6n49Uygi4rYdrmt9FjB-U&google_cver=1&google_push=Aer7DvK-trXVGLXclwD8oVNdd_9TaKP6xqGFTM8x4Ra__VG53LBa3ybF_Se2GA_xNiV7I99WRP9MbwsrG9AmXqPEYKgRqTRJWN00dZRwtESbhLwMuAbvtq3iBnGaGmWBE-f_YD2jJH8NmEbTK_JYrTwwXwdER70

Request Chain 155

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEFbVRrqbcFnqidYmMqOUIfg&google_cver=1&google_push=Aer7DvIoD15WJ5RasmWXAhjJxGPGNMFtCgIEKhz5XmIhDilm2YZyaEoSEX8u8G3Yf3VdNDfLhN6VH-gM7jRYauxkrsKQZGr0Zq2O0dVhSOjHaAPei9GbMczvJeQp6CL0zroiWbFMVjYISZ3uYg877DTM7CRJHqQ HTTP 302
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEFbVRrqbcFnqidYmMqOUIfg&google_cver=1&google_push=Aer7DvIoD15WJ5RasmWXAhjJxGPGNMFtCgIEKhz5XmIhDilm2YZyaEoSEX8u8G3Yf3VdNDfLhN6VH-gM7jRYauxkrsKQZGr0Zq2O0dVhSOjHaAPei9GbMczvJeQp6CL0zroiWbFMVjYISZ3uYg877DTM7CRJHqQ&prevuid=03010009_642995c20cc4c&knw= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aer7DvIoD15WJ5RasmWXAhjJxGPGNMFtCgIEKhz5XmIhDilm2YZyaEoSEX8u8G3Yf3VdNDfLhN6VH-gM7jRYauxkrsKQZGr0Zq2O0dVhSOjHaAPei9GbMczvJeQp6CL0zroiWbFMVjYISZ3uYg877DTM7CRJHqQ&google_hm=MDMwMTAwMDlfNjQyOTk1YzIwY2M0Yw%3D%3D

Request Chain 156

https://rtb.openx.net/sync/dds?google_gid=CAESEHDfdFkzkp9VHSNaluvYlWk&google_cver=1&google_push=Aer7DvICESmCSdYYp16e4SjDgvXgKNacc3k2YrpaQi4ZmphvuUP_btyyBq0blVGOP8opGmrs-vMxrn58AipgFeCmrOgTPmNlrgsmlZD7kJXAw16WnaumViPpHJRGLMUn1EDiVPJJxaDN21pe0Jz2Azp55I1ZGG4 HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEHDfdFkzkp9VHSNaluvYlWk&google_cver=1&google_push=Aer7DvICESmCSdYYp16e4SjDgvXgKNacc3k2YrpaQi4ZmphvuUP_btyyBq0blVGOP8opGmrs-vMxrn58AipgFeCmrOgTPmNlrgsmlZD7kJXAw16WnaumViPpHJRGLMUn1EDiVPJJxaDN21pe0Jz2Azp55I1ZGG4&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=Aer7DvICESmCSdYYp16e4SjDgvXgKNacc3k2YrpaQi4ZmphvuUP_btyyBq0blVGOP8opGmrs-vMxrn58AipgFeCmrOgTPmNlrgsmlZD7kJXAw16WnaumViPpHJRGLMUn1EDiVPJJxaDN21pe0Jz2Azp55I1ZGG4&google_hm=xo-elUl7whQoetRglXMV9g==

Request Chain 157

https://cc.adingo.jp/adx/push/?google_gid=CAESED7sTa-DZ-gqs5Q9jA2meWA&google_cver=1&google_push=Aer7DvKUhgx7n7R57UinvKdlOE97FAuHvwhXWyNuZEK6SR3JVCF9aX49rBSu3yec86LFMx6P2VhpzlH7QPM25E6RI3kFqXAtvHuh805bNK2jOquq2VGZ6rMJEECUgEELbxwBCJt-lmv8WTBc5vFBHyrth_TJbZ4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aer7DvKUhgx7n7R57UinvKdlOE97FAuHvwhXWyNuZEK6SR3JVCF9aX49rBSu3yec86LFMx6P2VhpzlH7QPM25E6RI3kFqXAtvHuh805bNK2jOquq2VGZ6rMJEECUgEELbxwBCJt-lmv8WTBc5vFBHyrth_TJbZ4&google_hm=cd80689b8da0220e7208d2342136cf57

Request Chain 158

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESECOyQPpha59FP87g1inRVjA&google_cver=1&google_push=Aer7DvJVWs6LLUn8-DvTgKDlw_lLHsmeiu3eIl7wkk-LaHLvBMhwM6OIlFQNcZ3bjr3S6YqGJOoCfnEOsikfwV-Ub_1kxxPih8xKswhMkmWWHJVkmwYVgWzR12frLrP2iGl2FJeeyRIK6KNIbPgCR2l01Q9qUjRa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aer7DvJVWs6LLUn8-DvTgKDlw_lLHsmeiu3eIl7wkk-LaHLvBMhwM6OIlFQNcZ3bjr3S6YqGJOoCfnEOsikfwV-Ub_1kxxPih8xKswhMkmWWHJVkmwYVgWzR12frLrP2iGl2FJeeyRIK6KNIbPgCR2l01Q9qUjRa&google_hm=QlMuMjE1Yi1mNThhLTRiZjYtYjI3OA==

Request Chain 159

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEB4w2pBQxSAIvxx9dKHMDSI&google_cver=1&google_push=Aer7DvKrV6ezk0-F0-MKX-6Xb6WM3FomEFK327pryHPwLpUPbGWKGTKHI3-XMNY4PnbKA7hdl9m0stRFNifudLdoiIiS0g_1jjPiU90V6vIU9Le13OKoFcQumve3_6KLcsuq_mhkeZ1fZ2fXfIsupUxi9HUfIb0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MTY2ZDVkYjYtYWUxOS00MDAyLWJkMGMtODMyYzc2NjIxMzkx&google_push=Aer7DvKrV6ezk0-F0-MKX-6Xb6WM3FomEFK327pryHPwLpUPbGWKGTKHI3-XMNY4PnbKA7hdl9m0stRFNifudLdoiIiS0g_1jjPiU90V6vIU9Le13OKoFcQumve3_6KLcsuq_mhkeZ1fZ2fXfIsupUxi9HUfIb0 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 162

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 175

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMRGvwiZpJXRvWN_T6XOq0k&google_cver=1&google_push=Aer7DvKIKkEgUIhBMpkjBaKuCOtaIYtR_hZuJ-USlH6VRqnnDkhTC_KPx1GqZN6VI3GQLMLEpSJxiAReYFlFQ3_hfT21HvaiH6Jgqds HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=Aer7DvKIKkEgUIhBMpkjBaKuCOtaIYtR_hZuJ-USlH6VRqnnDkhTC_KPx1GqZN6VI3GQLMLEpSJxiAReYFlFQ3_hfT21HvaiH6Jgqds&google_hm=9z7czCRvta4n_YmOeKBzFg

Request Chain 176

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJ2hbDRZmu2zbjb3dwJTQRI&google_cver=1&google_push=Aer7DvLBw7GU9zjYNxIhnHo-zBRKRD6lIV2zrxTiieYb26BIYMnchi8GzxGuP18AlnD2dQsVWA5do5RIDjo3-qx5zdg2rZSyquBDxtk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvLBw7GU9zjYNxIhnHo-zBRKRD6lIV2zrxTiieYb26BIYMnchi8GzxGuP18AlnD2dQsVWA5do5RIDjo3-qx5zdg2rZSyquBDxtk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJ2hbDRZmu2zbjb3dwJTQRI&google_cver=1&google_push=Aer7DvLBw7GU9zjYNxIhnHo-zBRKRD6lIV2zrxTiieYb26BIYMnchi8GzxGuP18AlnD2dQsVWA5do5RIDjo3-qx5zdg2rZSyquBDxtk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvLBw7GU9zjYNxIhnHo-zBRKRD6lIV2zrxTiieYb26BIYMnchi8GzxGuP18AlnD2dQsVWA5do5RIDjo3-qx5zdg2rZSyquBDxtk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 177

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPyGa9WEt9jDmk9k5M1l-dA&google_cver=1&google_push=Aer7DvJqL7whvOwIg4pJzfBZCChxDUIshCicaozUKbTSZH8x-3OeautTB1BxK6nbVeOmw1Ec_oTzSJNftKW68p7V_9MLFs-QP8ZK_X0 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CE3h3I2STPC7T_9NGjnQcw2&google_push=Aer7DvJqL7whvOwIg4pJzfBZCChxDUIshCicaozUKbTSZH8x-3OeautTB1BxK6nbVeOmw1Ec_oTzSJNftKW68p7V_9MLFs-QP8ZK_X0

Request Chain 178

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEGDqsrc9aayrZN0FU5Z9dh8&google_cver=1&google_push=Aer7DvLR7uMiB4RxN7zdMD5Q2EmzaIJdH_reYdEKZ0NAGCg650rdc05KKn54a-V0DRmUrqNfgypyVt-_nVmes9LFlD3j7KK2c2CErQ HTTP 302
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEGDqsrc9aayrZN0FU5Z9dh8&google_cver=1&google_push=Aer7DvLR7uMiB4RxN7zdMD5Q2EmzaIJdH_reYdEKZ0NAGCg650rdc05KKn54a-V0DRmUrqNfgypyVt-_nVmes9LFlD3j7KK2c2CErQ&prevuid=03010009_642995c20cc4c&knw=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aer7DvLR7uMiB4RxN7zdMD5Q2EmzaIJdH_reYdEKZ0NAGCg650rdc05KKn54a-V0DRmUrqNfgypyVt-_nVmes9LFlD3j7KK2c2CErQ&google_hm=MDMwMTAwMDlfNjQyOTk1YzIwY2M0Yw%3D%3D

Request Chain 179

https://s.uuidksinc.net/match/47/?remote_uid=CAESEJhzTDok7wlqkU6q4dNQ_ZA&c_param1=Aer7DvIvZZfZ_xy4IUpeFMc8yjT2NPafSvAZgRgyNVrM8MW8t70sxMqkfwC19bQ9I-xq5SUvVaYtY_SyBckuXZ5K6Y4EdlnMRyXYfiY&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aer7DvIvZZfZ_xy4IUpeFMc8yjT2NPafSvAZgRgyNVrM8MW8t70sxMqkfwC19bQ9I-xq5SUvVaYtY_SyBckuXZ5K6Y4EdlnMRyXYfiY

Request Chain 180

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGQcGAYwR9MfycOLZxqyW_w&google_cver=1&google_push=Aer7DvJyLgVU8l4wnpEpf9WFORfrmbFz7tUqe5T0QuwCwYFYP_ugLD3U-NVktgZbljnIhxdXVJ37H2leJCYqufyCWUDj5rI6TaBUgVI HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGQcGAYwR9MfycOLZxqyW_w&google_cver=1&google_push=Aer7DvJyLgVU8l4wnpEpf9WFORfrmbFz7tUqe5T0QuwCwYFYP_ugLD3U-NVktgZbljnIhxdXVJ37H2leJCYqufyCWUDj5rI6TaBUgVI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjcxODYyNDY5MDcyMjk4NzMzMQ&google_push=Aer7DvJyLgVU8l4wnpEpf9WFORfrmbFz7tUqe5T0QuwCwYFYP_ugLD3U-NVktgZbljnIhxdXVJ37H2leJCYqufyCWUDj5rI6TaBUgVI

Request Chain 181

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEExBSlPk9yTEmm2U5T7eTsI&google_cver=1&google_push=Aer7DvIOIFDBzy8LpotcC4WhDbFyB0pFUGvM4kV-RJH7F7JNF7Di6DkEAYGp1rrQF-MDvu0yo6FjRdt4rh1QXTlAAzZvEAlrqCe8p4I HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEExBSlPk9yTEmm2U5T7eTsI&google_push=Aer7DvIOIFDBzy8LpotcC4WhDbFyB0pFUGvM4kV-RJH7F7JNF7Di6DkEAYGp1rrQF-MDvu0yo6FjRdt4rh1QXTlAAzZvEAlrqCe8p4I&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvIOIFDBzy8LpotcC4WhDbFyB0pFUGvM4kV-RJH7F7JNF7Di6DkEAYGp1rrQF-MDvu0yo6FjRdt4rh1QXTlAAzZvEAlrqCe8p4I&google_hm=VzZySE5jZHVQVHhsR0hYb0pGTTU=

Request Chain 188

https://ad.doubleclick.net/ddm/trackimp/N1305126.154378CRITEO/B29096893.358774381;dc_trk_aid=549583343;dc_trk_cid=143229792;dcopt=anid;ord=642995c1a1e2aeb2f6d6b9a06d8b6a6f;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1305126.154378CRITEO/B29096893.358774381;dc_pre=CNKyi8u4i_4CFQPfyAodI6cEDQ;dc_trk_aid=549583343;dc_trk_cid=143229792;dcopt=anid;ord=642995c1a1e2aeb2f6d6b9a06d8b6a6f;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=

Request Chain 216

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDmQYpVX1vK7b-fc8vszc0U&google_cver=1&google_push=Aer7DvIzszdbpjSEKco6vV-Y4iNTVzFP59ZCVsArg_gT2mdtkLFB9I3U8tqFHu6wS8FeaZH-d1ImWbAxkj72_XpIE9rOw_q-5BI_hAo HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CE3h3I2STPC7T_9NGjnQcw2&google_push=Aer7DvIzszdbpjSEKco6vV-Y4iNTVzFP59ZCVsArg_gT2mdtkLFB9I3U8tqFHu6wS8FeaZH-d1ImWbAxkj72_XpIE9rOw_q-5BI_hAo

Request Chain 217

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEHXpRpaQZxxRjvVQZXVtX2M&google_cver=1&google_push=Aer7DvKEhH08TujKp0IzP6FcSd0N7vq8-FLUWcNsl1nToDr_DzxJHyh6v86HY_xw1gl0r53M3Gq3Fi8PybdBRVZoik7eXZhRothUV_M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NGJiNzZjODktZWU2Yy00MDRhLWE3ZjctOGM2OWJjNjcyMjJm&google_gid=CAESEHXpRpaQZxxRjvVQZXVtX2M&google_cver=1&google_push=Aer7DvKEhH08TujKp0IzP6FcSd0N7vq8-FLUWcNsl1nToDr_DzxJHyh6v86HY_xw1gl0r53M3Gq3Fi8PybdBRVZoik7eXZhRothUV_M

Request Chain 218

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAmSlYl0rezSGFsbXq1fFr4&google_cver=1&google_push=Aer7DvKhLzFacfOOl9lBV9vVp4Umc9DdMfxd1wRSeNRkAvcOuzecO8J0oPgEd8uP5Q_Z7TwtPdZ_y_eHLgLGybXbpMjVtvDizq4lIi0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAmSlYl0rezSGFsbXq1fFr4&google_cver=1&google_push=Aer7DvKhLzFacfOOl9lBV9vVp4Umc9DdMfxd1wRSeNRkAvcOuzecO8J0oPgEd8uP5Q_Z7TwtPdZ_y_eHLgLGybXbpMjVtvDizq4lIi0 HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7bab8abd-9b8a-4d65-90de-eb1b5f32d70d&ssp=google&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=419&user_id=10594718130084938031&ssp=google&gdpr=&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvKhLzFacfOOl9lBV9vVp4Umc9DdMfxd1wRSeNRkAvcOuzecO8J0oPgEd8uP5Q_Z7TwtPdZ_y_eHLgLGybXbpMjVtvDizq4lIi0&google_hm=e6uKvZuKTWWQ3usbXzLXDQ==

Request Chain 219

https://a.clickcertain.com/px/img/g/?google_gid=CAESEJJhp7Zt0iB5dK7un0bTN_s&google_cver=1&google_push=Aer7DvIVnCjMcc6_ZDoBEdCWBqa9KPpDPHkruoraQiRF6gBleR_rGDRlPStQEY0cl_KfiRfWu7nFDgbJ2jJkgXnmlxELz_2XjrqR9fQ HTTP 302
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=f11e8ab6-670d-4dab-a486-e89c4283be1a&ccid=f11e8ab6-670d-4dab-a486-e89c4283be1a&redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_gid%253dCAESEJJhp7Zt0iB5dK7un0bTN_s%2526google_cver%253d1%2526google_push%253dAer7DvIVnCjMcc6_ZDoBEdCWBqa9KPpDPHkruoraQiRF6gBleR_rGDRlPStQEY0cl_KfiRfWu7nFDgbJ2jJkgXnmlxELz_2XjrqR9fQ%2526anx_uId%253d%2524UID HTTP 303
https://i.liadm.com/s/56408?redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_gid%253dCAESEJJhp7Zt0iB5dK7un0bTN_s%2526google_cver%253d1%2526google_push%253dAer7DvIVnCjMcc6_ZDoBEdCWBqa9KPpDPHkruoraQiRF6gBleR_rGDRlPStQEY0cl_KfiRfWu7nFDgbJ2jJkgXnmlxELz_2XjrqR9fQ%2526anx_uId%253d%2524UID&bidder_id=200441&bidder_uuid=f11e8ab6-670d-4dab-a486-e89c4283be1a&_li_chk=true&ccid=f11e8ab6-670d-4dab-a486-e89c4283be1a&previous_uuid=9957bbf446b34c6d85a37b66af9c0d78 HTTP 303
https://a.clickcertain.com/px/li/?redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_gid%253dCAESEJJhp7Zt0iB5dK7un0bTN_s%2526google_cver%253d1%2526google_push%253dAer7DvIVnCjMcc6_ZDoBEdCWBqa9KPpDPHkruoraQiRF6gBleR_rGDRlPStQEY0cl_KfiRfWu7nFDgbJ2jJkgXnmlxELz_2XjrqR9fQ%2526anx_uId%253d%2524UID&ccid=f11e8ab6-670d-4dab-a486-e89c4283be1a HTTP 302
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEJJhp7Zt0iB5dK7un0bTN_s&google_cver=1&google_push=Aer7DvIVnCjMcc6_ZDoBEdCWBqa9KPpDPHkruoraQiRF6gBleR_rGDRlPStQEY0cl_KfiRfWu7nFDgbJ2jJkgXnmlxELz_2XjrqR9fQ&anx_uId=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fg%2F%3Fdone%3Dtrue%26google_gid%3DCAESEJJhp7Zt0iB5dK7un0bTN_s%26google_cver%3D1%26google_push%3DAer7DvIVnCjMcc6_ZDoBEdCWBqa9KPpDPHkruoraQiRF6gBleR_rGDRlPStQEY0cl_KfiRfWu7nFDgbJ2jJkgXnmlxELz_2XjrqR9fQ%26anx_uId%3D%24UID HTTP 302
https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEJJhp7Zt0iB5dK7un0bTN_s&google_cver=1&google_push=Aer7DvIVnCjMcc6_ZDoBEdCWBqa9KPpDPHkruoraQiRF6gBleR_rGDRlPStQEY0cl_KfiRfWu7nFDgbJ2jJkgXnmlxELz_2XjrqR9fQ&anx_uId=3921107230317769211 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=Aer7DvIVnCjMcc6_ZDoBEdCWBqa9KPpDPHkruoraQiRF6gBleR_rGDRlPStQEY0cl_KfiRfWu7nFDgbJ2jJkgXnmlxELz_2XjrqR9fQ&google_hm=ZjExZThhYjYtNjcwZC00ZGFiLWE0ODYtZTg5YzQyODNiZTFh

Request Chain 220

https://rtb.openx.net/sync/dds?google_gid=CAESEKQjSJBmhjJSCpNnhrydOw8&google_cver=1&google_push=Aer7DvIQSGP_N08c79g3QVU8Qy31aVRu1oHlaTGlRJUfMvlrqS9c-O3Dd2wHjbwu567fe19YLLrWocrHJRsqDY3w2UMFJJSCl7uD7O0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=Aer7DvIQSGP_N08c79g3QVU8Qy31aVRu1oHlaTGlRJUfMvlrqS9c-O3Dd2wHjbwu567fe19YLLrWocrHJRsqDY3w2UMFJJSCl7uD7O0&google_hm=xo-elUl7whQoetRglXMV9g==

Request Chain 221

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEJJRHnapIZjxZWcGazU81EQ&google_cver=1&google_push=Aer7DvJz05oVaIHfz6DE6xrGRpfc9Bj5TT-OwZnCPmCka7XplZpXPFrxF3ktvGr0hbend9VdyuZl8b-lI3ZFZGZfo285JfcZcXos5PY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQ1NTg3Mzg3MTg4Mzc4MDI4NTQ&google_push=Aer7DvJz05oVaIHfz6DE6xrGRpfc9Bj5TT-OwZnCPmCka7XplZpXPFrxF3ktvGr0hbend9VdyuZl8b-lI3ZFZGZfo285JfcZcXos5PY

Request Chain 222

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEJGa-sDNdqy29XHr8-DQ_Jc&google_cver=1&google_push=Aer7DvJ1WI0uA_fXSxWR8PKKVszUk5pD5q6oQwYgo_5Gvluds4oHIxSZ_LlpnbHHU8JIjtaUY2bkeRs3IrRslSuKcE4IHdAEx6VClvMZ HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEJGa-sDNdqy29XHr8-DQ_Jc&google_cver=1&google_push=Aer7DvJ1WI0uA_fXSxWR8PKKVszUk5pD5q6oQwYgo_5Gvluds4oHIxSZ_LlpnbHHU8JIjtaUY2bkeRs3IrRslSuKcE4IHdAEx6VClvMZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=pKzxcx2PSvyG-ikpp2xe2w==&no_redirect=1&google_push=Aer7DvJ1WI0uA_fXSxWR8PKKVszUk5pD5q6oQwYgo_5Gvluds4oHIxSZ_LlpnbHHU8JIjtaUY2bkeRs3IrRslSuKcE4IHdAEx6VClvMZ

Request Chain 224

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

223 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

dir.php
gadingpos.com/
Redirect Chain

http://s957290943.onlinehome.us/foldkws/?_rswasscs
https://gadingpos.com/dir.php

214 B
749 B

3278ms
3248ms

Document
text/html

2606:4700:3037::6815:300a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadingpos.com/dir.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:300a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b19df1fcbb219b2-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 02 Apr 2023 14:48:17 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TBAoaMycTWp7mRGabdStTmNnKvK3aov3U%2B03cxkx1TT2kGitcC3W0%2FLNAsPVc15siKeHRWTADoVbPbzHUHj%2Bt2F6uGalKfoZB%2B3k7thAVSCrxdmv3pyVnGw9DmsRIx2LSR%2FF6M8SxYtVKIa"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 02 Apr 2023 14:48:10 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
location: https://gadingpos.com/dir.php

GET
H2

200

Primary Request / Show response
law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Redirect Chain

https://gadingpos.com/dir.php?url=YUhSMGNITTZMeTlzWVhjdWFtRnJibVYwTG0xNUxtbGtMM0J5YjNSbFkzUXRlVzkxY25ObGJHWXRabkp2YlMxdVpYUm1iR2w0TFhOallXMXpMV2x1YzJsbmFIUnpMV1p5YjIwdFlTMXNZWGN0WVhSMGIzSnVaWGt2
https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/

127 KB
40 KB

5912ms
5866ms

Document
text/html

2606:4700:3030::ac43:a1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Requested by: Host: gadingpos.com
URL: https://gadingpos.com/dir.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a2b6eb9b8f3acf19e416ca921a1370427f1dd9a15bef013ce6a11824f2fe02

Request headers

Referer: https://gadingpos.com/dir.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b19df36398143d7-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 02 Apr 2023 14:48:23 GMT
link: <https://law.jaknet.my.id/wp-json/>; rel="https://api.w.org/", <https://law.jaknet.my.id/wp-json/wp/v2/posts/112>; rel="alternate"; type="application/json", <https://law.jaknet.my.id/?p=112>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNxVyykXHbci9kteotq2vFhwhvTRWa3FH8P8ifTT3pbMbQ%2BO%2FrMLqe9SnCNwNasZ360sEh9ykuGAgiAH7UlBRUelARlCmRGOhdRAOHsEGJuL1e2o9Kq56LWvo7Wp%2FwkHZDNoKOrMTVOMUtgEaoVV"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-pingback: https://law.jaknet.my.id/xmlrpc.php

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b19df344d1019b2-EWR
content-type: text/html; charset=UTF-8
date: Sun, 02 Apr 2023 14:48:17 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgyLb2B%2BpKPf1qDwcf4I7Io08%2B729iyJ4yjDvPaZ4VXHp4gbJmBLH0MYv1nUFXj8sub2y37uc%2FTYkbKtsADRPmdonu8ptoWeHmflMwt7IwWO0Ntt%2F45aQEM8maFRTic55BKMs0vbBk%2BYDfTF"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 style.min.css
law.jaknet.my.id/wp-includes/css/dist/block-library/ 95 KB
13 KB 17ms
12ms Stylesheet
text/css 2606:4700:3030::ac43:a1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://law.jaknet.my.id/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 03:24:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2579
etag: W/"17ced-5f815a2d9aea5-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShK5%2B1KFdNNfCQdzGShz6S2yQuiQ90fPxq7CY3bPsVOfp1F%2Fv3OVzo0%2BiUuYCCb3bc5Fdb3vwEpHV%2B2Vvo4w7xnG%2B%2BND%2FOSvsC86ATGuSjlaAxgapBkYQFMSfjkqUyBmFzGmqWRT8nPVFGgjWd%2Fc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7b19df5afc2d43d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 classic-themes.min.css
law.jaknet.my.id/wp-includes/css/ 291 B
533 B 15ms
10ms Stylesheet
text/css 2606:4700:3030::ac43:a1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://law.jaknet.my.id/wp-includes/css/classic-themes.min.css
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 03:24:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2579
etag: W/"123-5f815a2da4ae6-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BjIiBfgGy6aQntaSb45BSAcZYcifW1YrP3cL%2FvJNVwGl8g%2Fo6NVhMZv4NTM4UXqpY6A%2FdNVLQBkz9Wx%2F6U%2BMZrJjz0mnnc6qwtjn13c8IJmLF%2Bo7wQbNfg2Dqs9p%2FNyjyTdecY6Rxp4s2kxZesp"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7b19df5afc2e43d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
law.jaknet.my.id/wp-content/themes/sahifa/ 162 KB
33 KB 24ms
20ms Stylesheet
text/css 2606:4700:3030::ac43:a1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://law.jaknet.my.id/wp-content/themes/sahifa/style.css
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae85a93d8063828f7b05acb75a87c45cbd36eb04a9ace9f7793e51ee81c16167

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1306
cf-polished: origSize=203079
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 17 Feb 2023 15:27:47 GMT
server: cloudflare
etag: W/"31947-5f4e6f49ae2c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dn25%2Fg1N1CWFJ%2F5XD5uM8miYPRv5p1%2Bw4O%2B%2BSeJz3k741%2Bf89eBXjePd86aQVg%2Brtb4Ur5SMfCpkq8LCSZ9uPzgYpwNPN%2F5X0LTtCCJA76XRqbq%2F4ZJ23cWizZMb5UeuzdzNC0q44wfDgKFGpdZM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7b19df5afc2f43d7-EWR

GET
H2 200 skin.css
law.jaknet.my.id/wp-content/themes/sahifa/css/ilightbox/dark-skin/ 6 KB
1 KB 22ms
17ms Stylesheet
text/css 2606:4700:3030::ac43:a1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://law.jaknet.my.id/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e93414f896d6002f025697fd592d2393994fc8b21be6061dd55b8df904aa245

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2579
cf-polished: origSize=7289
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 17 Feb 2023 15:27:47 GMT
server: cloudflare
etag: W/"1c79-5f4e6f49ae2c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXJrKW43hEKqh%2Byiafhj%2FYtCpbfjx8NxcNNRPgldUokbgC445yU1Vh3J%2FvBk1%2Bmcs%2BcnOBWQ9TdrFoitVPVnScLPgrwBI8QOnuz%2Fq7UOMSWthSwLEoIuln1NwOrMAAMI5U%2FSzfjMU5EP6VsyRcU5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7b19df5afc3143d7-EWR

GET
H2 200 css
fonts.googleapis.com/ 754 B
742 B 47ms
18ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Requested by

Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8a7c6483f73f962abb0f768408bc73c219a0164ee43f60ac57595d314c1bebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 14:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 14:21:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Apr 2023 14:48:23 GMT

GET
H2 200 jquery.min.js Show response
law.jaknet.my.id/wp-includes/js/jquery/ 88 KB
32 KB 22ms
18ms Script
application/javascript 2606:4700:3030::ac43:a1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://law.jaknet.my.id/wp-includes/js/jquery/jquery.min.js
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 03:24:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2579
etag: W/"15ed7-5f815a2dbb249-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gj7C5wYLc7dExMCqAj%2FYhETeeVGPI0b2uKpydyMelgT3jkrIv65NBtRKnNviudB7b59k26yrQXWNeMKR%2F1bCRtGzqH0km2dhfa%2F0V7MLaezamTPv%2F2Ff1rsER2CKatVf9LWHgsW6VKstUpuYc0Ri"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7b19df5afc3243d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
law.jaknet.my.id/wp-includes/js/jquery/ 13 KB
5 KB 16ms
13ms Script
application/javascript 2606:4700:3030::ac43:a1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://law.jaknet.my.id/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 03:24:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1306
etag: W/"3470-5f815a2dbb249-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPaRAStN9jPy6rTYryMr7An8X89cU6EIOhveWbuEOefNNM5XXSEyoV5nu%2BwcWy8qqFgMv75JGKseEpYAf772907KEVWnsCbeM3mma57mHkYb%2BagCMaI%2BVuewPTZSdwypn%2BfNIgJyYOfAMXSpA3NB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7b19df5afc3343d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
48 KB 54ms
31ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3085456807504492

Requested by

Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67f28ddefe23da4b704e5e79e144f75ca1d0e300fd02f131ab4ef6c455a2e2ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://law.jaknet.my.id/
Origin: https://law.jaknet.my.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48501
x-xss-protection: 0
server: cafe
etag: 6599596196178330288
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 14:48:23 GMT

GET
H2 200 rp-cl-ob.js Show response
richinfo.co/richpartners/push/js/ 73 KB
26 KB 62ms
21ms Script
application/javascript 46.105.199.75
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=873150&siteid=327181&niche=33
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.199.75 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 4869765abcf18f052365adebfebb679f211fb3836067e4ea957d2f4fde54a26f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 11:00:59 GMT
content-encoding: br
last-modified: Wed, 22 Mar 2023 10:59:41 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.122.0/26
etag: W/"641adf9d-1238c"
content-type: application/javascript
cache-control: max-age=1209600
x-cdn-pop: bhs
accept-ranges: bytes
content-length: 26308
x-request-id: 964692752
expires: Wed, 05 Apr 2023 11:00:59 GMT

GET
H3 200 Netflix-660x330.png
law.jaknet.my.id/wp-content/uploads/2023/02/ 8 KB
8 KB 766ms
763ms Image
image/png 2606:4700:3030::ac43:a1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://law.jaknet.my.id/wp-content/uploads/2023/02/Netflix-660x330.png
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7c8656f7e7e5f22a849a5c283f182b183be807e931dba6bc7e07d542c36e417

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:24 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 18 Feb 2023 08:49:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1f05-5f4f5839fb500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lk%2B4XgmNMBdc%2FIzWK5B8Km6ryUv9BVqalwQ9Q8WBLnhXhL9QN%2BCmwdkQBegurS45XPohPVcQ%2FV7f3tF4D6G%2BoPD2toz5aQiGtG%2FHWK95rMyaA4slvFL2nTuDcMVISsUkltc6tQuhU%2FzTRscNP40z"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b19df5b8ce1c339-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7941

GET
H3 200 tie-scripts.js Show response
law.jaknet.my.id/wp-content/themes/sahifa/js/ 70 KB
21 KB 16ms
15ms Script
application/javascript 2606:4700:3030::ac43:a1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://law.jaknet.my.id/wp-content/themes/sahifa/js/tie-scripts.js
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f63de180098b5669cddeef897441f372161e25dde239a7f6fc03f5cb5ecec4be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6758
cf-polished: origSize=74081
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 17 Feb 2023 15:27:47 GMT
server: cloudflare
etag: W/"12161-5f4e6f49ae2c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2flmcZSxydsj4x4WIOyjB1Fjk%2Fo9hCXquw8FvTiHP2UQ7O2wQyfefxdYuFhSgdrkEMPrtYsIGF0Kjzx5BujFH%2BLZWy7dOUO%2FXhWiB1wHbA6vcrmCoaKVQFQgkNOCTXkto6HOfjcR7cQDkmWwuu9u"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7b19df5b7ccfc339-EWR

GET
H3 200 ilightbox.packed.js Show response
law.jaknet.my.id/wp-content/themes/sahifa/js/ 78 KB
25 KB 17ms
17ms Script
application/javascript 2606:4700:3030::ac43:a1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://law.jaknet.my.id/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d172c7a7d560ee869c812c4ac36c85cc951ff822a10f4a1c8a845ae5769b8e7a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6758
cf-polished: origSize=79789
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 17 Feb 2023 15:27:47 GMT
server: cloudflare
etag: W/"137ad-5f4e6f49ae2c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70adZV87TsnjvkmjSc2ZpE%2BHYKfSZQqLKPbNB84%2B0pIMjkYuIQPNPBbeIQVAKcKRHtnXQToGGxjmvPLSt1%2BlT%2FBps3sitvRbigcidCYvYXQwDHWIXL2rw4uaUz16WyQws%2F8uaEG%2FYivAF6A9OTld"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7b19df5b8cd5c339-EWR

GET
H3 200 comment-reply.min.js Show response
law.jaknet.my.id/wp-includes/js/ 3 KB
2 KB 13ms
11ms Script
application/javascript 2606:4700:3030::ac43:a1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://law.jaknet.my.id/wp-includes/js/comment-reply.min.js
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6758
etag: W/"ba5-5dc2a2438e980-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Q4hvun99DvgFRrmn9gJUnA02HHJs8uBtmtUZ4vzfRJYibcGaBeIAdwjkCv3We%2BoskOLbvtWmBzzzEuyanihQmjXEMjLrpMRdKuALAs9vvVeqfBLKa9qBKIoafiKkqa%2B9uT5H1pZZuTj1dYgjANo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7b19df5b8cdfc339-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 search.js Show response
law.jaknet.my.id/wp-content/themes/sahifa/js/ 11 KB
3 KB 16ms
13ms Script
application/javascript 2606:4700:3030::ac43:a1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://law.jaknet.my.id/wp-content/themes/sahifa/js/search.js
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b82e7af123915691ea31e2a9e6ec992e9fe4b184d7363c4176f57433f5ff6de7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6758
cf-polished: origSize=15010
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 17 Feb 2023 15:27:47 GMT
server: cloudflare
etag: W/"3aa2-5f4e6f49ae2c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QDxyyFmz53ojj%2FGe8oxloWSo34IP0pI%2FZs9rlTNLqTSOwUj23%2BKP2xMS1R8z8BT5pdd4mHxBWN7Cn76Dr6fiCh43m6Kfxn6kXIRFKCmRycquiQfhjLYRskXuqLtKU9OxmMA0EIsO9WWGxLCDqrC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7b19df5b8ce0c339-EWR

GET
H3 200 wp-emoji-release.min.js Show response
law.jaknet.my.id/wp-includes/js/ 18 KB
5 KB 18ms
15ms Script
application/javascript 2606:4700:3030::ac43:a1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://law.jaknet.my.id/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 03:24:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5788
etag: W/"4904-5f815a2dcbbeb-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbgmW6%2BvN0zHq4hb%2F5FR2dUQ6FE3dUxESDU4pimflPvD%2Fz3uNwXWGiszNT3%2F5t0EpF5GJx2vSPtVwF48ClmxFTDSAX3rhn3Arj4WYKPl6zkCJpV5UzRbMkzpf3dj7j2H9M5FotjrXWYDmMdmHces"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7b19df5b8ce2c339-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 body-bg7.png
law.jaknet.my.id/wp-content/themes/sahifa/images/patterns/ 21 KB
21 KB 755ms
755ms Image
image/png 2606:4700:3030::ac43:a1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://law.jaknet.my.id/wp-content/themes/sahifa/images/patterns/body-bg7.png
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/wp-content/themes/sahifa/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:24 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 17 Feb 2023 15:27:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "529a-5f4e6f49ae2c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDyG2AkRtNEX2De7Y3sn6ltle0TnDSAerum10pxVMMIuyyd49o1y0OlAk3jFrMOBkjfcJyJXCxxijCmyF2SqnOFI1tTgGpAWmT64R57yEMXS8dvb%2BTcS%2FbxnmgJR3U04cpsRw7CQ71z%2BrROArX7i"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b19df5b9ce9c339-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21146

GET
H3 200 home.png
law.jaknet.my.id/wp-content/themes/sahifa/images/ 1022 B
1 KB 859ms
854ms Image
image/png 2606:4700:3030::ac43:a1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://law.jaknet.my.id/wp-content/themes/sahifa/images/home.png
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/wp-content/themes/sahifa/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:24 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 17 Feb 2023 15:27:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3fe-5f4e6f49ae2c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6QAWgWk31rx6qIZKdldIXm5R3a6fEnKZDlq2pzAoG3iAULL%2B2Zcnfity7IZQxJ7uIo9%2BbnVcmOC6GHPpzLZRok4xmjb0ytVxY21w28ti4ReqbVb9LJFxx%2FTXLu%2BfZB%2B5SNlsiy5d42aAK35ozUr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b19df5bacf6c339-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1022

GET
H3 200 stripe.png
law.jaknet.my.id/wp-content/themes/sahifa/images/ 93 B
582 B 13ms
12ms Image
image/png 2606:4700:3030::ac43:a1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://law.jaknet.my.id/wp-content/themes/sahifa/images/stripe.png
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/wp-content/themes/sahifa/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Feb 2023 15:27:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6755
etag: "5d-5f4e6f49ae2c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYUNtrDXE%2FAciQasK1OKT0ylrhDVBVn4M7F%2F3uRPjvFRcga1ljHB%2BXEd1cE%2FCfmvvaKjiWawbhphqHl4sFV%2B4zrFOQvaFD5g1G5MksLVCLXYiNI5BLSz9a0nBNp3m%2BdUxLvXUg2F%2F1QWgHFnR1tT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b19df5bacf7c339-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 93

GET
H3 200 fontawesome-webfont.woff2
law.jaknet.my.id/wp-content/themes/sahifa/fonts/fontawesome/ 75 KB
76 KB 13ms
12ms Font
font/woff2 2606:4700:3030::ac43:a1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://law.jaknet.my.id/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/wp-content/themes/sahifa/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://law.jaknet.my.id/wp-content/themes/sahifa/style.css
Origin: https://law.jaknet.my.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Feb 2023 15:27:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 659
etag: W/"12d68-5f4e6f49ae2c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qxGHW%2FxBvPVuZW6WMD8TD6F1U0SVp8hpfoSdcnTKEFZVtSPUo8JsfPSAvskS79RsouNJg1xrvS%2BgVIvMWsdCtSEONkcFimvqg8F%2BKxYB2bN5o404Ts7JmSvUZr6FBrL%2Bpg5tlXACUgqyfDvyEmKA"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
cf-ray: 7b19df5bbcf8c339-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v18/ 21 KB
21 KB 29ms
7ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://law.jaknet.my.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:34:08 GMT
x-content-type-options: nosniff
age: 447255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21224
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:34:08 GMT

GET
H3 200 BebasNeue-webfont.woff
law.jaknet.my.id/wp-content/themes/sahifa/fonts/BebasNeue/ 20 KB
20 KB 18ms
16ms Font
font/woff 2606:4700:3030::ac43:a1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://law.jaknet.my.id/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/wp-content/themes/sahifa/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088

Request headers

Referer: https://law.jaknet.my.id/wp-content/themes/sahifa/style.css
Origin: https://law.jaknet.my.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Feb 2023 15:27:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5789
etag: W/"4e1c-5f4e6f49ae2c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1vD5XTOzwEVGKYl8Ey4h4OiasgXB6H%2BCKGBKIfP577b0FfeD28pDW6kdm1bbup%2B99ggspkocH%2BnzeziMpJJOCU7OCeUHcyK4nX%2FvmQGhCcrKB5j1uU07E389dWuKMLO9ZxtpqjAY7DA2DFcx9O8"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
cf-ray: 7b19df5bbcf9c339-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v18/ 22 KB
22 KB 26ms
6ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://law.jaknet.my.id
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:26:15 GMT
x-content-type-options: nosniff
age: 444128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22376
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 11:26:15 GMT

GET
H3 200 mmaazon-110x75.png
law.jaknet.my.id/wp-content/uploads/2023/02/ 4 KB
5 KB 17ms
11ms Image
image/png 2606:4700:3030::ac43:a1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://law.jaknet.my.id/wp-content/uploads/2023/02/mmaazon-110x75.png
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07278903fee8b0eeee890f00eee5a19b3a49159818b9744a2a6f8454af81e3a1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
cf-cache-status: HIT
last-modified: Sat, 18 Feb 2023 08:51:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1948
etag: "1147-5f4f587ad4e00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGIZ5RbweNIKaw8vO8uBo8NAa1Uo1CLT3iO5aHmdS0JkZjKzOSjq3bMVZbcCc6YZM7q5vMIJ98QQHxCHrNbZTGEN%2FcuO7f0cqMDfi2bxvINR81XWz9MR47bTxHUZXJoc9UWlFr1%2FjZFNAtLSZGQJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b19df5c0d4bc339-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4423

GET
H3 200 Netflix-110x75.png
law.jaknet.my.id/wp-content/uploads/2023/02/ 1 KB
2 KB 10ms
10ms Image
image/png 2606:4700:3030::ac43:a1a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://law.jaknet.my.id/wp-content/uploads/2023/02/Netflix-110x75.png
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a1a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f330358217ddd16d2bffbc78f1970203c2d61abfa5b15456c8e20c2df58fe35

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
cf-cache-status: HIT
last-modified: Sat, 18 Feb 2023 08:49:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1948
etag: "577-5f4f5839fb500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EiXx2YgmMaXU%2BCMfaYscfhOKarty%2FJRuGu0Yn4WOGoqFWdt92dGIIDszg6hfdqR%2F6%2BbnVk72G%2F7qsDKyLjnZNTxVLrOJWI9aPakYQtVnWNAq5hARKs1vL96bLeRcLhhnhjtSjOX7%2FLdl%2FY9ZrTrc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b19df5c0d4cc339-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1399

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 57ms
11ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:42:50 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.122.0/26
etag: "-375139978"
content-type: text/javascript
x-cdn-pop: bhs
accept-ranges: bytes
content-length: 4364
x-request-id: 751075460

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/ 350 KB
117 KB 89ms
77ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3085456807504492

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e82973475784142e2f5c7d68989b97ae9090cda3fdcfeb54c6f652b29228667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119835
x-xss-protection: 0
server: cafe
etag: 1176799847620376886
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 14:48:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/ Frame DBEE 10 KB
5 KB 30ms
4ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3085456807504492

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://law.jaknet.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 390
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:41:53 GMT
etag: 2378337311435320485
expires: Sun, 16 Apr 2023 14:41:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1f512.svg
s.w.org/images/core/emoji/14.0.0/svg/ 318 B
551 B 29ms
3ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f512.svg

Requested by

Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

3d1bdc815dc84364a7b951c266d61a5a1b8d1bbb1af6834fc29188eb0f22ea4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-nc: HIT ewr 1
date: Sun, 02 Apr 2023 14:48:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 318
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 st
rtb.pushdom.co/pb/ 0
72 B 132ms
28ms Image
text/html 38.100.129.10
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.pushdom.co/pb/st?sctp=content-locker&m=ht&pid=873150&sid=327181&dm=law.jaknet.my.id&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 38.100.129.10 Olney, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
server: openresty/1.15.8.3
content-length: 0
content-type: text/html;charset=UTF-8

GET
H2 200 st
rtb.pushdom.co/pb/ 0
71 B 133ms
29ms Image
text/html 38.100.129.10
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.pushdom.co/pb/st?sctp=content-locker&m=si&pid=873150&sid=327181&dm=law.jaknet.my.id&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 38.100.129.10 Olney, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
server: openresty/1.15.8.3
content-length: 0
content-type: text/html;charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
185 B 40ms
12ms Script
text/html 54.39.156.32
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4668012&@f16&@g1&@h1&@i1&@j1680446903880&@k0&@l1&@mProtect%20Yourself%20from%20Netflix%20Scams%3A%20Insights%20from%20a%20Law%20Attorney%20%E2%80%93%20LP&@n0&@ohttps%3A%2F%2Fgadingpos.com%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-196154055&@b3:1680446904&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.156.32 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns562579.ip-54-39-156.net
Software: /
Resource Hash: 01b7439ee9f9c7129219885ac45e1cc45572521d78743a31e2bd2c36ed80ed5b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sun, 02 Apr 2023 14:48:23 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
383 B 38ms
21ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=law.jaknet.my.id&callback=_gfp_s_&client=ca-pub-3085456807504492

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 41ms
23ms Script
application/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=law.jaknet.my.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 23ms
22ms Image
image/gif 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=background-cover&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 25ms
24ms Image
image/gif 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=background-cover&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3CAA 162 KB
39 KB 712ms
710ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&adk=3046330955&adf=2044148826&lmt=1680446903&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903756&bpp=9&bdt=247&idt=173&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1707897144982&frm=20&pv=2&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=204

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5793adf23adfe289e6333e8a8ee1b4e555d067bd24addfaa6ef47bd58571f088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://law.jaknet.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39954
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:48:24 GMT
expires: Sun, 02 Apr 2023 14:48:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B97A 98 KB
34 KB 1665ms
1664ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=3321380828&adf=2828135499&pi=t.ma~as.3209449553&w=728&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=728x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903765&bpp=3&bdt=255&idt=204&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=62&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DHF9FXBvFS&p=https%3A//law.jaknet.my.id&dtd=216

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d52bfffb1d0a8173530d9eae86fc922dea30c85ef8cf4bed65ad3ffcbff8c6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://law.jaknet.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34679
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:48:25 GMT
expires: Sun, 02 Apr 2023 14:48:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A53C 24 KB
10 KB 815ms
814ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=269618546&adf=2034898094&pi=t.ma~as.3209449553&w=620&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=620x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903768&bpp=4&bdt=259&idt=223&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IDfT8ZBboi&p=https%3A//law.jaknet.my.id&dtd=228

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abcd46833e797d7874ca739d58831beaeb19cb85b441cf48c827e33cfef14927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://law.jaknet.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:48:24 GMT
expires: Sun, 02 Apr 2023 14:48:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/ 150 KB
51 KB 29ms
29ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7f63af26bfb83d3c84006d4c8649c676dc5b6ed2529841792ee380fb6124e71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52118
x-xss-protection: 0
server: cafe
etag: 3282299275523584842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Apr 2023 14:48:24 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 25ms
24ms Script
application/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=law.jaknet.my.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AEDC 26 KB
12 KB 422ms
421ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=73325381&pi=t.aa~a.2076155081~i.3~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280&nras=2&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ZyZiEZhS7s&p=https%3A//law.jaknet.my.id&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f3c0670f8337fbb53a18717b57cc78492a76631dbdc5a1e466745e8d9dc5053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://law.jaknet.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11966
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:48:25 GMT
expires: Sun, 02 Apr 2023 14:48:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BD08 83 KB
26 KB 900ms
899ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=2587455480&pi=t.aa~a.2076155081~i.5~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280&nras=3&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O0xeSjOfFp&p=https%3A//law.jaknet.my.id&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84b7e5b0ced0959a51ac48305182f6d3365ec28cf48cdb09e1418be3a1709f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://law.jaknet.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 26622
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:48:25 GMT
expires: Sun, 02 Apr 2023 14:48:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 553D 26 KB
12 KB 9344ms
2074ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=1092558004&adf=3480699455&pi=t.aa~a.1349293058~i.1~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1263&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280%2C605x280&nras=4&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=oWJnjVFHj0&p=https%3A//law.jaknet.my.id&dtd=27

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa93efe5924532e26cd53a0f8c4f15052599134dbee5eda2edcd894674ec566d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://law.jaknet.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12170
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:48:34 GMT
expires: Sun, 02 Apr 2023 14:48:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 70A8 45 KB
0 1115ms
1115ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=200&adk=1305629257&adf=2291407919&pi=t.aa~a.1349293058~i.2~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x200&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1263&idt=1&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280%2C605x280%2C605x280&nras=5&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=8bP305lL0d&p=https%3A//law.jaknet.my.id&dtd=37

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://law.jaknet.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34271
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:48:25 GMT
expires: Sun, 02 Apr 2023 14:48:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DC6F 101 KB
35 KB 10481ms
3237ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=60&adk=1603365305&adf=2862744360&pi=t.aa~a.4232182926~rp.1&w=660&fwrn=4&fwrnh=100&lmt=1680446904&rafmt=1&to=qs&pwprc=6981954120&format=660x60&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904821&bpp=1&bdt=1311&idt=1&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280%2C605x280%2C605x280%2C605x200&nras=6&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=302&ady=4769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=sRlpkZ9uoJ&p=https%3A//law.jaknet.my.id&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44281f4bb8ff38abac65a706f1f01dd6dcfe5b666bf7fc951b7cb508a078dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://law.jaknet.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35024
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:48:35 GMT
expires: Sun, 02 Apr 2023 14:48:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame A53C 3 KB
1 KB 34ms
14ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=269618546&adf=2034898094&pi=t.ma~as.3209449553&w=620&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=620x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903768&bpp=4&bdt=259&idt=223&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IDfT8ZBboi&p=https%3A//law.jaknet.my.id&dtd=228

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame A53C 20 KB
8 KB 32ms
12ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A53C 158 KB
49 KB 132ms
94ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Apr 2023 14:48:24 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A53C 0
0 33ms
32ms Fetch
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChbnPuJUpZN3wAZvoo9kPlpGHmAucge-wXLrh56y8AcCNtwEQASAAYKECggEXY2EtcHViLTMwODU0NTY4MDc1MDQ0OTLIAQmoAwGqBIsCT9Asn4L4MYxrlwtio3vZLQ7j3NRlJhKRKHkEBcZ66WzJ6maxeo1P8uvnTejDo8VNUE66Gmp1cqdMm-FjzB9f5gbFRNAZPErlP1xSVU8ONqEbNirslV4X43d2JvqVk8tizJO3zgFgsCMstqtOsd6Cprc0V4kmCyTWjzVDdKYxXpXVw_fyPwHMoaUKrEc0uq0wbVTJVAVT9Sa5WQo8Wv93o3Er63xGT4VYzA6fO6QC0gJJWh4CLmX-OWTuMQjZAk2dZoqh-WZTxkSfQAQfrqpSTeoSFKtLnW9qCuchdTrMKpe29e6YqC-tvRIAp0aQ7xngKEHUfluhH0jH0ADelIcbyg87fUww_fSX8AOEgAbyso-uj-LPp8YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzA4NTQ1NjgwNzUwNDQ5MhgA&sigh=ThywvCl7GKk&uach_m=[UACH]&cid=CAQSGwDUE5ymkbgr2Rv8Q0BvQAkdJdNZ0NBowaxtfhgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=269618546&adf=2034898094&pi=t.ma~as.3209449553&w=620&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=620x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903768&bpp=4&bdt=259&idt=223&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IDfT8ZBboi&p=https%3A//law.jaknet.my.id&dtd=228
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 02 Apr 2023 14:48:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 02 Apr 2023 14:48:24 GMT

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame A53C 0
0 39ms
9ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=k_PsFc36ROwEmALiIp0XAgAAAN-4WGnRwRrzaDXPzYa6fAYQt5UpZCZ-hP6hqJUyOSsAABIAAAoKQVFVQkNnRUJDZw&wp=ZCmVuAAAeF0FKPQbAAHIluDZHjnXOO0pSi8EWA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:24 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 296149
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 3378 131 KB
45 KB 69ms
36ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZCmVuAAAeF0FKPQbAAHIluDZHjnXOO0pSi8EWA&u=%7CsY5BcsNGCKJbfBiAwQcy92mV1L8rq%2BoDbzYtuv1QeZI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AYdxcVbiUcTIVOAzbCnvcR0MQL5zTlLT-j70xTS9XYj2NuhWvbjmYdeUfhWsNZ9FPqQ4XdBCrMaqVKbqvZtGSm7ySC2-2BkHJEUV4X7Dv5_Rk5L6-M2z9VKC5V2nyaXlkRuOfDAzfGhSNTEIzOj0gM11HgYLRG-SxQM-bVUK9vFRxtdG9XiIBl14Pq73CJDBWdBz4OU63MznUPfZusEs9QIwiSbkBS1nn7NrODIp_FpNPp6W86Mk-86LDmOuaPTvfx962Rea01Ix9QOEIq4GBDXzHOrO3QXsRybduKKG0tBAB-mmJY-NjpNeKSFLFB-BWlqkWqHcMDZq6NETvvE-j3SjL5n1KBG8DaY_eFw4KODOIegO_67HRCveelqa33_k1U8i2M75_dXv5EqD0vb8usVb8Ag-RLB0lfbZG-qi2LEM6N5lFGmk0PC7oFujDMc5gZokDgkBzOAIe6u9OwY-5MFs3lCTpu4tkTtmhFDFNplTrJEzkuK340hqPpkirNMTPizhx43yOfxaMny8n2FavItVKP1FnZc0h89rEP_KN6lNT6hWMoxVac&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPQXTuJUpZN3wAZvoo9kPlpGHmAucge-wXLrh56y8AcCNtwEQASAAYKECggEXY2EtcHViLTMwODU0NTY4MDc1MDQ0OTLIAQmoAwGqBI4CT9Asn4L4MYxrlwtio3vZLQ7j3NRlJhKRKHkEBcZ66WzJ6maxeo1P8uvnTejDo8VNUE66Gmp1cqdMm-FjzB9f5gbFRNAZPErlP1xSVU8ONqEbNirslV4X43d2JvqVk8tizJO3zgFgsCMstqtOsd6Cprc0V4kmCyTWjzVDdKYxXpXVw_fyPwHMoaUKrEc0uq0wbVTJVAVT9Sa5WQo8Wv93o3Er63xGT4VYzA6fO6QC0gJJWh4CLmX-OWTuMQjZAk2dZoqh-WZTxkSfQAQfrqpSTeoSFKtLnW9qCuchdTrMKpe29e6YqC_vvzKSDLQZ79ppRc0_BNJiqHTv2S7GUBzosIbyw1Ic5V1BYQNHXwgggAbyso-uj-LPp8YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_115HdJAWUHfPHJiAtotbvVXUYjqw%26client%3Dca-pub-3085456807504492%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4bb2bd8c01ccdb64da91f01f69db14391645f248ab4929ce214a2190cb46bde9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:48:24 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=ZRo2UfJjREA3bVm1aORiJvWOuPU_8w538J99GuwG0tpebAJSanUR_nUSxJsChlazzbtCbFgnGQABi5gAXAb5LNBIX5rIMbHrYjVzPrw_jlQpnAOWjoFh_YAVCP2E4489hElLi4wlpphyL0VAhtI6Cn9n9daBhOwUbfmtxmc6JmlMzov71EEY9K49-l_WX2_0595aGmO7j_ldnRtyXQwk5W8mkxFRPfMR9AoR0SeewO74gE5iuzqO3KzeRBheSvc7JU4kCA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 21438308
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 25ms
24ms Script
application/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=law.jaknet.my.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://law.jaknet.my.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/ Frame E4A1 10 KB
4 KB 11ms
10ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://law.jaknet.my.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 30370
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 06:22:14 GMT
etag: 2378337311435320485
expires: Sun, 16 Apr 2023 06:22:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame E4A1 4 KB
728 B 20ms
17ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 14:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 14:32:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Apr 2023 14:48:24 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E4A1 205 B
649 B 25ms
4ms Image
image/png 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:15:06 GMT
x-content-type-options: nosniff
age: 1998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 01 Apr 2024 14:15:06 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E4A1 604 B
696 B 26ms
5ms Image
image/png 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 19:44:39 GMT
x-content-type-options: nosniff
age: 68625
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 31 Mar 2024 19:44:39 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/elements/html/ Frame E4A1 19 KB
8 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 19:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8171
x-xss-protection: 0
server: cafe
etag: 2240023182167719722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Apr 2023 19:29:13 GMT

GET
DATA 200
OK truncated
/ Frame A53C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d0bc8b9cb6fff60deed944d698675f3533abff7818138839a46526806afce3a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 3378 2 KB
1 KB 245ms
81ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZCmVuAAAeF0FKPQbAAHIluDZHjnXOO0pSi8EWA&u=%7CsY5BcsNGCKJbfBiAwQcy92mV1L8rq%2BoDbzYtuv1QeZI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AYdxcVbiUcTIVOAzbCnvcR0MQL5zTlLT-j70xTS9XYj2NuhWvbjmYdeUfhWsNZ9FPqQ4XdBCrMaqVKbqvZtGSm7ySC2-2BkHJEUV4X7Dv5_Rk5L6-M2z9VKC5V2nyaXlkRuOfDAzfGhSNTEIzOj0gM11HgYLRG-SxQM-bVUK9vFRxtdG9XiIBl14Pq73CJDBWdBz4OU63MznUPfZusEs9QIwiSbkBS1nn7NrODIp_FpNPp6W86Mk-86LDmOuaPTvfx962Rea01Ix9QOEIq4GBDXzHOrO3QXsRybduKKG0tBAB-mmJY-NjpNeKSFLFB-BWlqkWqHcMDZq6NETvvE-j3SjL5n1KBG8DaY_eFw4KODOIegO_67HRCveelqa33_k1U8i2M75_dXv5EqD0vb8usVb8Ag-RLB0lfbZG-qi2LEM6N5lFGmk0PC7oFujDMc5gZokDgkBzOAIe6u9OwY-5MFs3lCTpu4tkTtmhFDFNplTrJEzkuK340hqPpkirNMTPizhx43yOfxaMny8n2FavItVKP1FnZc0h89rEP_KN6lNT6hWMoxVac&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPQXTuJUpZN3wAZvoo9kPlpGHmAucge-wXLrh56y8AcCNtwEQASAAYKECggEXY2EtcHViLTMwODU0NTY4MDc1MDQ0OTLIAQmoAwGqBI4CT9Asn4L4MYxrlwtio3vZLQ7j3NRlJhKRKHkEBcZ66WzJ6maxeo1P8uvnTejDo8VNUE66Gmp1cqdMm-FjzB9f5gbFRNAZPErlP1xSVU8ONqEbNirslV4X43d2JvqVk8tizJO3zgFgsCMstqtOsd6Cprc0V4kmCyTWjzVDdKYxXpXVw_fyPwHMoaUKrEc0uq0wbVTJVAVT9Sa5WQo8Wv93o3Er63xGT4VYzA6fO6QC0gJJWh4CLmX-OWTuMQjZAk2dZoqh-WZTxkSfQAQfrqpSTeoSFKtLnW9qCuchdTrMKpe29e6YqC_vvzKSDLQZ79ppRc0_BNJiqHTv2S7GUBzosIbyw1Ic5V1BYQNHXwgggAbyso-uj-LPp8YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_115HdJAWUHfPHJiAtotbvVXUYjqw%26client%3Dca-pub-3085456807504492%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:48:25 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 3378 2 KB
1 KB 246ms
82ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:48:25 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 3378 308 B
636 B 256ms
95ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 27 Mar 2024 14:48:25 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 3378 293 B
622 B 240ms
80ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 27 Mar 2024 14:48:25 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 3378 43 B
348 B 48ms
13ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=5w4QIOQWwDvBpQkd-myv4xp5MYvMnVU1Dy9cGFJjea6fMoIZh3bea7w0PK54B0E6HKSEGVD_WnR2Xxj-y73dgRO0RKOwdUmlCaebaDRtb-e0_Un2TqRf24XmqokR3YMbab70NshICKmoMwA8Anqh6GDSigiBdh3-QG_je1OYNfbhVTrxkrmbfB3uT_hsL5hxF42puCtWuN3BHJAsTmMEbRN5AGXSK2Kq-u6H0pBi69cmQmHtHy6jEBbjMgzJF24SXH-o3eyiwFXrFs1A9DdzBOdBydhF-ZGrMRMCBNjrcEi-GahHWZqV5G4_6Qi67Jvqx_DM7fN92y9DIyuFNZn-7yhx_B6xkAoERkmaQV5vhtfQ3QtXnd48DWeJdCyu2Bsk9FIKp_JWeOZg71mb8i4f58P4v5YIJgNkgfbS83EsR3TOGxLE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3393520
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

B29096893.358774381;dc_pre=COGs2Ma4i_4CFd4JaAgdjBEFYg;dc_trk_aid=549583343;dc_trk_cid=143229792;dcopt=anid;ord=642995b851a5ff722093e37606cd5471;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N1305126.154378CRITEO/ Frame 3378
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1305126.154378CRITEO/B29096893.358774381;dc_trk_aid=549583343;dc_trk_cid=143229792;dcopt=anid;ord=642995b851a5ff722093e37606cd5471;dc_lat=;dc_rdid=;tag_for_...
https://ad.doubleclick.net/ddm/trackimp/N1305126.154378CRITEO/B29096893.358774381;dc_pre=COGs2Ma4i_4CFd4JaAgdjBEFYg;dc_trk_aid=549583343;dc_trk_cid=143229792;dcopt=anid;ord=642995b851a5ff722093e376...

42 B
118 B

37ms
31ms

Image
image/gif

142.250.80.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1305126.154378CRITEO/B29096893.358774381;dc_pre=COGs2Ma4i_4CFd4JaAgdjBEFYg;dc_trk_aid=549583343;dc_trk_cid=143229792;dcopt=anid;ord=642995b851a5ff722093e37606cd5471;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?

Requested by

Protocol

Server

142.250.80.102 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N1305126.154378CRITEO/B29096893.358774381;dc_pre=COGs2Ma4i_4CFd4JaAgdjBEFYg;dc_trk_aid=549583343;dc_trk_cid=143229792;dcopt=anid;ord=642995b851a5ff722093e37606cd5471;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 3378 12 KB
5 KB 39ms
8ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 847752
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VN9vg77dEsiwV1%2B2Q4m%2BAwhOHOJm2o7tfqnvzEfS3KTGGit10kYB9DGPHVVFkrmcCTvcrMCOSRixTZ8i06xjwOp0G4%2FGSpdk%2FNuZIKjJsvhRYt0p%2Bo%2F4PaydKfZ2GK0SO7Kvwer8AubIqbdzENT9tdEc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b19df642df58c57-EWR
expires: Fri, 22 Mar 2024 14:48:24 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 3378 12 KB
6 KB 246ms
94ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:48:25 GMT

GET
H2 200 e8fa26c560fc4a339cc1823e67dbd1fa_avenir-next-regular.woff
static.criteo.net/design/dt/ Frame 3378 47 KB
47 KB 326ms
160ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e8fa26c560fc4a339cc1823e67dbd1fa_avenir-next-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ea8bdaf9d3679df5dae432416a9cb041ef81ef8e0b7a511bf9a2865d680bb3b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 13 Mar 2018 16:31:17 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5aa7fcd5-bcc4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:48:25 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 3378 102 KB
102 KB 45ms
15ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?m=0&partner=97186&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F97186%2F221116%2F34c0d48b9bf74f2485d3ae508608b311_img_horizontal_1.jpg&v=3&s=mIKno7uBzCAhqAYv0AQDgYm0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

a5c84b162076cb6ffaaee936088c3a27a448eb4675e8babceba441650a735718

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29254492
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 104412
expires: Wed, 06 Mar 2024 05:03:17 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 3378 121 KB
121 KB 65ms
36ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?m=0&partner=97186&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F97186%2F221116%2F24c1e15c4c3c4b60ac555326dcb85f0a_img_horizontal_2.jpg&v=3&s=PVW68zbNEyUM4PRlTNX-OvT1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

2ae93a98c64c521dcac0afce28bf29f3b9511b1b5c6ed4db2771919b26750e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=27060851
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 123952
expires: Fri, 09 Feb 2024 19:42:37 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 3378 91 KB
91 KB 53ms
24ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?m=0&partner=97186&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F97186%2F221116%2F006bbb10f80d4c5385318e7dc90198d7_img_horizontal_3.jpg&v=3&s=d1IIAMgmruX4gGMxYH3zTsDS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

284dff49f0f53ffb94d8ccaeb520aa4a861c5f6616162e2e7a762771741bb319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29353349
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 93190
expires: Thu, 07 Mar 2024 08:30:54 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 3378 152 KB
152 KB 70ms
41ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?m=0&partner=97186&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F97186%2F221116%2F63a73d536d4f456184b64259a557ab1c_img_horizontal_5.jpg&v=3&s=KkNEDNeptEeyJL2cb6ehlY6S

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

0058220d3d68ca88e1b6aa9b62140c3c22008963ec1d93edc01684aa758f5e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=27060851
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 155248
expires: Fri, 09 Feb 2024 19:42:36 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 3378 73 KB
74 KB 70ms
42ms Image
image/png 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=556&m=0&partner=97186&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F97186%2F221116%2F2216cd8742c844d389ff896efa086710_logo.png&v=3&w=1236&s=l18Ck_A1g_rNJQGZ6QqSypXU

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

296f0b28cff52162ae66b9088f82dda32ef79049fd376eeba7a170c52a2d2905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29936768
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 75120
expires: Thu, 14 Mar 2024 02:34:33 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 3378 0
128 B 30ms
9ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=ZRo2UfJjREA3bVm1aORiJvWOuPU_8w538J99GuwG0tpebAJSanUR_nUSxJsChlazzbtCbFgnGQABi5gAXAb5LNBIX5rIMbHrYjVzPrw_jlQpnAOWjoFh_YAVCP2E4489hElLi4wlpphyL0VAhtI6Cn9n9daBhOwUbfmtxmc6JmlMzov71EEY9K49-l_WX2_0595aGmO7j_ldnRtyXQwk5W8mkxFRPfMR9AoR0SeewO74gE5iuzqO3KzeRBheSvc7JU4kCA&sds=2&rev=85392.3&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 14:48:24 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3378 2 KB
1 KB 82ms
81ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:48:25 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 3378 2 KB
1 KB 85ms
84ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:48:25 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2807 8 KB
893 B 21ms
21ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

167b257107cabdb59f856f00b9f9947ccea131594fda5897adb27503126a6a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 14:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 14:32:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Apr 2023 14:48:25 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 2807 2 KB
765 B 5ms
4ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/ Frame 2807 22 KB
9 KB 5ms
5ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 2807 3 KB
1 KB 5ms
5ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 2807 20 KB
8 KB 7ms
6ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2807 158 KB
49 KB 38ms
31ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Apr 2023 14:48:25 GMT

GET
H2 200 16f0d4cb97c8e7eb77e268815c2afdab.js Show response
www.gstatic.com/mysidia/ Frame 2807 34 KB
14 KB 9ms
2ms Script
text/javascript 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16f0d4cb97c8e7eb77e268815c2afdab.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ae3bb0a509cfd77e56854034c90db2e31b6436cd887965bf492f9a0cf172656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:23:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14384
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 22:20:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 01 Jul 2023 06:23:50 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8760 143 B
166 B 5ms
4ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:28:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8760
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

33ms
32ms

Document
text/html

2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230329/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:48:25 GMT
expires: Sun, 02 Apr 2023 14:48:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:48:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame AEDC 3 KB
1 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=73325381&pi=t.aa~a.2076155081~i.3~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280&nras=2&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ZyZiEZhS7s&p=https%3A//law.jaknet.my.id&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame AEDC 20 KB
8 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AEDC 0
0 27ms
21ms Image
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSus_kjBD6WuWbrQQNgWtJijMo15vC4fWSMutUvAJqHlBrKoiWcNDLONVPQI84KczPEhg-NZFJkkE-0m2YRqFK9SM6pig
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=73325381&pi=t.aa~a.2076155081~i.3~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280&nras=2&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ZyZiEZhS7s&p=https%3A//law.jaknet.my.id&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AEDC 158 KB
48 KB 23ms
22ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Apr 2023 14:48:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AEDC 0
0 34ms
31ms Fetch
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWopHuJUpZIGBMrjxo9kP-o6ucJyB77BcyqapqnTAjbcBEAEgAGChAoIBF2NhLXB1Yi0zMDg1NDU2ODA3NTA0NDkyyAEJqAMBqgSLAk_Q250BgsZVddtA23UmXxTX9OiGJVlzjx0-iqxlljfemPDpB9o7f0TIeZEOhZTfBbdvpqZftK22YgnrKNCopc8Ep14-v1JeRHFlt0l8NEmquio5N1Za5BwDXDANIRMrsbJ4k92djm0tCywZotsuz7kfU_nglH_f1_AUHyszFYSO6sXXHWSAZh7nOIayLYVoDgoEg5Dj4bm1pN4fwXf8q9AXHZmpoEB6OQUuNN7zJgUOQjuAYkgsZmolR-_lxQLnyeeg6YfX-7BG9g8zU3ZKHWF2kHJMRrXqNTiL21Da9-TbfzdB0X6Qnf1P34srkH2IuSad5ORywWg_d3rGnvcACEG2eWzv0fwF_sb4yYAG8rKPro_iz6fGAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTMwODU0NTY4MDc1MDQ0OTIYAA&sigh=FllPsMwLkqw&uach_m=[UACH]&cid=CAQSKQDUE5ym5eQQSnoYlkaJIT48ibYRO1klalqcO0yCVg_Fv1Qrqlo3EdsQGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=73325381&pi=t.aa~a.2076155081~i.3~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280&nras=2&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ZyZiEZhS7s&p=https%3A//law.jaknet.my.id&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 02 Apr 2023 14:48:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.da.us.criteo.com/google/auction/ Frame AEDC 0
0 139ms
43ms Fetch 2620:100:a005::14
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.da.us.criteo.com/google/auction/notify?profile=14&payload=k_PsFc36RN0EmALiIp0XAgAAAEy8Ldqw5m-0aDXPzYa6fAYQuJUpZESnTcXnuRq9lYMAABIAAAoKQVFVQkRBRVBEQQ&wp=ZCmVuAAMgIEFKPi4AAuHeg4fMG3JZl-mv-Xl3Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::14 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:24 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 206521
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 0B8E 128 KB
43 KB 33ms
32ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZCmVuAAMgIEFKPi4AAuHeg4fMG3JZl-mv-Xl3Q&u=%7CsY5BcsNGCKIuvKRiEgGdzQ6CD3Dc%2Bxbntg0aHEjJ%2FTY%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AYdxcVbiUcTIVOAzbCnvcQZApWQ2SYTd5jzsxYCi6_5iApmCPBPeb7upQE5xUY-RpQTsIgdSyhrsdn6tEG_IuSMpMUGaKwG50wLW12fI2xPlGkWaEJxxy2xWU5kzEeYaU4lMOgSAjPc8PfS9R0I-fQs4btaNhIy4got9094JFMbqWYJ9VGzJXHTts9O3gd4pbLeIEXQYW5uO2MLtaePoLOqp3kyZfF8if3I5cR9qcD3TEJ04Xuoe3fk7Optw5CuzbXNNHgfbE5h9NR0rIXU-CzWcf9v0OU5iGpl699j1gzn1BzpzsDTyohw_ulWbgCIFEMkr7mU5nTYv4li6K8VabBeUTVRA5TpfNmTz-wHOhtm7t28eUI0B4rJQtgcoZJ_cWS9odelnoMBvIKmApmZHbKCWDy1UdUOzIINHT5oTM4NxtLUIFsLVdhYHy-fWOcnDRm6unLxjsU1n4QDBaKSRN1vH9eGa0Un2uE3OmlL6KmgH-uH1TRuVwyLKR8f9YZ_jkiyxXT2hyuUnl-mDvQ1Xg058ckYPmnCw-ZDy-ak_iQ_0uL9yUVxd6E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIge-uJUpZIGBMrjxo9kP-o6ucJyB77BcyqapqnTAjbcBEAEgAGChAoIBF2NhLXB1Yi0zMDg1NDU2ODA3NTA0NDkyyAEJqAMBqgSOAk_Q250BgsZVddtA23UmXxTX9OiGJVlzjx0-iqxlljfemPDpB9o7f0TIeZEOhZTfBbdvpqZftK22YgnrKNCopc8Ep14-v1JeRHFlt0l8NEmquio5N1Za5BwDXDANIRMrsbJ4k92djm0tCywZotsuz7kfU_nglH_f1_AUHyszFYSO6sXXHWSAZh7nOIayLYVoDgoEg5Dj4bm1pN4fwXf8q9AXHZmpoEB6OQUuNN7zJgUOQjuAYkgsZmolR-_lxQLnyeeg6YfX-7BG9g8zU3ZKHWF2kHJMRrXqNTiL21Da9-TbfzdB0X6Q3_9vTSDZGX1LMEsRD577At8DX3PohjOb-zs_sNLx_eSsKFf4CnOmUIAG8rKPro_iz6fGAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31WkYIMc7tBgQsfhzjwe02iogTOQ%26client%3Dca-pub-3085456807504492%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4713ba70d3078d169863a788fb9f673ca585aa1d52ffda1745610d433166971e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:48:24 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=L3u-G_JjREA3bVm10yj3upSbk8hDbGBJSUqw1PqKwisfXf8mZXnvKp5wWS-30whnppuB54oo-B3GSdl4_osyAZ4bAjOTDX-2Htl_3tarTOypckNjJ41YcgMtxhJhg8lweKH_X_LWLBprXf2Suwcf2B-Naim8q40lXsHNlW08Oxsl07Zc1BliQ5L66qXpfodNuGRrL5HK0J9izac8SxLJc_jjgULniFgcDG0VmdbLyG4dawDGFVvSipROBeTKEaqgB-sjrw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 19570711
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9315 1 KB
643 B 5ms
4ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 68685
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Apr 2023 19:43:40 GMT
etag: 48472445140208031
expires: Sun, 02 Apr 2023 19:43:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AEDC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8aa94c2ca197966159961a0a89d5d655287e60d76500af406059ecb1066cb653

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9315 35 B
465 B 65ms
11ms Image
image/gif 2620:116:800b:21:b08a:1dc5:659b:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENs0Z_hMSHk2-qP9lcHiN4I&google_cver=1&google_push=Aer7DvI4hw9DZKjToaiW6yyszQJQAnP7K0f9X2BZis3iAeHVt7kUZq2yvZ__VU70Kwe2kYrtzdilA7cUM-1jr94Kf8loifLF9AGMYw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:25 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9315
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESELWlAGOQEP4ZNEHAVfOdFq4&google_cver=1&google_push=Aer7DvLlYXR4VinNkHC-bVCUFrYIxi_bD_g_wWwFvMgqZQ4sIR928nUiCKTK6oosimU-F8t7LdNeXs_79xgqXzTGmpJ8IJaske7VhCY
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=70D6C0BDFED9498EABFEF64436586E2A&google_push=Aer7DvLlYXR4VinNkHC-bVCUFrYIxi_bD_g_wWwFvMgqZQ4sIR928nUiCKTK6oosimU-F8t7LdNeXs_79xgqXzT...

170 B
188 B

22ms
22ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=70D6C0BDFED9498EABFEF64436586E2A&google_push=Aer7DvLlYXR4VinNkHC-bVCUFrYIxi_bD_g_wWwFvMgqZQ4sIR928nUiCKTK6oosimU-F8t7LdNeXs_79xgqXzTGmpJ8IJaske7VhCY

Requested by

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 02 Apr 2023 14:48:25 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=70D6C0BDFED9498EABFEF64436586E2A&google_push=Aer7DvLlYXR4VinNkHC-bVCUFrYIxi_bD_g_wWwFvMgqZQ4sIR928nUiCKTK6oosimU-F8t7LdNeXs_79xgqXzTGmpJ8IJaske7VhCY
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 01 Apr 2023 14:48:25 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9315
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJVIMZi7TdjHDbtsCnt9rnY&google_cver=1&google_push=Aer7DvI5XO8vBx2uMwzd4qXT6uWT20hef5PImMeRwhnBPK0lN8cLElg7H8DCv9LWH3OaAkKcXGixbhN1vDhbI06Hdg...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEJVIMZi7TdjHDbtsCnt9rnY&google_cver=1&google_push=Aer7DvI5XO8vBx2uMwzd4qXT6uWT20hef5PImMeRwhnBPK0lN8cLElg7H8DCv9LWH3OaAkKcXGixbhN1vDhbI06Hdg...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NTU4MDE5MTMtNjhhYS00MGQ2LTkwZDEtOTNlZGQ5NWZmMmZl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=55801913-68aa-40d6-90d1-93edd95ff2fe

170 B
188 B

26ms
25ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NTU4MDE5MTMtNjhhYS00MGQ2LTkwZDEtOTNlZGQ5NWZmMmZl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=55801913-68aa-40d6-90d1-93edd95ff2fe

Requested by

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NTU4MDE5MTMtNjhhYS00MGQ2LTkwZDEtOTNlZGQ5NWZmMmZl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=55801913-68aa-40d6-90d1-93edd95ff2fe
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9315
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESELoGwRd_ZGlQaEdY07U0vnQ&google_cver=1&google_push=Aer7DvKXEk4p4Z1Or2eplmERfI1V7w0v883C-rPViUr21GhyyhE5XEC_PzCq9U-rhufNcPdVOwVrth-MQJQ7XRx6...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CE3h3I2STPC7T_9NGjnQcw2&google_push=Aer7DvKXEk4p4Z1Or2eplmERfI1V7w0v883C-rPViUr21GhyyhE5XEC_PzCq9U-rhufNcPdVOwVrth-MQJQ7XRx6w9mZdcHymdLm8X8

170 B
188 B

25ms
24ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CE3h3I2STPC7T_9NGjnQcw2&google_push=Aer7DvKXEk4p4Z1Or2eplmERfI1V7w0v883C-rPViUr21GhyyhE5XEC_PzCq9U-rhufNcPdVOwVrth-MQJQ7XRx6w9mZdcHymdLm8X8

Requested by

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 02 Apr 2023 14:48:25 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CE3h3I2STPC7T_9NGjnQcw2&google_push=Aer7DvKXEk4p4Z1Or2eplmERfI1V7w0v883C-rPViUr21GhyyhE5XEC_PzCq9U-rhufNcPdVOwVrth-MQJQ7XRx6w9mZdcHymdLm8X8
x-host: tde-deliveryengine-production-86c874c4d8-wzc4h
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9315
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEL2XY9HEiK0V3eq66e-WZBY&google_cver=1&google_push=Aer7DvJHyesHFKMcNLUM7DE_N5ZfeSDa_WXTVsk-5HLfpLax8RxtlT045MoNrXvhZgiAmIFBlXN2kLYVsr3VV80xLCa1KA2...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvJHyesHFKMcNLUM7DE_N5ZfeSDa_WXTVsk-5HLfpLax8RxtlT045MoNrXvhZgiAmIFBlXN2kLYVsr3VV80xLCa1KA2gsBbEzf8&google_hm=eS1oZ21ySUxwRTJwRU9...

170 B
329 B

27ms
26ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvJHyesHFKMcNLUM7DE_N5ZfeSDa_WXTVsk-5HLfpLax8RxtlT045MoNrXvhZgiAmIFBlXN2kLYVsr3VV80xLCa1KA2gsBbEzf8&google_hm=eS1oZ21ySUxwRTJwRU9zQkhFb3pxSVpnRVNnYkdRT0FWX35B

Requested by

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 02 Apr 2023 14:48:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvJHyesHFKMcNLUM7DE_N5ZfeSDa_WXTVsk-5HLfpLax8RxtlT045MoNrXvhZgiAmIFBlXN2kLYVsr3VV80xLCa1KA2gsBbEzf8&google_hm=eS1oZ21ySUxwRTJwRU9zQkhFb3pxSVpnRVNnYkdRT0FWX35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9315
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELD-3T51B0qIoxRB0-8D4i8&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELD-3T51B0qIoxRB0-8D4i8&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELD-3T51B0qIoxRB0-8D4i8&google_hm=ZCmVuVw_a1z5myo7eT5NdgAABQIAAAAB&google_nid=index&google_push=Aer7DvJPNGW6g924mqKE0ukjr_GLnrNbnvhp0...

170 B
188 B

28ms
27ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELD-3T51B0qIoxRB0-8D4i8&google_hm=ZCmVuVw_a1z5myo7eT5NdgAABQIAAAAB&google_nid=index&google_push=Aer7DvJPNGW6g924mqKE0ukjr_GLnrNbnvhp0LkUm8iAbH3Gj4m-RQELIvyPtUBpQ6tGlrX-6EUCU5SFakZ1F5DFfYCpi6BccniL4LY

Requested by

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 02 Apr 2023 14:48:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELD-3T51B0qIoxRB0-8D4i8&google_hm=ZCmVuVw_a1z5myo7eT5NdgAABQIAAAAB&google_nid=index&google_push=Aer7DvJPNGW6g924mqKE0ukjr_GLnrNbnvhp0LkUm8iAbH3Gj4m-RQELIvyPtUBpQ6tGlrX-6EUCU5SFakZ1F5DFfYCpi6BccniL4LY
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9315
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEM28062lXD7dtJ_4LvKTK14&google_cver=1&google_push=Aer7DvLOc2w9J0rS0TNfFSO2bmwjETHuBhDxMWzkNxcNYO378DZsLFLhzIWhB5mdtGZP6ljMGqgdFuB7BDnuyQJY4WrghH_ot...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aer7DvLOc2w9J0rS0TNfFSO2bmwjETHuBhDxMWzkNxcNYO378DZsLFLhzIWhB5mdtGZP6ljMGqgdFuB7BDnuyQJY4WrghH_otEmVNrhw&google_hm=cd160c6627...

170 B
188 B

22ms
22ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aer7DvLOc2w9J0rS0TNfFSO2bmwjETHuBhDxMWzkNxcNYO378DZsLFLhzIWhB5mdtGZP6ljMGqgdFuB7BDnuyQJY4WrghH_otEmVNrhw&google_hm=cd160c6627d953aaad554b5c8257d995

Requested by

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aer7DvLOc2w9J0rS0TNfFSO2bmwjETHuBhDxMWzkNxcNYO378DZsLFLhzIWhB5mdtGZP6ljMGqgdFuB7BDnuyQJY4WrghH_otEmVNrhw&google_hm=cd160c6627d953aaad554b5c8257d995
date: Sun, 02 Apr 2023 14:48:25 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
content-type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9315 0
139 B 48ms
19ms Image
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JDW2aTbRq8CHZxU07oUm9WQc5aTMszpqdStlj4UIukWx3sIu3iMsb4w6RxukFwBOgUD4Kj9A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 0B8E 2 KB
1 KB 80ms
79ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZCmVuAAMgIEFKPi4AAuHeg4fMG3JZl-mv-Xl3Q&u=%7CsY5BcsNGCKIuvKRiEgGdzQ6CD3Dc%2Bxbntg0aHEjJ%2FTY%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AYdxcVbiUcTIVOAzbCnvcQZApWQ2SYTd5jzsxYCi6_5iApmCPBPeb7upQE5xUY-RpQTsIgdSyhrsdn6tEG_IuSMpMUGaKwG50wLW12fI2xPlGkWaEJxxy2xWU5kzEeYaU4lMOgSAjPc8PfS9R0I-fQs4btaNhIy4got9094JFMbqWYJ9VGzJXHTts9O3gd4pbLeIEXQYW5uO2MLtaePoLOqp3kyZfF8if3I5cR9qcD3TEJ04Xuoe3fk7Optw5CuzbXNNHgfbE5h9NR0rIXU-CzWcf9v0OU5iGpl699j1gzn1BzpzsDTyohw_ulWbgCIFEMkr7mU5nTYv4li6K8VabBeUTVRA5TpfNmTz-wHOhtm7t28eUI0B4rJQtgcoZJ_cWS9odelnoMBvIKmApmZHbKCWDy1UdUOzIINHT5oTM4NxtLUIFsLVdhYHy-fWOcnDRm6unLxjsU1n4QDBaKSRN1vH9eGa0Un2uE3OmlL6KmgH-uH1TRuVwyLKR8f9YZ_jkiyxXT2hyuUnl-mDvQ1Xg058ckYPmnCw-ZDy-ak_iQ_0uL9yUVxd6E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIge-uJUpZIGBMrjxo9kP-o6ucJyB77BcyqapqnTAjbcBEAEgAGChAoIBF2NhLXB1Yi0zMDg1NDU2ODA3NTA0NDkyyAEJqAMBqgSOAk_Q250BgsZVddtA23UmXxTX9OiGJVlzjx0-iqxlljfemPDpB9o7f0TIeZEOhZTfBbdvpqZftK22YgnrKNCopc8Ep14-v1JeRHFlt0l8NEmquio5N1Za5BwDXDANIRMrsbJ4k92djm0tCywZotsuz7kfU_nglH_f1_AUHyszFYSO6sXXHWSAZh7nOIayLYVoDgoEg5Dj4bm1pN4fwXf8q9AXHZmpoEB6OQUuNN7zJgUOQjuAYkgsZmolR-_lxQLnyeeg6YfX-7BG9g8zU3ZKHWF2kHJMRrXqNTiL21Da9-TbfzdB0X6Q3_9vTSDZGX1LMEsRD577At8DX3PohjOb-zs_sNLx_eSsKFf4CnOmUIAG8rKPro_iz6fGAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_31WkYIMc7tBgQsfhzjwe02iogTOQ%26client%3Dca-pub-3085456807504492%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:48:25 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 0B8E 2 KB
1 KB 82ms
82ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:48:25 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 0B8E 308 B
636 B 81ms
79ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 27 Mar 2024 14:48:25 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 0B8E 293 B
621 B 84ms
81ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 27 Mar 2024 14:48:25 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 0B8E 43 B
347 B 14ms
12ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=mu-fxOQWwDvBpQkd-myv4xp5MYvBndQoXFhMjeS6K76-r-87etNbz5FAnbNSaM5C-tTKMCObRrsqelU_HMcZOLdvPS_U-wCFQPOtwB7SV4vDZBME7yBloOU69eiOWkmq556vjsF_TPolwI97ZyDPwSntw77QIAQVF96la3Of89RnxFjt9RD1awDiYd79nf6utVi2xFtipMU-NGWGmE4qPdKeJrjsWiVe3pirqYw57cvFKZhc5bwSngvyDw3Hl6hkeBhzc4G18U_cBijXjxomBmvLPJeEmjrH4qcgn11ZvOoQNlzMjSTl5noOkJtEGvXwvzMn5J1-YIbi5eEcNhn2imtXJ7j-m9ds-7-0J1W9h4h8lsgBd7CPNsejaqR2GGRKIr3OiWuoQdBhvXz7blNiGPTJXMP5YsGnzmc9bI5TIUcjnnwLuh1r8JKjjvnBR0GRSkKVnQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:25 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2078053
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

B29096893.358774381;dc_pre=CJbr7Ma4i_4CFVriyAodbwkItg;dc_trk_aid=549583343;dc_trk_cid=143229792;dcopt=anid;ord=642995b95c0f68a41e8d48ee9ab280b6;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N1305126.154378CRITEO/ Frame 0B8E
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1305126.154378CRITEO/B29096893.358774381;dc_trk_aid=549583343;dc_trk_cid=143229792;dcopt=anid;ord=642995b95c0f68a41e8d48ee9ab280b6;dc_lat=;dc_rdid=;tag_for_...
https://ad.doubleclick.net/ddm/trackimp/N1305126.154378CRITEO/B29096893.358774381;dc_pre=CJbr7Ma4i_4CFVriyAodbwkItg;dc_trk_aid=549583343;dc_trk_cid=143229792;dcopt=anid;ord=642995b95c0f68a41e8d48ee...

42 B
63 B

80ms
78ms

Image
image/gif

142.250.80.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1305126.154378CRITEO/B29096893.358774381;dc_pre=CJbr7Ma4i_4CFVriyAodbwkItg;dc_trk_aid=549583343;dc_trk_cid=143229792;dcopt=anid;ord=642995b95c0f68a41e8d48ee9ab280b6;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?

Requested by

Protocol

Server

142.250.80.102 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:25 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N1305126.154378CRITEO/B29096893.358774381;dc_pre=CJbr7Ma4i_4CFVriyAodbwkItg;dc_trk_aid=549583343;dc_trk_cid=143229792;dcopt=anid;ord=642995b95c0f68a41e8d48ee9ab280b6;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 0B8E 12 KB
5 KB 9ms
9ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 847753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7aQjfsR3ygEEiRaa2DCjJggh0uCkaf%2FpeWwLQkpqjiUcvs03DclhYlUUOmOM9lscbwQD08xmu0YfIY684HMqaWmrVQVC43P3AN3seyjt1gC3d2t%2F9vwPnGRG1rgc7AQCYWj%2F%2FkLOls9qhStpGpcqA%2Fdz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b19df6648318c57-EWR
expires: Fri, 22 Mar 2024 14:48:25 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 0B8E 12 KB
6 KB 90ms
89ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:48:25 GMT

GET
H2 200 e8fa26c560fc4a339cc1823e67dbd1fa_avenir-next-regular.woff
static.criteo.net/design/dt/ Frame 0B8E 47 KB
47 KB 102ms
102ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e8fa26c560fc4a339cc1823e67dbd1fa_avenir-next-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ea8bdaf9d3679df5dae432416a9cb041ef81ef8e0b7a511bf9a2865d680bb3b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 13 Mar 2018 16:31:17 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5aa7fcd5-bcc4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:48:25 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 0B8E 102 KB
102 KB 10ms
10ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

a5c84b162076cb6ffaaee936088c3a27a448eb4675e8babceba441650a735718

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29254492
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 104412
expires: Wed, 06 Mar 2024 05:03:17 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 0B8E 121 KB
121 KB 17ms
16ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

2ae93a98c64c521dcac0afce28bf29f3b9511b1b5c6ed4db2771919b26750e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=27060851
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 123952
expires: Fri, 09 Feb 2024 19:42:37 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 0B8E 91 KB
91 KB 14ms
14ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

284dff49f0f53ffb94d8ccaeb520aa4a861c5f6616162e2e7a762771741bb319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29353349
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 93190
expires: Thu, 07 Mar 2024 08:30:54 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 0B8E 152 KB
152 KB 18ms
18ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

0058220d3d68ca88e1b6aa9b62140c3c22008963ec1d93edc01684aa758f5e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=27060851
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 155248
expires: Fri, 09 Feb 2024 19:42:36 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 0B8E 73 KB
74 KB 11ms
10ms Image
image/png 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

296f0b28cff52162ae66b9088f82dda32ef79049fd376eeba7a170c52a2d2905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29936768
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 75120
expires: Thu, 14 Mar 2024 02:34:33 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 0B8E 0
127 B 12ms
12ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=L3u-G_JjREA3bVm10yj3upSbk8hDbGBJSUqw1PqKwisfXf8mZXnvKp5wWS-30whnppuB54oo-B3GSdl4_osyAZ4bAjOTDX-2Htl_3tarTOypckNjJ41YcgMtxhJhg8lweKH_X_LWLBprXf2Suwcf2B-Naim8q40lXsHNlW08Oxsl07Zc1BliQ5L66qXpfodNuGRrL5HK0J9izac8SxLJc_jjgULniFgcDG0VmdbLyG4dawDGFVvSipROBeTKEaqgB-sjrw&sds=2&rev=85392.3&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 14:48:24 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0B8E 2 KB
1 KB 83ms
81ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:48:25 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 0B8E 2 KB
1 KB 80ms
80ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:48:25 GMT

GET
H2 200 6ad0e37510f8e3483bebad31dbd0e18a.js Show response
www.gstatic.com/mysidia/ Frame B97A 9 KB
4 KB 8016ms
1594ms Script
text/javascript 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6ad0e37510f8e3483bebad31dbd0e18a.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=3321380828&adf=2828135499&pi=t.ma~as.3209449553&w=728&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=728x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903765&bpp=3&bdt=255&idt=204&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=62&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DHF9FXBvFS&p=https%3A//law.jaknet.my.id&dtd=216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c320d790dba4c17895962386aa3587aff97e96a7c499f37dd47bf299431ce41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4014
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 22:20:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 00:47:03 GMT

GET
H2 200 391edcfc9250fc73687380a2b5a5bc72.js Show response
www.gstatic.com/mysidia/ Frame B97A 10 KB
4 KB 8015ms
1593ms Script
text/javascript 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/391edcfc9250fc73687380a2b5a5bc72.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=3321380828&adf=2828135499&pi=t.ma~as.3209449553&w=728&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=728x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903765&bpp=3&bdt=255&idt=204&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=62&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DHF9FXBvFS&p=https%3A//law.jaknet.my.id&dtd=216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d5e2c8f259d9f8be3197487826c56d6781c9547b264e16e3999cc7534268935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 484518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4409
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 22:20:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 00:13:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B97A 8 KB
966 B 8024ms
1604ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=3321380828&adf=2828135499&pi=t.ma~as.3209449553&w=728&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=728x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903765&bpp=3&bdt=255&idt=204&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=62&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DHF9FXBvFS&p=https%3A//law.jaknet.my.id&dtd=216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

167b257107cabdb59f856f00b9f9947ccea131594fda5897adb27503126a6a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 14:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 13:30:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Apr 2023 14:48:33 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame B97A 2 KB
799 B 6ms
5ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=3321380828&adf=2828135499&pi=t.ma~as.3209449553&w=728&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=728x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903765&bpp=3&bdt=255&idt=204&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=62&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DHF9FXBvFS&p=https%3A//law.jaknet.my.id&dtd=216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/ Frame B97A 22 KB
9 KB 8013ms
1598ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=3321380828&adf=2828135499&pi=t.ma~as.3209449553&w=728&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=728x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903765&bpp=3&bdt=255&idt=204&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=62&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DHF9FXBvFS&p=https%3A//law.jaknet.my.id&dtd=216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame B97A 3 KB
1 KB 7ms
6ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=3321380828&adf=2828135499&pi=t.ma~as.3209449553&w=728&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=728x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903765&bpp=3&bdt=255&idt=204&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=62&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DHF9FXBvFS&p=https%3A//law.jaknet.my.id&dtd=216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame B97A 20 KB
8 KB 8012ms
1597ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=3321380828&adf=2828135499&pi=t.ma~as.3209449553&w=728&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=728x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903765&bpp=3&bdt=255&idt=204&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=62&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DHF9FXBvFS&p=https%3A//law.jaknet.my.id&dtd=216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B97A 158 KB
49 KB 8184ms
1755ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=3321380828&adf=2828135499&pi=t.ma~as.3209449553&w=728&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=728x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903765&bpp=3&bdt=255&idt=204&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=62&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DHF9FXBvFS&p=https%3A//law.jaknet.my.id&dtd=216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Apr 2023 14:48:33 GMT

GET
H2 200 16f0d4cb97c8e7eb77e268815c2afdab.js Show response
www.gstatic.com/mysidia/ Frame B97A 34 KB
14 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16f0d4cb97c8e7eb77e268815c2afdab.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=3321380828&adf=2828135499&pi=t.ma~as.3209449553&w=728&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=728x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903765&bpp=3&bdt=255&idt=204&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=62&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DHF9FXBvFS&p=https%3A//law.jaknet.my.id&dtd=216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ae3bb0a509cfd77e56854034c90db2e31b6436cd887965bf492f9a0cf172656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:23:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14384
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 22:20:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 01 Jul 2023 06:23:50 GMT

GET
H2 200 6ad0e37510f8e3483bebad31dbd0e18a.js Show response
www.gstatic.com/mysidia/ Frame BD08 9 KB
4 KB 7967ms
1592ms Script
text/javascript 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6ad0e37510f8e3483bebad31dbd0e18a.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=2587455480&pi=t.aa~a.2076155081~i.5~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280&nras=3&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O0xeSjOfFp&p=https%3A//law.jaknet.my.id&dtd=20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c320d790dba4c17895962386aa3587aff97e96a7c499f37dd47bf299431ce41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4014
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 22:20:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 00:47:03 GMT

GET
H2 200 391edcfc9250fc73687380a2b5a5bc72.js Show response
www.gstatic.com/mysidia/ Frame BD08 10 KB
4 KB 7966ms
1592ms Script
text/javascript 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/391edcfc9250fc73687380a2b5a5bc72.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=2587455480&pi=t.aa~a.2076155081~i.5~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280&nras=3&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O0xeSjOfFp&p=https%3A//law.jaknet.my.id&dtd=20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d5e2c8f259d9f8be3197487826c56d6781c9547b264e16e3999cc7534268935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 484518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4409
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 22:20:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Jun 2023 00:13:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BD08 8 KB
989 B 7976ms
1603ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=2587455480&pi=t.aa~a.2076155081~i.5~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280&nras=3&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O0xeSjOfFp&p=https%3A//law.jaknet.my.id&dtd=20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

167b257107cabdb59f856f00b9f9947ccea131594fda5897adb27503126a6a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 14:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 14:34:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Apr 2023 14:48:33 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame BD08 2 KB
818 B 6ms
4ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=2587455480&pi=t.aa~a.2076155081~i.5~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280&nras=3&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O0xeSjOfFp&p=https%3A//law.jaknet.my.id&dtd=20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/ Frame BD08 22 KB
9 KB 7962ms
1595ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=2587455480&pi=t.aa~a.2076155081~i.5~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280&nras=3&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O0xeSjOfFp&p=https%3A//law.jaknet.my.id&dtd=20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame BD08 3 KB
1 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=2587455480&pi=t.aa~a.2076155081~i.5~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280&nras=3&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O0xeSjOfFp&p=https%3A//law.jaknet.my.id&dtd=20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame BD08 20 KB
8 KB 7963ms
1596ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=2587455480&pi=t.aa~a.2076155081~i.5~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280&nras=3&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O0xeSjOfFp&p=https%3A//law.jaknet.my.id&dtd=20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BD08 0
0 25ms
24ms Image
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQkNGrUQzy5BC4p71Xj_F_uzgV8qkgkTtE-7i1EI4tenxOOjIMGspk0H0PnuYTqjh2b-RMq_iAmVVKU6yUORGjyGQJA0w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=2587455480&pi=t.aa~a.2076155081~i.5~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280&nras=3&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O0xeSjOfFp&p=https%3A//law.jaknet.my.id&dtd=20
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BD08 158 KB
48 KB 75ms
75ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=2587455480&pi=t.aa~a.2076155081~i.5~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280&nras=3&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O0xeSjOfFp&p=https%3A//law.jaknet.my.id&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Apr 2023 14:48:33 GMT

GET
H2 200 16f0d4cb97c8e7eb77e268815c2afdab.js Show response
www.gstatic.com/mysidia/ Frame BD08 34 KB
14 KB 7ms
6ms Script
text/javascript 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16f0d4cb97c8e7eb77e268815c2afdab.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=2587455480&pi=t.aa~a.2076155081~i.5~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280&nras=3&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O0xeSjOfFp&p=https%3A//law.jaknet.my.id&dtd=20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ae3bb0a509cfd77e56854034c90db2e31b6436cd887965bf492f9a0cf172656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:23:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14384
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 22:20:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 01 Jul 2023 06:23:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 70A8 6 KB
742 B 7749ms
1604ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=200&adk=1305629257&adf=2291407919&pi=t.aa~a.1349293058~i.2~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x200&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1263&idt=1&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280%2C605x280%2C605x280&nras=5&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=8bP305lL0d&p=https%3A//law.jaknet.my.id&dtd=37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 14:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 14:35:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Apr 2023 14:48:33 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 3378 0
128 B 9377ms
10ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 14:48:35 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame A53C 0
0

GET
H2 200 img
pix.us.criteo.net/img/ Frame 3378 102 KB
102 KB 7007ms
7007ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

a5c84b162076cb6ffaaee936088c3a27a448eb4675e8babceba441650a735718

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29254484
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 104412
expires: Wed, 06 Mar 2024 05:03:17 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 3378 121 KB
121 KB 4505ms
4504ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

2ae93a98c64c521dcac0afce28bf29f3b9511b1b5c6ed4db2771919b26750e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=27060843
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 123952
expires: Fri, 09 Feb 2024 19:42:37 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 3378 91 KB
91 KB 1987ms
1986ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

284dff49f0f53ffb94d8ccaeb520aa4a861c5f6616162e2e7a762771741bb319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29353341
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 93190
expires: Thu, 07 Mar 2024 08:30:54 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 3378 0
127 B 3005ms
18ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 14:48:34 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 4698588449985860904
tpc.googlesyndication.com/simgad/ Frame BD08 3 KB
3 KB 5ms
5ms Image
image/png 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4698588449985860904?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=2587455480&pi=t.aa~a.2076155081~i.5~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280&nras=3&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O0xeSjOfFp&p=https%3A//law.jaknet.my.id&dtd=20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

097254c49033a79a34e41ac2d89bce7d11d069074c45dc3055fe76885a78f7ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 18:13:40 GMT
x-content-type-options: nosniff
age: 160493
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2717
x-xss-protection: 0
last-modified: Wed, 11 Mar 2020 03:07:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Mar 2024 18:13:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BD08 0
0 44ms
43ms Fetch
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cx0rRuJUpZLrLMu-2o9kPxLKaoA2sluPpb5eN3_PoEeiqtpWLAxABILmw7zNgycapi8Ck2A-gAczxksYDyAEBqAMBqgSTAk_QASeHcVqhekcsaEU6MS4xFTElNno6KlbiIm4hiyQcTqBCiQdMupEgVWhE6BxVtZG1AvCbS1VcU3AXjCdcAJeY7GrZEuDyiGR8YTqssHRl3vRxpWN_tR8mNRaYSgYg2w_CfiNZu035NxXzafz0KkOirJ9RK4MNqP9Ri3BnYWrgsan6h4JjFPOZQuWTMsDLgPvVKNlY-HEm9UcxSfeq_mEDfsVfbqQXFALt4OGpy0MooLt1ChVwMqFt2-yEi046_nU2m074bwFv1FHr5jfzEdPGStuDxtYgfq81cRXGMwRecXaapiXSKfhkx52_QlpQDapXpYImMdoYLYXqm5LWcTf8NIDLUVDj-_E7OiUM4spj6ep5wASXiKOgwgOSBQQIBBgBkgUECAUYBIAHnI7tOagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEJmHgQHSCA8IgGEQARhfMgKKAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMzA4NTQ1NjgwNzUwNDQ5MhgA&sigh=IzdCwspzxyE&uach_m=[UACH]&cid=CAQSKQDUE5ymGkV1oMYMXb--sX1LlAkxDU28LLiR5TrNzvadTlPKB8NSZaapGAE&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=2587455480&pi=t.aa~a.2076155081~i.5~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280&nras=3&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O0xeSjOfFp&p=https%3A//law.jaknet.my.id&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=2587455480&pi=t.aa~a.2076155081~i.5~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280&nras=3&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O0xeSjOfFp&p=https%3A//law.jaknet.my.id&dtd=20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 02 Apr 2023 14:48:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B41C 143 B
166 B 10ms
7ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=2587455480&pi=t.aa~a.2076155081~i.5~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280&nras=3&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O0xeSjOfFp&p=https%3A//law.jaknet.my.id&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=2587455480&pi=t.aa~a.2076155081~i.5~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280&nras=3&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O0xeSjOfFp&p=https%3A//law.jaknet.my.id&dtd=20
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:28:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C221 1 KB
1001 B 27ms
7ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=2587455480&pi=t.aa~a.2076155081~i.5~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280&nras=3&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O0xeSjOfFp&p=https%3A//law.jaknet.my.id&dtd=20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 68693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Apr 2023 19:43:40 GMT
etag: 48472445140208031
expires: Sun, 02 Apr 2023 19:43:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B97A 0
0 37ms
36ms Fetch
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmouPuJUpZNBTqbij2Q-ckKPgC6a2iOxt7dytg5gP1ZH8wgMQASC5sO8zYMnGqYvApNgPoAH9kor9A8gBAagDAcgDywSqBJcCT9CYDivwwQFClR0ldwu-HPVM0rVrvzDOJmwAFVlCjmSms5nz9RJA5AbqvvWKG_-jBjOYhni-62LUHS-aH1BxxTVLW1amsqqAn_PJDvg8Zl7n_aw-ixOidvbD0l4DrqdZkTlPCWWZyg2-ts6SiU4nmAx_t9jxRjf8f16YtHzYMoW7iTYHhl7N6CRlcEuN6DzNYun874_WROgvVlZaCQ3sMO-_n-TmFDcTrx3v3Sb6xOnChKq2JK-EjJaLRGmO0bswORh_8athWsHwG66w2JkBHMnDj68A6lF4jN8p3oJ28S_3PKFnRVtCA6WK3tDbnNusiSodFSgsWRXu8_zER1125NcjKTg7J1jLMYHXfZ6qoDctWS5-iIbQwASXjMfXjQKSBQQIBBgBkgUECAUYBIAHpracMqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEOCx3APSCA8IgGEQARhfMgKKAjoCgECACgHICwHYEwuIFAHQFQGAFwGyFxwKGggAEhRwdWItMzA4NTQ1NjgwNzUwNDQ5MhgA&sigh=_hdTkY-hnUk&uach_m=[UACH]&cid=CAQSGwDUE5ymNyIuJZELWOaSwgFOvbClxnb4HTrjXxgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=3321380828&adf=2828135499&pi=t.ma~as.3209449553&w=728&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=728x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903765&bpp=3&bdt=255&idt=204&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=62&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DHF9FXBvFS&p=https%3A//law.jaknet.my.id&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=3321380828&adf=2828135499&pi=t.ma~as.3209449553&w=728&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=728x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903765&bpp=3&bdt=255&idt=204&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=62&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DHF9FXBvFS&p=https%3A//law.jaknet.my.id&dtd=216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 02 Apr 2023 14:48:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E11C 143 B
166 B 10ms
8ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=3321380828&adf=2828135499&pi=t.ma~as.3209449553&w=728&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=728x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903765&bpp=3&bdt=255&idt=204&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=62&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DHF9FXBvFS&p=https%3A//law.jaknet.my.id&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=3321380828&adf=2828135499&pi=t.ma~as.3209449553&w=728&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=728x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903765&bpp=3&bdt=255&idt=204&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=62&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DHF9FXBvFS&p=https%3A//law.jaknet.my.id&dtd=216
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:28:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B97A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c521688c151d3a95e18bf631fac794afda0cbf9daea79783b76f6c76b83ad92

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BD08 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8896b47c8e11be400ad0ec44d37dc687929f68e69f562abdce4ff22627219fe5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B41C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

21ms
20ms

Document
text/html

2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=2587455480&pi=t.aa~a.2076155081~i.5~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280&nras=3&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O0xeSjOfFp&p=https%3A//law.jaknet.my.id&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:48:33 GMT
expires: Sun, 02 Apr 2023 14:48:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:48:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C221
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEN6n49Uygi4rYdrmt9FjB-U&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEN6n49Uygi4rYdrmt9FjB-U&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VlpndHNFYzUxUElaMHQ1&google_gid=CAESEN6n49Uygi4rYdrmt9FjB-U&google_cver=1&google_push=Aer7DvK-trXVGLXclwD8oVNdd_9TaKP6xqGFTM8x4Ra__VG...

170 B
188 B

24ms
22ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VlpndHNFYzUxUElaMHQ1&google_gid=CAESEN6n49Uygi4rYdrmt9FjB-U&google_cver=1&google_push=Aer7DvK-trXVGLXclwD8oVNdd_9TaKP6xqGFTM8x4Ra__VG53LBa3ybF_Se2GA_xNiV7I99WRP9MbwsrG9AmXqPEYKgRqTRJWN00dZRwtESbhLwMuAbvtq3iBnGaGmWBE-f_YD2jJH8NmEbTK_JYrTwwXwdER70

Requested by

Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 02 Apr 2023 14:48:33 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-771-ga8baae6#rel-ec2-master i-03b216213506967d1@us-east-1b@dxedge-app-us-east-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VlpndHNFYzUxUElaMHQ1&google_gid=CAESEN6n49Uygi4rYdrmt9FjB-U&google_cver=1&google_push=Aer7DvK-trXVGLXclwD8oVNdd_9TaKP6xqGFTM8x4Ra__VG53LBa3ybF_Se2GA_xNiV7I99WRP9MbwsrG9AmXqPEYKgRqTRJWN00dZRwtESbhLwMuAbvtq3iBnGaGmWBE-f_YD2jJH8NmEbTK_JYrTwwXwdER70
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C221
Redirect Chain

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEFbVRrqbcFnqidYmMqOUIfg&google_cver=1&google_push=Aer7DvIoD15WJ5RasmWXAhjJxGPGNMFtCgIEKhz5XmIhDilm2YZyaEoSEX8u8G3Yf3VdNDfLhN6VH-gM7j...
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEFbVRrqbcFnqidYmMqOUIfg&google_cver=1&google_push=Aer7DvIoD15WJ5RasmWXAhjJxGPGNMFtCgIEKhz5XmIhDilm2YZyaEoSEX8u8G3Yf3VdNDfLhN6VH-gM7j...
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aer7DvIoD15WJ5RasmWXAhjJxGPGNMFtCgIEKhz5XmIhDilm2YZyaEoSEX8u8G3Yf3VdNDfLhN6VH-gM7jRYauxkrsKQZGr0Zq2O0dVhSOjHaAPei9GbMczvJeQp6CL0zr...

170 B
188 B

22ms
21ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aer7DvIoD15WJ5RasmWXAhjJxGPGNMFtCgIEKhz5XmIhDilm2YZyaEoSEX8u8G3Yf3VdNDfLhN6VH-gM7jRYauxkrsKQZGr0Zq2O0dVhSOjHaAPei9GbMczvJeQp6CL0zroiWbFMVjYISZ3uYg877DTM7CRJHqQ&google_hm=MDMwMTAwMDlfNjQyOTk1YzIwY2M0Yw%3D%3D

Requested by

Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 02 Apr 2023 14:48:34 GMT
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aer7DvIoD15WJ5RasmWXAhjJxGPGNMFtCgIEKhz5XmIhDilm2YZyaEoSEX8u8G3Yf3VdNDfLhN6VH-gM7jRYauxkrsKQZGr0Zq2O0dVhSOjHaAPei9GbMczvJeQp6CL0zroiWbFMVjYISZ3uYg877DTM7CRJHqQ&google_hm=MDMwMTAwMDlfNjQyOTk1YzIwY2M0Yw%3D%3D
content-type: text/html; charset=UTF-8
cache-control: no-cache
keep-alive: timeout=10
access-control-allow-headers: Origin

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C221
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEHDfdFkzkp9VHSNaluvYlWk&google_cver=1&google_push=Aer7DvICESmCSdYYp16e4SjDgvXgKNacc3k2YrpaQi4ZmphvuUP_btyyBq0blVGOP8opGmrs-vMxrn58AipgFeCmrOgTPmNlrgsml...
https://rtb.openx.net/sync/dds?google_gid=CAESEHDfdFkzkp9VHSNaluvYlWk&google_cver=1&google_push=Aer7DvICESmCSdYYp16e4SjDgvXgKNacc3k2YrpaQi4ZmphvuUP_btyyBq0blVGOP8opGmrs-vMxrn58AipgFeCmrOgTPmNlrgsml...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=Aer7DvICESmCSdYYp16e4SjDgvXgKNacc3k2YrpaQi4ZmphvuUP_btyyBq0blVGOP8opGmrs-vMxrn58AipgFeCmrOgTPmNlrgsmlZD7kJXAw16WnaumViPpHJRGLMUn1EDiVP...

170 B
188 B

24ms
22ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=Aer7DvICESmCSdYYp16e4SjDgvXgKNacc3k2YrpaQi4ZmphvuUP_btyyBq0blVGOP8opGmrs-vMxrn58AipgFeCmrOgTPmNlrgsmlZD7kJXAw16WnaumViPpHJRGLMUn1EDiVPJJxaDN21pe0Jz2Azp55I1ZGG4&google_hm=xo-elUl7whQoetRglXMV9g==

Requested by

Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:33 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=Aer7DvICESmCSdYYp16e4SjDgvXgKNacc3k2YrpaQi4ZmphvuUP_btyyBq0blVGOP8opGmrs-vMxrn58AipgFeCmrOgTPmNlrgsmlZD7kJXAw16WnaumViPpHJRGLMUn1EDiVPJJxaDN21pe0Jz2Azp55I1ZGG4&google_hm=xo-elUl7whQoetRglXMV9g==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 3qjdkh4gr77hk1tte7jgd15hkcq9qvb4

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C221
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESED7sTa-DZ-gqs5Q9jA2meWA&google_cver=1&google_push=Aer7DvKUhgx7n7R57UinvKdlOE97FAuHvwhXWyNuZEK6SR3JVCF9aX49rBSu3yec86LFMx6P2VhpzlH7QPM25E6RI3kFqXAtvHuh8...
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aer7DvKUhgx7n7R57UinvKdlOE97FAuHvwhXWyNuZEK6SR3JVCF9aX49rBSu3yec86LFMx6P2VhpzlH7QPM25E6RI3kFqXAtvHuh805bNK2jOquq2VGZ6rMJEECUgEELbx...

170 B
188 B

21ms
20ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aer7DvKUhgx7n7R57UinvKdlOE97FAuHvwhXWyNuZEK6SR3JVCF9aX49rBSu3yec86LFMx6P2VhpzlH7QPM25E6RI3kFqXAtvHuh805bNK2jOquq2VGZ6rMJEECUgEELbxwBCJt-lmv8WTBc5vFBHyrth_TJbZ4&google_hm=cd80689b8da0220e7208d2342136cf57

Requested by

Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=Aer7DvKUhgx7n7R57UinvKdlOE97FAuHvwhXWyNuZEK6SR3JVCF9aX49rBSu3yec86LFMx6P2VhpzlH7QPM25E6RI3kFqXAtvHuh805bNK2jOquq2VGZ6rMJEECUgEELbxwBCJt-lmv8WTBc5vFBHyrth_TJbZ4&google_hm=cd80689b8da0220e7208d2342136cf57
date: Sun, 02 Apr 2023 14:48:33 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C221
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESECOyQPpha59FP87g1inRVjA&google_cver=1&google_push=Aer7DvJVWs6LLUn8-DvTgKDlw_lLHsmeiu3eIl7wkk-LaHLvBMhwM6OIl...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aer7DvJVWs6LLUn8-DvTgKDlw_lLHsmeiu3eIl7wkk-LaHLvBMhwM6OIlFQNcZ3bjr3S6YqGJOoCfnEOsikfwV-Ub_1kxxPih8xKswhMkmWWHJVkmwYVgWzR12frLrP2i...

170 B
188 B

22ms
21ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aer7DvJVWs6LLUn8-DvTgKDlw_lLHsmeiu3eIl7wkk-LaHLvBMhwM6OIlFQNcZ3bjr3S6YqGJOoCfnEOsikfwV-Ub_1kxxPih8xKswhMkmWWHJVkmwYVgWzR12frLrP2iGl2FJeeyRIK6KNIbPgCR2l01Q9qUjRa&google_hm=QlMuMjE1Yi1mNThhLTRiZjYtYjI3OA==

Requested by

Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aer7DvJVWs6LLUn8-DvTgKDlw_lLHsmeiu3eIl7wkk-LaHLvBMhwM6OIlFQNcZ3bjr3S6YqGJOoCfnEOsikfwV-Ub_1kxxPih8xKswhMkmWWHJVkmwYVgWzR12frLrP2iGl2FJeeyRIK6KNIbPgCR2l01Q9qUjRa&google_hm=QlMuMjE1Yi1mNThhLTRiZjYtYjI3OA==
Date: Sun, 02 Apr 2023 14:48:33 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H2

200

report
sync.teads.tv/um/ Frame C221
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEB4w2pBQxSAIvxx9dKHMDSI&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MTY2ZDVkYjYtYWUxOS00MDAyLWJkMGMtODMyYzc2NjIxMzkx&google_push=Aer7DvKrV6ezk0-F0-MKX-6Xb6WM3FomEFK327pryHPwLpUPbGWKGTKHI3-XMNY4PnbKA...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

16ms
14ms

Image
image/gif

96.6.23.74

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/
Protocol: H2
Server: 96.6.23.74 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Sun, 02 Apr 2023 14:48:33 GMT
pragma: no-cache
date: Sun, 02 Apr 2023 14:48:33 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 502 google
sync-dmp.mobtrakk.com/match/ Frame C221 0
0 69ms
22ms Image
text/html 3.135.132.32

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEPQFiEK_b-ZjufG5Slk4vZU&google_cver=1&google_push=Aer7DvIJ4qHqF10MiB3qZa0DVGXmDjIjfv75Cxkq8kXd2sQD2wO0E8CnmJREE983FzyOChHBdraAEIvafKzhuA6p42VMod81PKv1i2s9G14fzJGBi5JeB5ia9sVw42UtitVer5LTgn4Zz1zqXBB9R6QjGHyuoOiQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=2587455480&pi=t.aa~a.2076155081~i.5~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280&nras=3&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O0xeSjOfFp&p=https%3A//law.jaknet.my.id&dtd=20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.135.132.32 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C221 0
12 B 21ms
18ms Image
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JjHHIg-Obq_Nq7dOr7DdnfMHxQaEgBoH90EhTfqtBPDQCn1cP5_q6biRu-nr8c9iPPd3opaoG-

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=4248982197&adf=2587455480&pi=t.aa~a.2076155081~i.5~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1264&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280&nras=3&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=2945&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=O0xeSjOfFp&p=https%3A//law.jaknet.my.id&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E11C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

24ms
21ms

Document
text/html

2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=3321380828&adf=2828135499&pi=t.ma~as.3209449553&w=728&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=728x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903765&bpp=3&bdt=255&idt=204&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=62&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DHF9FXBvFS&p=https%3A//law.jaknet.my.id&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:48:33 GMT
expires: Sun, 02 Apr 2023 14:48:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:48:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame BD08 28 KB
28 KB 6ms
5ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:22 GMT
x-content-type-options: nosniff
age: 447431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:22 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame B97A 28 KB
28 KB 5ms
4ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:22 GMT
x-content-type-options: nosniff
age: 447431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:22 GMT

GET
H2 200 YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D7D 36 KB
14 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=3321380828&adf=2828135499&pi=t.ma~as.3209449553&w=728&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=728x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903765&bpp=3&bdt=255&idt=204&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=580&ady=62&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DHF9FXBvFS&p=https%3A//law.jaknet.my.id&dtd=216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63366603b6b4f2ff5fd3cedfc2a503668acbfbb4c11e63ce80f5b57144bc7df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:14:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 484467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14293
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Mar 2024 00:14:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 553D 3 KB
1 KB 6ms
4ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=1092558004&adf=3480699455&pi=t.aa~a.1349293058~i.1~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1263&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280%2C605x280&nras=4&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=oWJnjVFHj0&p=https%3A//law.jaknet.my.id&dtd=27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame 553D 20 KB
8 KB 7ms
5ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 553D 0
0 23ms
22ms Image
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxYQR3ATIhBc6LBzMTi8D1zQBJuWgYg36PgavKy8rOwPERo43l-jpyOZQoCo4MWlELKAoNLwDG-37ATDSaGKGONUk3bg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=1092558004&adf=3480699455&pi=t.aa~a.1349293058~i.1~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1263&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280%2C605x280&nras=4&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=oWJnjVFHj0&p=https%3A//law.jaknet.my.id&dtd=27
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 553D 158 KB
49 KB 68ms
66ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Apr 2023 14:48:34 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 553D 0
0 42ms
33ms Fetch
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CefQPwZUpZJ_RKqLto9kPmpGcwAucge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMzA4NTQ1NjgwNzUwNDQ5MsgBCagDAaoEiwJP0IoMELWxfr5GU1iMwvuTuvZPo_ayFOJaUJFmWtDQ-zrcRCUnKvuWorY0vEQnI6fVttceAWorPIphMxuhpWqabe4EHaMRXY6RHW4DoNmnqQyLaHMxM8kcDyOTUE8_U27uq5MLvesqBIes_Bvk-eQr0wQVBKWPTmbJMs-TqLLBQtfehJTtSPD6VjlTJOC-mRQK1ACAqToNGkNO-0giiakLvEgKSVRRkT_mJxCQzZkkFjmcp6QDkP4-_b6KBaLh_Nv1lGGG_cnGLzOuE9W709IL9_ctY1L6VSLifRfvG7s5HSEHdQRKwukLDPDws4v2ng3eKfWOlir49lUWDHyem_UQ338MJvaiYYE-qlOABvKyj66P4s-nxgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMDg1NDU2ODA3NTA0NDkyGAA&sigh=T3tnlIsCTBM&uach_m=[UACH]&cid=CAQSKQDUE5ymTU3vbQpelU6NuUvUR5l5y9afTN4W9wbd46e1zp-9fYYKrTZrGAE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=1092558004&adf=3480699455&pi=t.aa~a.1349293058~i.1~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1263&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280%2C605x280&nras=4&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=oWJnjVFHj0&p=https%3A//law.jaknet.my.id&dtd=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 02 Apr 2023 14:48:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.da.us.criteo.com/google/auction/ Frame 553D 0
0 49ms
41ms Fetch 2620:100:a005::14
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.da.us.criteo.com/google/auction/notify?profile=14&payload=k_PsFc36RN0EmALiIp0XAgAAAEy8Ldqw5m-0aDXPzYa6fAYQwZUpZB8ZXpEhbDNZMeYAABIAAAoKQVFVRERBRUJEQQ&wp=ZCmVwQAKqJ8FKPaiAAcImqgGq8EWps_Ad_praw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a005::14 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:34 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 321087
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame E67F 133 KB
45 KB 33ms
29ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZCmVwQAKqJ8FKPaiAAcImqgGq8EWps_Ad_praw&u=%7CmMIve2H2MfZgulxGx75h7ywZ%2BI%2Fv3BDwSa97cA8tZxI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AYdxcVbiUcTIVOAzbCnvcQZApWQ2SYTd-wuNJ_OAOuubl0ke6_SiBf072Bof5AHuLLzOOf3iLIdpR4ec08UGfiZ2fdEWFxr0hV-JOMcVGPrXEy3P2BErt-anFrMy_4vwjHucWIAPw2iws0oZa3ar4bS7ujLsPuwYkMcq5Rk-F405fmzAnpc8dMd7ZdZ9gccZeiDmNZYIEEMGLhkoFBITEnlTQwJ0weU1sHG_oM9imupER4_Qr5kr7-DJ3RkYjHTIit-fhH4ojfs81RcGHurwLqr7W8T7zfXgjj3yNI1Q5GQU_MP161UKNhhkrGffv-mBiwM1yT-KX-50qZThdE62QNggsr155BE2c-TB-TrTk2FEL0GNlfvvBEju77r42Bo9Z-HIY7MZQ-qGfaLWgiSC5OxcJdL3hDlVk-3jRkXn0L3d9wVSClEeMX8jOxWJcgSqAUTYrgSPsPXbgxu9Ff48Bk0MVRwUFZQ5mBp6qTkcBvfTL4XiMy9YOAhUMOGa8rGab-IuSZUVZRIvthgKfTCzcvrDMYft_ysWhYCF_uC1lYrd1naq8WrDaU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwhQtwZUpZJ_RKqLto9kPmpGcwAucge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMzA4NTQ1NjgwNzUwNDQ5MsgBCagDAaoEjgJP0IoMELWxfr5GU1iMwvuTuvZPo_ayFOJaUJFmWtDQ-zrcRCUnKvuWorY0vEQnI6fVttceAWorPIphMxuhpWqabe4EHaMRXY6RHW4DoNmnqQyLaHMxM8kcDyOTUE8_U27uq5MLvesqBIes_Bvk-eQr0wQVBKWPTmbJMs-TqLLBQtfehJTtSPD6VjlTJOC-mRQK1ACAqToNGkNO-0giiakLvEgKSVRRkT_mJxCQzZkkFjmcp6QDkP4-_b6KBaLh_Nv1lGGG_cnGLzOuE9W709IL9_ctY1L6VSLifRfvG7s5HSEHdQRKwqsJLGJbQQL2XYSzpR70H-lPyn0fImRaAAZqVrayONq6yFevqpCWbgCABvKyj66P4s-nxgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1PGqerHoL-u2fl9gLFOtAEwm1Lgg%26client%3Dca-pub-3085456807504492%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8c2bab8b60ce536537cef62376cc09861a7b2975684ff2ea46586451b9513262

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:48:34 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=-9UTFPJjREA3bVm1N027xYHzli4ptAnXPvJkaCHohD7a1lRCODQWYmHXsvQhyOQlIdkF4aCVwfNKuBDr3lRC52J-n0uUpUS_sHSPhYVIGOq-zaobSJCJ-dr6BTQRBX6AUYWYXuCLPl42XQoFskPc06EmO8ab2DtTxnwSPVG6OCVB9fKtteqpFLesXbZcpzmcVqyhEwQ5nOXCGxasybIYI9Ttocbf_k7PXCilKX4ORLKJtK_VfGQiK52tpSlPjC4WzrrUSQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 15228186
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F7E4 1 KB
682 B 6ms
4ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 68694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Apr 2023 19:43:40 GMT
etag: 48472445140208031
expires: Sun, 02 Apr 2023 19:43:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 553D 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbb52074e1017e80f4581457a5674544fd07a87a73616f257e072efb790582de

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F7E4
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMRGvwiZpJXRvWN_T6XOq0k&google_cver=1&google_push=Aer7DvKIKkEgUIhBMpkjBaKuCOtaIYtR_hZuJ-USlH6VRqnnDkhTC_KPx1...
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=Aer7DvKIKkEgUIhBMpkjBaKuCOtaIYtR_hZuJ-USlH6VRqnnDkhTC_KPx1GqZN6VI3GQLMLEpSJxiAReYFlFQ3_hfT21HvaiH6Jgqds&google_hm=9z7...

170 B
188 B

23ms
22ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=Aer7DvKIKkEgUIhBMpkjBaKuCOtaIYtR_hZuJ-USlH6VRqnnDkhTC_KPx1GqZN6VI3GQLMLEpSJxiAReYFlFQ3_hfT21HvaiH6Jgqds&google_hm=9z7czCRvta4n_YmOeKBzFg

Requested by

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=Aer7DvKIKkEgUIhBMpkjBaKuCOtaIYtR_hZuJ-USlH6VRqnnDkhTC_KPx1GqZN6VI3GQLMLEpSJxiAReYFlFQ3_hfT21HvaiH6Jgqds&google_hm=9z7czCRvta4n_YmOeKBzFg
pragma: no-cache
date: Sun, 02 Apr 2023 14:48:34 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame F7E4
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJ2hbDRZmu2zbjb3dwJTQRI&google_cver=1&google_push=Aer7DvLBw7GU9zjYNxIhnHo-zBRKRD6lIV2zrxTiieYb26BIYMnchi8GzxGuP18AlnD2dQsVWA5do5RIDjo3-qx5zdg2rZSyquBDx...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJ2hbDRZmu2zbjb3dwJTQRI&google_cver=1&google_push=Aer7DvLBw7GU9zjYNxIhnHo-zBRKRD6lIV2zrxTiieYb26BIYMnchi8GzxGuP18AlnD2dQsVWA5do5RIDjo3-qx5zdg2rZSyquB...

43 B
409 B

80ms
78ms

Image
image/gif

2606:4700::6812:19ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJ2hbDRZmu2zbjb3dwJTQRI&google_cver=1&google_push=Aer7DvLBw7GU9zjYNxIhnHo-zBRKRD6lIV2zrxTiieYb26BIYMnchi8GzxGuP18AlnD2dQsVWA5do5RIDjo3-qx5zdg2rZSyquBDxtk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvLBw7GU9zjYNxIhnHo-zBRKRD6lIV2zrxTiieYb26BIYMnchi8GzxGuP18AlnD2dQsVWA5do5RIDjo3-qx5zdg2rZSyquBDxtk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&adk=1092558004&adf=3480699455&pi=t.aa~a.1349293058~i.1~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1263&idt=-M&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280%2C605x280&nras=4&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=3534&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=oWJnjVFHj0&p=https%3A//law.jaknet.my.id&dtd=27
Protocol: H2
Server: 2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:34 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b19df9e59cd439f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:34 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1749
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJ2hbDRZmu2zbjb3dwJTQRI&google_cver=1&google_push=Aer7DvLBw7GU9zjYNxIhnHo-zBRKRD6lIV2zrxTiieYb26BIYMnchi8GzxGuP18AlnD2dQsVWA5do5RIDjo3-qx5zdg2rZSyquBDxtk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvLBw7GU9zjYNxIhnHo-zBRKRD6lIV2zrxTiieYb26BIYMnchi8GzxGuP18AlnD2dQsVWA5do5RIDjo3-qx5zdg2rZSyquBDxtk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b19df9dc93b439f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F7E4
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPyGa9WEt9jDmk9k5M1l-dA&google_cver=1&google_push=Aer7DvJqL7whvOwIg4pJzfBZCChxDUIshCicaozUKbTSZH8x-3OeautTB1BxK6nbVeOmw1Ec_oTzSJNftKW68p7V...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CE3h3I2STPC7T_9NGjnQcw2&google_push=Aer7DvJqL7whvOwIg4pJzfBZCChxDUIshCicaozUKbTSZH8x-3OeautTB1BxK6nbVeOmw1Ec_oTzSJNftKW68p7V_9MLFs-QP8ZK_X0

170 B
188 B

23ms
23ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CE3h3I2STPC7T_9NGjnQcw2&google_push=Aer7DvJqL7whvOwIg4pJzfBZCChxDUIshCicaozUKbTSZH8x-3OeautTB1BxK6nbVeOmw1Ec_oTzSJNftKW68p7V_9MLFs-QP8ZK_X0

Requested by

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 02 Apr 2023 14:48:34 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CE3h3I2STPC7T_9NGjnQcw2&google_push=Aer7DvJqL7whvOwIg4pJzfBZCChxDUIshCicaozUKbTSZH8x-3OeautTB1BxK6nbVeOmw1Ec_oTzSJNftKW68p7V_9MLFs-QP8ZK_X0
x-host: tde-deliveryengine-production-86c874c4d8-wzc4h
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F7E4
Redirect Chain

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEGDqsrc9aayrZN0FU5Z9dh8&google_cver=1&google_push=Aer7DvLR7uMiB4RxN7zdMD5Q2EmzaIJdH_reYdEKZ0NAGCg650rdc05KKn54a-V0DRmUrqNfgypyVt-_nV...
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEGDqsrc9aayrZN0FU5Z9dh8&google_cver=1&google_push=Aer7DvLR7uMiB4RxN7zdMD5Q2EmzaIJdH_reYdEKZ0NAGCg650rdc05KKn54a-V0DRmUrqNfgypyVt-_nV...
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aer7DvLR7uMiB4RxN7zdMD5Q2EmzaIJdH_reYdEKZ0NAGCg650rdc05KKn54a-V0DRmUrqNfgypyVt-_nVmes9LFlD3j7KK2c2CErQ&google_hm=MDMwMTAwMDlfNjQyO...

170 B
188 B

24ms
23ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aer7DvLR7uMiB4RxN7zdMD5Q2EmzaIJdH_reYdEKZ0NAGCg650rdc05KKn54a-V0DRmUrqNfgypyVt-_nVmes9LFlD3j7KK2c2CErQ&google_hm=MDMwMTAwMDlfNjQyOTk1YzIwY2M0Yw%3D%3D

Requested by

Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 02 Apr 2023 14:48:34 GMT
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aer7DvLR7uMiB4RxN7zdMD5Q2EmzaIJdH_reYdEKZ0NAGCg650rdc05KKn54a-V0DRmUrqNfgypyVt-_nVmes9LFlD3j7KK2c2CErQ&google_hm=MDMwMTAwMDlfNjQyOTk1YzIwY2M0Yw%3D%3D
content-type: text/html; charset=UTF-8
cache-control: no-cache
keep-alive: timeout=10
access-control-allow-headers: Origin

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F7E4
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEJhzTDok7wlqkU6q4dNQ_ZA&c_param1=Aer7DvIvZZfZ_xy4IUpeFMc8yjT2NPafSvAZgRgyNVrM8MW8t70sxMqkfwC19bQ9I-xq5SUvVaYtY_SyBckuXZ5K6Y4EdlnMRyXYfiY&gdpr=%%GDPR...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aer7DvIvZZfZ_xy4IUpeFMc8yjT2NPafSvAZgRgyNVrM8MW8t70sxMqkfwC19bQ9I-xq5SUvVaYtY_SyBckuXZ5K6Y4EdlnMRyXYfiY

170 B
188 B

24ms
24ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aer7DvIvZZfZ_xy4IUpeFMc8yjT2NPafSvAZgRgyNVrM8MW8t70sxMqkfwC19bQ9I-xq5SUvVaYtY_SyBckuXZ5K6Y4EdlnMRyXYfiY

Requested by

Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aer7DvIvZZfZ_xy4IUpeFMc8yjT2NPafSvAZgRgyNVrM8MW8t70sxMqkfwC19bQ9I-xq5SUvVaYtY_SyBckuXZ5K6Y4EdlnMRyXYfiY
date: Sun, 02 Apr 2023 14:48:34 GMT
server: nginx/1.23.2
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F7E4
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGQcGAYwR9MfycOLZxqyW_w&google_cver=1&google_push=Aer7DvJyLgVU8l4wnpEpf9WFORfrmbFz7tUqe5T0QuwCwYFYP_ugLD3U-NVktgZbljnIhxdXVJ37H2le...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGQcGAYwR9MfycOLZxqyW_w&google_cver=1&google_push=Aer7DvJyLgVU8l4wnpEpf9WFORfrmbFz7tUqe5T0QuwCwYFYP_ugLD3U-NVktgZbljnIhxdXVJ3...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjcxODYyNDY5MDcyMjk4NzMzMQ&google_push=Aer7DvJyLgVU8l4wnpEpf9WFORfrmbFz7tUqe5T0QuwCwYFYP_ugLD3U-NVktgZbljnIhxdXVJ37H2...

170 B
188 B

22ms
21ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjcxODYyNDY5MDcyMjk4NzMzMQ&google_push=Aer7DvJyLgVU8l4wnpEpf9WFORfrmbFz7tUqe5T0QuwCwYFYP_ugLD3U-NVktgZbljnIhxdXVJ37H2leJCYqufyCWUDj5rI6TaBUgVI

Requested by

Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjcxODYyNDY5MDcyMjk4NzMzMQ&google_push=Aer7DvJyLgVU8l4wnpEpf9WFORfrmbFz7tUqe5T0QuwCwYFYP_ugLD3U-NVktgZbljnIhxdXVJ37H2leJCYqufyCWUDj5rI6TaBUgVI
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F7E4
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEExBSlPk9yTEmm2U5T7eTsI&google_cver=1&google_push=Aer7DvIOIFDBzy8LpotcC4WhDbFyB0pFUGvM4kV-RJH7F7JNF7Di6DkEAYGp1rrQF-MDvu0yo6FjRdt4rh1QX...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEExBSlPk9yTEmm2U5T7eTsI&google_push=Aer7DvIOIFDBzy8LpotcC4WhDbFyB0pFUGvM4kV-RJH7F7JNF7Di6DkEAYGp1rrQF-MDvu0yo6FjRdt4rh1QX...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvIOIFDBzy8LpotcC4WhDbFyB0pFUGvM4kV-RJH7F7JNF7Di6DkEAYGp1rrQF-MDvu0yo6FjRdt4rh1QXTlAAzZvEAlrqCe8p4I&google_hm=VzZySE5jZHVQVHhsR...

170 B
188 B

23ms
22ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvIOIFDBzy8LpotcC4WhDbFyB0pFUGvM4kV-RJH7F7JNF7Di6DkEAYGp1rrQF-MDvu0yo6FjRdt4rh1QXTlAAzZvEAlrqCe8p4I&google_hm=VzZySE5jZHVQVHhsR0hYb0pGTTU=

Requested by

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 02 Apr 2023 14:48:34 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvIOIFDBzy8LpotcC4WhDbFyB0pFUGvM4kV-RJH7F7JNF7Di6DkEAYGp1rrQF-MDvu0yo6FjRdt4rh1QXTlAAzZvEAlrqCe8p4I&google_hm=VzZySE5jZHVQVHhsR0hYb0pGTTU=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 239
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F7E4 0
12 B 21ms
19ms Image
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IEz035Srvn6MHpCRCv6UXp0LvLya9781c5vD6V9CDRzSwHE6RofS3ttHHtfabXvBLKYaYv

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame E67F 2 KB
1 KB 83ms
81ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZCmVwQAKqJ8FKPaiAAcImqgGq8EWps_Ad_praw&u=%7CmMIve2H2MfZgulxGx75h7ywZ%2BI%2Fv3BDwSa97cA8tZxI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AYdxcVbiUcTIVOAzbCnvcQZApWQ2SYTd-wuNJ_OAOuubl0ke6_SiBf072Bof5AHuLLzOOf3iLIdpR4ec08UGfiZ2fdEWFxr0hV-JOMcVGPrXEy3P2BErt-anFrMy_4vwjHucWIAPw2iws0oZa3ar4bS7ujLsPuwYkMcq5Rk-F405fmzAnpc8dMd7ZdZ9gccZeiDmNZYIEEMGLhkoFBITEnlTQwJ0weU1sHG_oM9imupER4_Qr5kr7-DJ3RkYjHTIit-fhH4ojfs81RcGHurwLqr7W8T7zfXgjj3yNI1Q5GQU_MP161UKNhhkrGffv-mBiwM1yT-KX-50qZThdE62QNggsr155BE2c-TB-TrTk2FEL0GNlfvvBEju77r42Bo9Z-HIY7MZQ-qGfaLWgiSC5OxcJdL3hDlVk-3jRkXn0L3d9wVSClEeMX8jOxWJcgSqAUTYrgSPsPXbgxu9Ff48Bk0MVRwUFZQ5mBp6qTkcBvfTL4XiMy9YOAhUMOGa8rGab-IuSZUVZRIvthgKfTCzcvrDMYft_ysWhYCF_uC1lYrd1naq8WrDaU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwhQtwZUpZJ_RKqLto9kPmpGcwAucge-wXNKWqap0wI23ARABIABgoQKCARdjYS1wdWItMzA4NTQ1NjgwNzUwNDQ5MsgBCagDAaoEjgJP0IoMELWxfr5GU1iMwvuTuvZPo_ayFOJaUJFmWtDQ-zrcRCUnKvuWorY0vEQnI6fVttceAWorPIphMxuhpWqabe4EHaMRXY6RHW4DoNmnqQyLaHMxM8kcDyOTUE8_U27uq5MLvesqBIes_Bvk-eQr0wQVBKWPTmbJMs-TqLLBQtfehJTtSPD6VjlTJOC-mRQK1ACAqToNGkNO-0giiakLvEgKSVRRkT_mJxCQzZkkFjmcp6QDkP4-_b6KBaLh_Nv1lGGG_cnGLzOuE9W709IL9_ctY1L6VSLifRfvG7s5HSEHdQRKwqsJLGJbQQL2XYSzpR70H-lPyn0fImRaAAZqVrayONq6yFevqpCWbgCABvKyj66P4s-nxgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1PGqerHoL-u2fl9gLFOtAEwm1Lgg%26client%3Dca-pub-3085456807504492%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:48:34 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame E67F 2 KB
1 KB 87ms
84ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:48:34 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame E67F 308 B
636 B 83ms
81ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 27 Mar 2024 14:48:34 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame E67F 293 B
621 B 84ms
83ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 27 Mar 2024 14:48:34 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame E67F 43 B
347 B 14ms
13ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=Y91hNuQWwDvBpQkd-myv4xp5MYtrACzYIkgdRfiW8wPPnlgT_5DElOs7gZJ-twy0OvXcdGTZVMQT0H9UTWKGNXpyzOQqolJkyyS66wOX7_eeBDlnkZf3HqBJbQhwqjIkvHuoNY90Bse_p-aenDE8PajGASvPmn5wpW7AGEDgwEZOHbucqrAA5O10Ayn8NNLr25SO5vpx7nY82irAk91XzlJQiVqB6Zy4ccsk6GNMFFO-hML7o10kLKSYvVYaOD5u8C7mnGMM7CTx1ghwclgyZRpatFFLrOBlYVwAZEbhshk5Y-6g_86lbC6cV3hn1NAJWijaHddbe34yrVqM1uHACVs5kK4vo2PPIvb7OSiiXkqFvyxrlPpOtJBYmcOphPpw-8YyDeSdL6wjr0t4ZsTHMAye0DjFIHcDiV23S5WtXUiTt33v

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3350381
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

B29096893.358774381;dc_pre=CNKyi8u4i_4CFQPfyAodI6cEDQ;dc_trk_aid=549583343;dc_trk_cid=143229792;dcopt=anid;ord=642995c1a1e2aeb2f6d6b9a06d8b6a6f;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N1305126.154378CRITEO/ Frame E67F
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1305126.154378CRITEO/B29096893.358774381;dc_trk_aid=549583343;dc_trk_cid=143229792;dcopt=anid;ord=642995c1a1e2aeb2f6d6b9a06d8b6a6f;dc_lat=;dc_rdid=;tag_for_...
https://ad.doubleclick.net/ddm/trackimp/N1305126.154378CRITEO/B29096893.358774381;dc_pre=CNKyi8u4i_4CFQPfyAodI6cEDQ;dc_trk_aid=549583343;dc_trk_cid=143229792;dcopt=anid;ord=642995c1a1e2aeb2f6d6b9a0...

42 B
63 B

34ms
32ms

Image
image/gif

142.250.80.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1305126.154378CRITEO/B29096893.358774381;dc_pre=CNKyi8u4i_4CFQPfyAodI6cEDQ;dc_trk_aid=549583343;dc_trk_cid=143229792;dcopt=anid;ord=642995c1a1e2aeb2f6d6b9a06d8b6a6f;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?

Requested by

Protocol

Server

142.250.80.102 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N1305126.154378CRITEO/B29096893.358774381;dc_pre=CNKyi8u4i_4CFQPfyAodI6cEDQ;dc_trk_aid=549583343;dc_trk_cid=143229792;dcopt=anid;ord=642995c1a1e2aeb2f6d6b9a06d8b6a6f;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame E67F 12 KB
5 KB 12ms
12ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2156337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdfGLKrfqDO4hxxY9PUtHUsEVo9XuyilMLcJTzyablYOmrSc4cf26C0IOmEGnt0IVHP9PuJEHgI66Smejbxw1KBSUkVPU6IKRQ%2FoR%2BQn0Jig8auZO%2BbDBSB61sWFK4DtAAHvw4zIGHA36bmfLilI99GU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b19df9ddee4424d-EWR
expires: Fri, 22 Mar 2024 14:48:34 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame E67F 12 KB
6 KB 90ms
90ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:48:34 GMT

GET
H2 200 e8fa26c560fc4a339cc1823e67dbd1fa_avenir-next-regular.woff
static.criteo.net/design/dt/ Frame E67F 47 KB
47 KB 104ms
100ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e8fa26c560fc4a339cc1823e67dbd1fa_avenir-next-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ea8bdaf9d3679df5dae432416a9cb041ef81ef8e0b7a511bf9a2865d680bb3b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 13 Mar 2018 16:31:17 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5aa7fcd5-bcc4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:48:34 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame E67F 102 KB
102 KB 12ms
10ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

a5c84b162076cb6ffaaee936088c3a27a448eb4675e8babceba441650a735718

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29254483
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 104412
expires: Wed, 06 Mar 2024 05:03:17 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame E67F 121 KB
121 KB 16ms
15ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

2ae93a98c64c521dcac0afce28bf29f3b9511b1b5c6ed4db2771919b26750e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=27060842
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 123952
expires: Fri, 09 Feb 2024 19:42:37 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame E67F 91 KB
91 KB 13ms
12ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

284dff49f0f53ffb94d8ccaeb520aa4a861c5f6616162e2e7a762771741bb319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29353340
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 93190
expires: Thu, 07 Mar 2024 08:30:54 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame E67F 152 KB
152 KB 17ms
16ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

0058220d3d68ca88e1b6aa9b62140c3c22008963ec1d93edc01684aa758f5e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=27060842
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 155248
expires: Fri, 09 Feb 2024 19:42:36 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame E67F 73 KB
74 KB 11ms
11ms Image
image/png 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

296f0b28cff52162ae66b9088f82dda32ef79049fd376eeba7a170c52a2d2905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29936759
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 75120
expires: Thu, 14 Mar 2024 02:34:33 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame E67F 0
127 B 1147ms
10ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=-9UTFPJjREA3bVm1N027xYHzli4ptAnXPvJkaCHohD7a1lRCODQWYmHXsvQhyOQlIdkF4aCVwfNKuBDr3lRC52J-n0uUpUS_sHSPhYVIGOq-zaobSJCJ-dr6BTQRBX6AUYWYXuCLPl42XQoFskPc06EmO8ab2DtTxnwSPVG6OCVB9fKtteqpFLesXbZcpzmcVqyhEwQ5nOXCGxasybIYI9Ttocbf_k7PXCilKX4ORLKJtK_VfGQiK52tpSlPjC4WzrrUSQ&sds=2&rev=85392.3&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 14:48:35 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E67F 2 KB
1 KB 79ms
79ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:48:34 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame E67F 2 KB
1 KB 80ms
80ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Mar 2024 14:48:34 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 3378 152 KB
152 KB 11ms
10ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: law.jaknet.my.id
URL: https://law.jaknet.my.id/protect-yourself-from-netflix-scams-insights-from-a-law-attorney/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

0058220d3d68ca88e1b6aa9b62140c3c22008963ec1d93edc01684aa758f5e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=27060842
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 155248
expires: Fri, 09 Feb 2024 19:42:36 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame B97A 0
0

GET
H2 200 css
fonts.googleapis.com/ Frame DC6F 8 KB
989 B 21ms
19ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=60&adk=1603365305&adf=2862744360&pi=t.aa~a.4232182926~rp.1&w=660&fwrn=4&fwrnh=100&lmt=1680446904&rafmt=1&to=qs&pwprc=6981954120&format=660x60&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904821&bpp=1&bdt=1311&idt=1&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280%2C605x280%2C605x280%2C605x200&nras=6&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=302&ady=4769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=sRlpkZ9uoJ&p=https%3A//law.jaknet.my.id&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

167b257107cabdb59f856f00b9f9947ccea131594fda5897adb27503126a6a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Apr 2023 14:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 14:37:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Apr 2023 14:48:35 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame DC6F 2 KB
799 B 7ms
6ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/ Frame DC6F 22 KB
9 KB 4ms
3ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame DC6F 3 KB
1 KB 4ms
3ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/ Frame DC6F 20 KB
8 KB 5ms
5ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230329/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Apr 2023 06:20:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DC6F 0
0 23ms
22ms Image
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxTi-NuAAEPiquj_rh1PnYQfkNuvGGv-T07V4qMTgYZPVmUi0K-tmziMiDwQMR4L-mDd9tAVVW6yncNuzfa6SYZyDifA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=60&adk=1603365305&adf=2862744360&pi=t.aa~a.4232182926~rp.1&w=660&fwrn=4&fwrnh=100&lmt=1680446904&rafmt=1&to=qs&pwprc=6981954120&format=660x60&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904821&bpp=1&bdt=1311&idt=1&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280%2C605x280%2C605x280%2C605x200&nras=6&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=302&ady=4769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=sRlpkZ9uoJ&p=https%3A//law.jaknet.my.id&dtd=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC6F 158 KB
49 KB 39ms
38ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680090252828925"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Apr 2023 14:48:35 GMT

GET
H2 200 16f0d4cb97c8e7eb77e268815c2afdab.js Show response
www.gstatic.com/mysidia/ Frame DC6F 34 KB
14 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16f0d4cb97c8e7eb77e268815c2afdab.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ae3bb0a509cfd77e56854034c90db2e31b6436cd887965bf492f9a0cf172656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 06:23:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14384
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 22:20:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 01 Jul 2023 06:23:50 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame DC6F 0
0 33ms
32ms Fetch
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpdaxwZUpZJmrKu6XqMwPltiFiAir6tOjb-6dxsecEc2PtLi1MhABILmw7zNgycapi8Ck2A-gAcbcjtIDyAEBqAMByAPLBKoElAJP0E8LQmQd3ZiCygrf_sjWQWKtfG_7CXmuCv5_JdQRVy2Ly5CfCzeTQTAxJStc0oGcHuWzNwqBGVtgb1hgdrrtVl7MXrTT1wHqcN5einMTm843LsLxqCXqCuAIl6YHji9j1p_dOA38DjAAtW8r-8voOP-kQ4Bdisk5mmntBCmfQ5hs5mB0Bxe32cWOcCJFVdK31j6Yi180g_Dm02EpvFIf1GQhO3tUnbiniX_K7GREYbgPVPZnmo1wqFPEDyJKcCrVTcOl3mh0FjY8j6CMI7LcLpCFfS9uQQrYNy5hfSgzLwvhlGbwrz1ozKe6l_U1GK63PyxUFLz3E2RVNStJmXOk0eD6KrwEJ6wOQZUTErwxcphdY-jABNLelpWXBJIFBAgEGAGSBQQIBRgEgAeio_EtqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQgKti0ggPCIBhEAEYXzICigI6AoBAgAoByAsB2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTMwODU0NTY4MDc1MDQ0OTIYAA&sigh=0DEhYveA6w4&uach_m=[UACH]&cid=CAQSKQDUE5ym5LFSe03hcO0JwojqvrhHCisLdWpQ4L7gYzSKcH-tYq1__WMcGAE&template_id=5001

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=60&adk=1603365305&adf=2862744360&pi=t.aa~a.4232182926~rp.1&w=660&fwrn=4&fwrnh=100&lmt=1680446904&rafmt=1&to=qs&pwprc=6981954120&format=660x60&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904821&bpp=1&bdt=1311&idt=1&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280%2C605x280%2C605x280%2C605x200&nras=6&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=302&ady=4769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=sRlpkZ9uoJ&p=https%3A//law.jaknet.my.id&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 02 Apr 2023 14:48:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/7621289346845600043/ Frame DC6F 1 KB
1 KB 4ms
4ms Image
image/png 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7621289346845600043/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2969e0c32ca58a1ebb57962af81120ef0507ec01e42cf747ea5571612b5301d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 13:45:29 GMT
x-content-type-options: nosniff
age: 176586
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1195
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 19:15:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Mar 2024 13:45:29 GMT

GET
DATA 200
OK truncated
/ Frame DC6F 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 86FA 143 B
228 B 7ms
5ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=60&adk=1603365305&adf=2862744360&pi=t.aa~a.4232182926~rp.1&w=660&fwrn=4&fwrnh=100&lmt=1680446904&rafmt=1&to=qs&pwprc=6981954120&format=660x60&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904821&bpp=1&bdt=1311&idt=1&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280%2C605x280%2C605x280%2C605x200&nras=6&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=302&ady=4769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=sRlpkZ9uoJ&p=https%3A//law.jaknet.my.id&dtd=6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1203
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:28:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1CBA 1 KB
682 B 6ms
5ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 68695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Apr 2023 19:43:40 GMT
etag: 48472445140208031
expires: Sun, 02 Apr 2023 19:43:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DC6F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14d8b7e6f9a151a65020c84d8da5f8f9f40461e7a1c4891c06fc77eaf992221e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1CBA
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDmQYpVX1vK7b-fc8vszc0U&google_cver=1&google_push=Aer7DvIzszdbpjSEKco6vV-Y4iNTVzFP59ZCVsArg_gT2mdtkLFB9I3U8tqFHu6wS8FeaZH-d1ImWbAxkj72_XpI...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CE3h3I2STPC7T_9NGjnQcw2&google_push=Aer7DvIzszdbpjSEKco6vV-Y4iNTVzFP59ZCVsArg_gT2mdtkLFB9I3U8tqFHu6wS8FeaZH-d1ImWbAxkj72_XpIE9rOw_q-5BI_hAo

170 B
188 B

26ms
26ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CE3h3I2STPC7T_9NGjnQcw2&google_push=Aer7DvIzszdbpjSEKco6vV-Y4iNTVzFP59ZCVsArg_gT2mdtkLFB9I3U8tqFHu6wS8FeaZH-d1ImWbAxkj72_XpIE9rOw_q-5BI_hAo

Requested by

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 02 Apr 2023 14:48:35 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CE3h3I2STPC7T_9NGjnQcw2&google_push=Aer7DvIzszdbpjSEKco6vV-Y4iNTVzFP59ZCVsArg_gT2mdtkLFB9I3U8tqFHu6wS8FeaZH-d1ImWbAxkj72_XpIE9rOw_q-5BI_hAo
x-host: tde-deliveryengine-production-86c874c4d8-8db69
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1CBA
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEHXpRpaQZxxRjvVQZXVtX2M&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NGJiNzZjODktZWU2Yy00MDRhLWE3ZjctOGM2OWJjNjcyMjJm&google_gid=CAESEHXpRpaQZxxRjvVQZXVtX2M&google_cver=1&google_push=Aer7DvKE...

170 B
188 B

23ms
23ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NGJiNzZjODktZWU2Yy00MDRhLWE3ZjctOGM2OWJjNjcyMjJm&google_gid=CAESEHXpRpaQZxxRjvVQZXVtX2M&google_cver=1&google_push=Aer7DvKEhH08TujKp0IzP6FcSd0N7vq8-FLUWcNsl1nToDr_DzxJHyh6v86HY_xw1gl0r53M3Gq3Fi8PybdBRVZoik7eXZhRothUV_M

Requested by

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NGJiNzZjODktZWU2Yy00MDRhLWE3ZjctOGM2OWJjNjcyMjJm&google_gid=CAESEHXpRpaQZxxRjvVQZXVtX2M&google_cver=1&google_push=Aer7DvKEhH08TujKp0IzP6FcSd0N7vq8-FLUWcNsl1nToDr_DzxJHyh6v86HY_xw1gl0r53M3Gq3Fi8PybdBRVZoik7eXZhRothUV_M
date: Sun, 02 Apr 2023 14:48:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1CBA
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAmSlYl0rezSGFsbXq1fFr4&google_cver=1&google_push=Aer7DvKhLzFacfOOl9lBV9vVp4Umc9DdMfxd1wRSeNRkAvcOuzecO8J0oPgEd8uP5Q_Z7TwtPdZ_y_eHLgLGybXbpMjV...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAmSlYl0rezSGFsbXq1fFr4&google_cver=1&google_push=Aer7DvKhLzFacfOOl9lBV9vVp4Umc9DdMfxd1wRSeNRkAvcOuzecO8J0oPgEd8uP5Q_Z7TwtPdZ_y_eHLgLGyb...
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7bab8abd-9b8a-4d65-90de-eb1b5f32d70d&ssp=google&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=419&user_id=10594718130084938031&ssp=google&gdpr=&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvKhLzFacfOOl9lBV9vVp4Umc9DdMfxd1wRSeNRkAvcOuzecO8J0oPgEd8uP5Q_Z7TwtPdZ_y_eHLgLGybXbpMjVtvDizq4lIi0&google_hm=e6uKvZuKTWWQ3usbXzLX...

170 B
188 B

24ms
23ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvKhLzFacfOOl9lBV9vVp4Umc9DdMfxd1wRSeNRkAvcOuzecO8J0oPgEd8uP5Q_Z7TwtPdZ_y_eHLgLGybXbpMjVtvDizq4lIi0&google_hm=e6uKvZuKTWWQ3usbXzLXDQ==

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvKhLzFacfOOl9lBV9vVp4Umc9DdMfxd1wRSeNRkAvcOuzecO8J0oPgEd8uP5Q_Z7TwtPdZ_y_eHLgLGybXbpMjVtvDizq4lIi0&google_hm=e6uKvZuKTWWQ3usbXzLXDQ==
Date: Sun, 02 Apr 2023 14:48:35 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1CBA
Redirect Chain

https://a.clickcertain.com/px/img/g/?google_gid=CAESEJJhp7Zt0iB5dK7un0bTN_s&google_cver=1&google_push=Aer7DvIVnCjMcc6_ZDoBEdCWBqa9KPpDPHkruoraQiRF6gBleR_rGDRlPStQEY0cl_KfiRfWu7nFDgbJ2jJkgXnmlxELz_2...
https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=f11e8ab6-670d-4dab-a486-e89c4283be1a&ccid=f11e8ab6-670d-4dab-a486-e89c4283be1a&redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuid...
https://i.liadm.com/s/56408?redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526google_...
https://a.clickcertain.com/px/li/?redir=https%253a%252f%252fsecure%252eadnxs%252ecom%252fgetuidu%253fhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fg%252f%253fdone%253dtrue%2526g...
https://secure.adnxs.com/getuidu?https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEJJhp7Zt0iB5dK7un0bTN_s&google_cver=1&google_push=Aer7DvIVnCjMcc6_ZDoBEdCWBqa9KPpDPHkruoraQiRF6gBleR_r...
https://secure.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fg%2F%3Fdone%3Dtrue%26google_gid%3DCAESEJJhp7Zt0iB5dK7un0bTN_s%26google_cver%3D1%26google_push%3DAer7DvIVnC...
https://a.clickcertain.com/px/img/g/?done=true&google_gid=CAESEJJhp7Zt0iB5dK7un0bTN_s&google_cver=1&google_push=Aer7DvIVnCjMcc6_ZDoBEdCWBqa9KPpDPHkruoraQiRF6gBleR_rGDRlPStQEY0cl_KfiRfWu7nFDgbJ2jJkg...
https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=Aer7DvIVnCjMcc6_ZDoBEdCWBqa9KPpDPHkruoraQiRF6gBleR_rGDRlPStQEY0cl_KfiRfWu7nFDgbJ2jJkgXnmlxELz_2XjrqR9fQ&google_hm=ZjExZThhYjYt...

170 B
188 B

21ms
21ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=Aer7DvIVnCjMcc6_ZDoBEdCWBqa9KPpDPHkruoraQiRF6gBleR_rGDRlPStQEY0cl_KfiRfWu7nFDgbJ2jJkgXnmlxELz_2XjrqR9fQ&google_hm=ZjExZThhYjYtNjcwZC00ZGFiLWE0ODYtZTg5YzQyODNiZTFh

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 02 Apr 2023 14:48:35 GMT
x-frontend: cc-nginx-54f86d7794-ctx9r:cc-nginx-54f86d7794-ctx9r
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-requestid: 5e518363-22c0-41a2-ba48-bd8ea96b4937
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYEzjBkpbdl64R1yHN7zN6l99%2BGKHd0ct4usgRRbTku6TzQyeja4AlJm7sR86KY5AyNp169v1QSTwEJ8BcTncUJzWB5LczbpflBY9witlyDrO0YwvpR4MtEKw6n9dO97ilG3KLUr5zSThwKBI8A%2BTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=clickcertain&google_push=Aer7DvIVnCjMcc6_ZDoBEdCWBqa9KPpDPHkruoraQiRF6gBleR_rGDRlPStQEY0cl_KfiRfWu7nFDgbJ2jJkgXnmlxELz_2XjrqR9fQ&google_hm=ZjExZThhYjYtNjcwZC00ZGFiLWE0ODYtZTg5YzQyODNiZTFh
cf-ray: 7b19dfa72d3e4316-EWR

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1CBA
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEKQjSJBmhjJSCpNnhrydOw8&google_cver=1&google_push=Aer7DvIQSGP_N08c79g3QVU8Qy31aVRu1oHlaTGlRJUfMvlrqS9c-O3Dd2wHjbwu567fe19YLLrWocrHJRsqDY3w2UMFJJSCl7uD7O0
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=Aer7DvIQSGP_N08c79g3QVU8Qy31aVRu1oHlaTGlRJUfMvlrqS9c-O3Dd2wHjbwu567fe19YLLrWocrHJRsqDY3w2UMFJJSCl7uD7O0&google_hm=xo-elUl7whQoetRglXMV...

170 B
188 B

22ms
22ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=Aer7DvIQSGP_N08c79g3QVU8Qy31aVRu1oHlaTGlRJUfMvlrqS9c-O3Dd2wHjbwu567fe19YLLrWocrHJRsqDY3w2UMFJJSCl7uD7O0&google_hm=xo-elUl7whQoetRglXMV9g==

Requested by

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:34 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=Aer7DvIQSGP_N08c79g3QVU8Qy31aVRu1oHlaTGlRJUfMvlrqS9c-O3Dd2wHjbwu567fe19YLLrWocrHJRsqDY3w2UMFJJSCl7uD7O0&google_hm=xo-elUl7whQoetRglXMV9g==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 6n133mdlfjdl353kqaleecorlcora052

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1CBA
Redirect Chain

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEJJRHnapIZjxZWcGazU81EQ&google_cver=1&google_push=Aer7DvJz05oVaIHfz6DE6xrGRpfc9Bj5TT-OwZnCPmCka7XplZpXPFrxF3ktvGr0hbend9VdyuZl8b-lI3ZFZGZfo2...
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQ1NTg3Mzg3MTg4Mzc4MDI4NTQ&google_push=Aer7DvJz05oVaIHfz6DE6xrGRpfc9Bj5TT-OwZnCPmCka7XplZpXPFrxF3ktvGr0hbend9VdyuZl8b-lI3ZFZGZfo285...

170 B
188 B

22ms
21ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQ1NTg3Mzg3MTg4Mzc4MDI4NTQ&google_push=Aer7DvJz05oVaIHfz6DE6xrGRpfc9Bj5TT-OwZnCPmCka7XplZpXPFrxF3ktvGr0hbend9VdyuZl8b-lI3ZFZGZfo285JfcZcXos5PY

Requested by

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQ1NTg3Mzg3MTg4Mzc4MDI4NTQ&google_push=Aer7DvJz05oVaIHfz6DE6xrGRpfc9Bj5TT-OwZnCPmCka7XplZpXPFrxF3ktvGr0hbend9VdyuZl8b-lI3ZFZGZfo285JfcZcXos5PY
Date: Sun, 02 Apr 2023 14:48:35 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1CBA
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEJGa-sDNdqy29XHr8-DQ_Jc&google_cver=1&google_push=Aer7DvJ1WI0uA_fXSxWR8PKKVszUk5pD5q6oQwYgo_5Gvluds4oHIxSZ_LlpnbHHU8JIjtaUY2bk...
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEJGa-sDNdqy29XHr8-DQ_Jc&google_cver=1&google_push=Aer7DvJ1WI0uA_fXSxWR8PKKVszUk5pD5q6oQwYgo_5Gvluds4oHIxSZ_LlpnbHHU8JIjt...
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=pKzxcx2PSvyG-ikpp2xe2w==&no_redirect=1&google_push=Aer7DvJ1WI0uA_fXSxWR8PKKVszUk5pD5q6oQwYgo_5Gvluds4oHIx...

170 B
188 B

23ms
22ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=pKzxcx2PSvyG-ikpp2xe2w==&no_redirect=1&google_push=Aer7DvJ1WI0uA_fXSxWR8PKKVszUk5pD5q6oQwYgo_5Gvluds4oHIxSZ_LlpnbHHU8JIjtaUY2bkeRs3IrRslSuKcE4IHdAEx6VClvMZ

Protocol

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Apr 2023 14:48:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=pKzxcx2PSvyG-ikpp2xe2w==&no_redirect=1&google_push=Aer7DvJ1WI0uA_fXSxWR8PKKVszUk5pD5q6oQwYgo_5Gvluds4oHIxSZ_LlpnbHHU8JIjtaUY2bkeRs3IrRslSuKcE4IHdAEx6VClvMZ
date: Sun, 02 Apr 2023 14:48:35 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1CBA 0
12 B 21ms
19ms Image
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JwhQo6_0UwVuWlR6kDTmeNb-PCM_xHbqAiDt3YMbmsX8mQvbwY7W9toKtm1e4xoVTM-FCmqw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 14:48:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 86FA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
145 B

30ms
29ms

Document
text/html

2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:48:35 GMT
expires: Sun, 02 Apr 2023 14:48:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Apr 2023 14:48:35 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame DC6F 28 KB
28 KB 5ms
4ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:22 GMT
x-content-type-options: nosniff
age: 447433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:22 GMT

GET sodar
pagead2.googlesyndication.com/getconfig/ 0
0

GET
H2 200 YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js Show response
pagead2.googlesyndication.com/bg/ Frame C425 36 KB
14 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YzZmA7a08v9f087fwqUDZorL-7TBHmPOgPW1cUS8ffQ.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63366603b6b4f2ff5fd3cedfc2a503668acbfbb4c11e63ce80f5b57144bc7df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 00:14:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 484469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14293
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 13:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Mar 2024 00:14:06 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame E67F 0
127 B 10ms
9ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 02 Apr 2023 14:48:36 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVcp6exIDgMPGeuZV0Tnx87F0T2e0aNJdU3AjYkwH_-mXeY0Sp8v4Ygu8_skqJGzHAzxZxiU13HrfTvzWaYLFqN7hq&sig=Cg0ArKJSzGcNqD9t8VdOEAE&id=lidar2&mcvt=1000&p=0,0,280,620&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230329&bin=7&avms=nio&bs=0,0&mc=0.69&if=1&vu=1&app=0&itpl=20&adk=269618546&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680446903998&rpt=1064&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWNpNPDp5zuxfEh1HHsOZBpQ3K782rwS2DNI4G3qMEkXgVsDfqbTah-BoZOEpjZ_Qc3x0UuD2ycw0tx5wAR29i6lkoH9QxT5HL-2h4VMGJ57jybedlIDem68KKqCWLct02CK8&sai=AMfl-YQ3nr3lsn7PRqY1Va_wwfJVaonePBVdbEyJm4CW2k7R47YCVDpH2Ep5JG6xFrnO7j855ZS5H56lRr6-&sig=Cg0ArKJSzHqNvd8Nybn-EAE&cid=CAQSGwDUE5ymNyIuJZELWOaSwgFOvbClxnb4HTrjXxgB&id=lidar2&mcvt=1000&p=0,0,280,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230329&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3321380828&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1680446903985&rpt=9943&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230329&st=env

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
s957290943.onlinehome.us/	1969-12-31 23:59:59	Name: PHPSESSID Value: 127f61d3d97fd9342d8dfcda7c9d4f6a
gadingpos.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: cq8q02993l1d0lhh450dc1i23d
law.jaknet.my.id/	1970-01-20 19:33:02	Name: HstCfa4668012 Value: 1680446903880
law.jaknet.my.id/	1970-01-20 19:33:02	Name: HstCla4668012 Value: 1680446903880
law.jaknet.my.id/	1970-01-20 19:33:02	Name: HstCmu4668012 Value: 1680446903880
law.jaknet.my.id/	1970-01-20 19:33:02	Name: HstPn4668012 Value: 1
law.jaknet.my.id/	1970-01-20 19:33:02	Name: HstPt4668012 Value: 1
law.jaknet.my.id/	1970-01-20 19:33:02	Name: HstCnv4668012 Value: 1
law.jaknet.my.id/	1970-01-20 19:33:02	Name: HstCns4668012 Value: 1
law.jaknet.my.id/	1970-01-20 19:33:02	Name: c_ref_4668012 Value: https%3A%2F%2Fgadingpos.com%2F
.doubleclick.net/	1970-01-20 10:47:30	Name: DSID Value: NO_DATA
.adsrvr.org/	1970-01-20 19:34:29	Name: TDID Value: 55801913-68aa-40d6-90d1-93edd95ff2fe
.yahoo.com/	1970-01-20 19:33:24	Name: A3 Value: d=AQABBLmVKWQCEEbFWR4Fj0Kbp5rAWDDC0xQFEgEBAQHnKmQzZAAAAAAA_eMAAA&S=AQAAAuZLn8Dpq6fEvEjWFY-Oah4
.quantserve.com/	1970-01-20 12:57:02	Name: d Value: EGQBCQHUKIEA
.quantserve.com/	1970-01-20 20:17:41	Name: mc Value: 642995b9-513f0-39968-1cc19
.adsrvr.org/	1970-01-20 19:34:29	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI_LCAievk2TsQBRgFIAEoAjILCKTK1LWB5dk7EAU4AQ..
.travelaudience.com/	1970-01-20 20:17:41	Name: _tracker Value: %7B%22UUID%22%3A%22084DE1DC-8D92-4CF0-BB4F-FF4D1A39D073%22%7D
.simpli.fi/	1970-01-20 19:34:29	Name: suid Value: 70D6C0BDFED9498EABFEF64436586E2A
.mediago.io/	1970-01-20 19:33:02	Name: __mguid_ Value: cd160c6627d953aaad554b5c8257d995
.casalemedia.com/	1970-01-20 19:33:02	Name: CMID Value: ZCmVuVw-a1z5myo7eT5NdgAA
.casalemedia.com/	1970-01-20 12:57:02	Name: CMPS Value: 1282
.casalemedia.com/	1970-01-20 12:57:02	Name: CMPRO Value: 1282
.doubleclick.net/	1970-01-20 20:23:26	Name: IDE Value: AHWqTUl1ES6xqTM4IkahbOs3l_ioO62gNfBkOIUNC7cHVwn2e9P7Trt4b46VHx-AHyU

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=280&slotname=3209449553&adk=269618546&adf=2034898094&pi=t.ma~as.3209449553&w=620&fwrn=4&fwrnh=100&lmt=1680446903&rafmt=1&format=620x280&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446903768&bpp=4&bdt=259&idt=223&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=322&ady=1008&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IDfT8ZBboi&p=https%3A//law.jaknet.my.id&dtd=228 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3085456807504492&output=html&h=200&adk=1305629257&adf=2291407919&pi=t.aa~a.1349293058~i.2~rp.4&w=605&fwrn=4&fwrnh=100&lmt=1680446904&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6981954120&ad_type=text_image&format=605x200&url=https%3A%2F%2Flaw.jaknet.my.id%2Fprotect-yourself-from-netflix-scams-insights-from-a-law-attorney%2F&fwr=0&pra=3&rh=152&rw=605&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1680446904773&bpp=1&bdt=1263&idt=1&shv=r20230329&mjsv=m202303270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C620x280%2C605x280%2C605x280%2C605x280&nras=5&correlator=1707897144982&frm=20&pv=1&ga_vid=953233131.1680446904&ga_sid=1680446904&ga_hid=680322561&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=337&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C44786919%2C21065724&oid=2&pvsid=1607426094954630&tmod=328628300&uas=0&nvt=1&ref=https%3A%2F%2Fgadingpos.com%2F&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=8bP305lL0d&p=https%3A//law.jaknet.my.id&dtd=37 Message: Failed to load resource: net::ERR_QUIC_PROTOCOL_ERROR
network	error	URL: https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEPQFiEK_b-ZjufG5Slk4vZU&google_cver=1&google_push=Aer7DvIJ4qHqF10MiB3qZa0DVGXmDjIjfv75Cxkq8kXd2sQD2wO0E8CnmJREE983FzyOChHBdraAEIvafKzhuA6p42VMod81PKv1i2s9G14fzJGBi5JeB5ia9sVw42UtitVer5LTgn4Zz1zqXBB9R6QjGHyuoOiQ Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clickcertain.com
a.tribalfusion.com
ad.doubleclick.net
ads.travelaudience.com
ads.us.criteo.com
adservice.google.com
b1sync.zemanta.com
c.eu1.dyntrk.com
c1.adform.net
cat.va.us.criteo.com
cc.adingo.jp
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csm.us.criteo.net
dsp.adkernel.com
fonts.googleapis.com
fonts.gstatic.com
gadingpos.com
googleads.g.doubleclick.net
i.liadm.com
im.bluevoox.com
law.jaknet.my.id
match.adsrvr.org
mweb.ck.inmobi.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.us.criteo.net
pm.w55c.net
pr-bh.ybp.yahoo.com
richinfo.co
rtb.da.us.criteo.com
rtb.mfadsrvr.com
rtb.openx.net
rtb.pushdom.co
rtb.va.us.criteo.com
s.tribalfusion.com
s.uuidksinc.net
s.w.org
s10.histats.com
s4.histats.com
s957290943.onlinehome.us
secure.adnxs.com
ssum-sec.casalemedia.com
static.criteo.net
sync-dmp.mobtrakk.com
sync.teads.tv
tpc.googlesyndication.com
trace.mediago.io
um.simpli.fi
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
pagead2.googlesyndication.com
104.45.178.220
142.250.65.226
142.250.80.102
162.19.80.92
174.137.133.49
185.167.164.43
185.98.54.153
192.0.77.48
192.40.39.223
2600:1f18:4e9:5a07:b04c:a5b:144b:e538
2606:4700:20::ac43:4acf
2606:4700:3030::ac43:a1a9
2606:4700:3037::6815:300a
2606:4700::6811:180e
2606:4700::6812:19ad
2607:f1c0:100f:f000::200
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80e::2004
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2002
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::2001
2607:f8b0:4006:820::2002
2607:f8b0:4006:823::200a
2607:f8b0:4006:824::2003
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::a
2620:100:a005::14
2620:116:800b:21:b08a:1dc5:659b:4055
2a02:2638:3::3
3.135.132.32
3.219.243.35
3.33.220.150
34.171.234.26
35.186.253.211
35.190.0.66
35.190.90.30
35.207.24.140
35.208.249.213
35.211.178.172
38.100.129.10
46.105.199.75
46.105.201.240
50.31.142.95
52.45.175.185
54.158.178.228
54.174.191.203
54.39.156.32
68.67.161.208
74.119.119.147
96.6.23.74
0058220d3d68ca88e1b6aa9b62140c3c22008963ec1d93edc01684aa758f5e6b
01b7439ee9f9c7129219885ac45e1cc45572521d78743a31e2bd2c36ed80ed5b
07278903fee8b0eeee890f00eee5a19b3a49159818b9744a2a6f8454af81e3a1
07a2b6eb9b8f3acf19e416ca921a1370427f1dd9a15bef013ce6a11824f2fe02
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
097254c49033a79a34e41ac2d89bce7d11d069074c45dc3055fe76885a78f7ac
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c320d790dba4c17895962386aa3587aff97e96a7c499f37dd47bf299431ce41
0d52bfffb1d0a8173530d9eae86fc922dea30c85ef8cf4bed65ad3ffcbff8c6d
14d8b7e6f9a151a65020c84d8da5f8f9f40461e7a1c4891c06fc77eaf992221e
167b257107cabdb59f856f00b9f9947ccea131594fda5897adb27503126a6a69
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9
23fd81d329b7e97e25a6aa9ccb2e5d97c0859fc735b6afd6db47e21bfd75a07a
284dff49f0f53ffb94d8ccaeb520aa4a861c5f6616162e2e7a762771741bb319
2969e0c32ca58a1ebb57962af81120ef0507ec01e42cf747ea5571612b5301d3
296f0b28cff52162ae66b9088f82dda32ef79049fd376eeba7a170c52a2d2905
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ae93a98c64c521dcac0afce28bf29f3b9511b1b5c6ed4db2771919b26750e68
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f330358217ddd16d2bffbc78f1970203c2d61abfa5b15456c8e20c2df58fe35
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3d0bc8b9cb6fff60deed944d698675f3533abff7818138839a46526806afce3a
3d1bdc815dc84364a7b951c266d61a5a1b8d1bbb1af6834fc29188eb0f22ea4a
4713ba70d3078d169863a788fb9f673ca585aa1d52ffda1745610d433166971e
4869765abcf18f052365adebfebb679f211fb3836067e4ea957d2f4fde54a26f
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4bb2bd8c01ccdb64da91f01f69db14391645f248ab4929ce214a2190cb46bde9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406
5793adf23adfe289e6333e8a8ee1b4e555d067bd24addfaa6ef47bd58571f088
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
63366603b6b4f2ff5fd3cedfc2a503668acbfbb4c11e63ce80f5b57144bc7df4
67f28ddefe23da4b704e5e79e144f75ca1d0e300fd02f131ab4ef6c455a2e2ae
6ae3bb0a509cfd77e56854034c90db2e31b6436cd887965bf492f9a0cf172656
6c521688c151d3a95e18bf631fac794afda0cbf9daea79783b76f6c76b83ad92
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477
7d5e2c8f259d9f8be3197487826c56d6781c9547b264e16e3999cc7534268935
7e82973475784142e2f5c7d68989b97ae9090cda3fdcfeb54c6f652b29228667
84b7e5b0ced0959a51ac48305182f6d3365ec28cf48cdb09e1418be3a1709f79
8896b47c8e11be400ad0ec44d37dc687929f68e69f562abdce4ff22627219fe5
8aa94c2ca197966159961a0a89d5d655287e60d76500af406059ecb1066cb653
8c2bab8b60ce536537cef62376cc09861a7b2975684ff2ea46586451b9513262
8e93414f896d6002f025697fd592d2393994fc8b21be6061dd55b8df904aa245
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f3c0670f8337fbb53a18717b57cc78492a76631dbdc5a1e466745e8d9dc5053
8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c84b162076cb6ffaaee936088c3a27a448eb4675e8babceba441650a735718
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8a7c6483f73f962abb0f768408bc73c219a0164ee43f60ac57595d314c1bebe
aa93efe5924532e26cd53a0f8c4f15052599134dbee5eda2edcd894674ec566d
abcd46833e797d7874ca739d58831beaeb19cb85b441cf48c827e33cfef14927
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ae85a93d8063828f7b05acb75a87c45cbd36eb04a9ace9f7793e51ee81c16167
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b82e7af123915691ea31e2a9e6ec992e9fe4b184d7363c4176f57433f5ff6de7
c44281f4bb8ff38abac65a706f1f01dd6dcfe5b666bf7fc951b7cb508a078dcc
c7f63af26bfb83d3c84006d4c8649c676dc5b6ed2529841792ee380fb6124e71
c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cbb52074e1017e80f4581457a5674544fd07a87a73616f257e072efb790582de
d172c7a7d560ee869c812c4ac36c85cc951ff822a10f4a1c8a845ae5769b8e7a
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7c8656f7e7e5f22a849a5c283f182b183be807e931dba6bc7e07d542c36e417
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088
ea8bdaf9d3679df5dae432416a9cb041ef81ef8e0b7a511bf9a2865d680bb3b0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f63de180098b5669cddeef897441f372161e25dde239a7f6fc03f5cb5ecec4be

law.jaknet.my.id Open in urlscan Pro 2606:4700:3030::ac43:a1a9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

223 Requests

86 %HTTPS

43 %IPv6

43 Domains

55 Subdomains

31 IPs

3 Countries

3860 kBTransfer

6631 kBSize

23 Cookies

6 Outgoing links

Page URL History

Redirected requests

223 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

law.jaknet.my.id Open in urlscan Pro
2606:4700:3030::ac43:a1a9 Public Scan

Screenshot
Live screenshot

Full Image

223
Requests

86 %
HTTPS

43 %
IPv6

43
Domains

55
Subdomains

31
IPs

3
Countries

3860 kB
Transfer

6631 kB
Size

23
Cookies

223 HTTP transactions
7 data transactions